Best click fraud protection 2026

Every "best click fraud protection" listicle on page one of Google is either written by a vendor ranking itself first or copied from a 2023 template that pretends the category has not changed. It has changed, substantially, and the change happened at a layer most legacy tools still do not touch.

Lunio's January 2026 report put $63 billion in wasted ad spend from invalid traffic in 2025 alone. TikTok ran 24.2% IVT. LinkedIn 19.88%. X 12.79%. Google Ads 7.57%. Google Display 12.02%. Google Video 20.62%. TrafficGuard's per-industry estimates put paid-search fraud between 14% and 22% depending on vertical. Bot traffic crossed 50% of total internet traffic in 2025, with bad bots accounting for roughly 37% and AI-agent traffic up 187% year over year according to DataDome and ClickFortify analysis.

This is a ranking built on a transparent rubric, scored the same way for every tool including DataCops. Six criteria: detection accuracy, platform coverage (Google, Meta, Microsoft, TikTok, LinkedIn), server-side and CAPI integration, consent compliance, pricing per 1,000 clicks, and evidence transparency. Where a competitor is genuinely better for your use case, this guide says so.

Quick answers

What is the best click fraud protection?

It depends on what problem you are actually solving. For SMB Google Ads budgets under $5,000 a month, ClickPatrol or Fraud Blocker handle IP and pre-click filtering well at $69 to €79 a month. For agencies managing multiple accounts with granular rule control, ClickGUARD at $119 to $159 a month is a strong fit. For enterprise bot defense across login flows, scraping, and ad inventory, HUMAN Security or DataDome operate at a different scale entirely. For teams that need bot conversions filtered out of the CAPI stream itself, so they never train Smart Bidding or Meta Advantage+ on junk signals, DataCops is the only tool in this list that does that while also bundling first-party analytics and a TCF 2.2 consent manager. See also Best PPC Fraud Protection Tools 2026 and Best Invalid Traffic Detection Tools 2026 for adjacent comparisons.

Does click fraud protection actually work?

For pre-click IP and device-fingerprint filtering, yes, within limits. Enterprise stacks report cutting bad-bot requests by 60% to 95%. The harder question is whether bot conversions are still reaching your conversion APIs and training bidding algorithms after the click. That is the 2026 gap. A bot that loads your thank-you page and fires a pixel event is invisible to most IP blockers.

How much does click fraud protection cost?

SMB tools run $63 to $159 a month, usually billed annually with a 12-month lock-in. Mid-market platforms start around $500 a month. Enterprise is sales-led with minimum project sizes typically north of $50,000. DataCops runs $0 on the free tier (unlimited bot detection, no CAPI), $7.99/month on Growth, and $49/month on Business where CAPI filtering starts. DataCops pricing is published without lock-in requirements.

Can Google detect click fraud automatically?

Google does issue invalid-click credits through its automated systems. The problem is the credits arrive after the fact, and bot conversions Google did not catch in real time already updated Smart Bidding's model. By the time your refund posts, the algorithm has already spent more budget chasing that traffic source. The goal in 2026 is prevention at the conversion layer, not recovery.

What percentage of clicks are fraudulent in 2026?

Lunio's data: TikTok 24.2%, LinkedIn 19.88%, X 12.79%, Bing 10.32%, Meta 8.2%, Google Ads 7.57%, Google Display 12.02%, Google Video 20.62%. TrafficGuard puts paid-search fraud in the 14% to 22% range by vertical. ClickFortify and Fraudlogix aggregate data puts the average Google Ads invalid click rate around 11.5%.

Is ClickCease worth it?

For straightforward Google Ads IP blocking with minimal setup, ClickCease does the core job at around $63 a month billed annually. The recurring complaint on Trustpilot is the pricing presentation: the monthly figure is prominent, the 12-month non-refundable lock-in is in smaller text, and canceling mid-term does not stop billing. If you are fine with that billing structure, the product works as advertised.

How do I prevent click fraud on Google Ads?

Layer the defenses. Exclude Google Search Partners if you cannot monitor partner network quality. Add IP exclusions and device bid adjustments based on your own data. Use a dedicated click fraud tool for automated IP list maintenance. Then address the deeper problem: install server-side tracking so bot events do not reach your conversion API. Google Ads Click Fraud: How to Identify and Block Bot Traffic in 2026 walks through the full stack.

What is the difference between IVT and click fraud?

IVT (invalid traffic) is the MRC-defined category covering all non-human and fraudulent traffic, including GIVT (general invalid traffic from known bots/crawlers) and SIVT (sophisticated invalid traffic from fraud operations). Click fraud is PPC-specific: deliberate clicks to drain competitor budgets or inflate affiliate commissions. Fake-conversion fraud is a third type: bots that complete forms or fire purchase events to poison Smart Bidding. Most tools address the first two. Very few address the third.

The 2026 problem is conversions, not IPs

Every legacy click fraud tool does the same thing: detect a suspicious IP, add it to Google's negative-IP exclusion list, repeat. That workflow was adequate when fraud was mostly humans clicking your ad to waste your budget. It is not adequate for the fraud pattern that emerged in 2024 and scaled through 2025.

The feedback loop of doom works like this. A bot network mimics a real user journey: loads a landing page, spends 45 seconds, fills a lead form, fires a conversion event. That event reaches Meta CAPI or Google's Enhanced Conversions. Smart Bidding records it as a successful conversion from a particular traffic source, audience segment, or device cluster. The algorithm increases bids on that cluster. More bot traffic flows in from the same source. The cycle repeats.

Standard IP blockers interrupt the click but not the conversion event. If a bot gets past the click-blocking layer, or if you are running Meta's native Conversions API where there is no click to block, the conversion still fires. That is where the 2026 category splits.

Practitioners on r/PPC have reached a blunt consensus: "Skip IP blocking; it is useless primarily. You will miss around 95 to 99% of click fraud." That is an overstatement for SMB Google Ads budgets where IP exclusion does provide meaningful waste reduction, but it accurately describes the limitation for anyone running Performance Max, Value-Based Bidding, or multi-platform attribution.

The tools below are organized by where they intervene: at the click layer (legacy), at the request/session layer (behavioral), or at the conversion API layer (new). The decision tree at the bottom maps these capabilities to your actual setup.

Scoring rubric

Every tool is scored on a 10-point scale across six criteria.

Detection accuracy: verified claims, third-party audit evidence, or credible customer benchmarks, not vendor assertions alone.

Platform coverage: Google Ads, Meta Ads, Microsoft Ads, TikTok Ads, LinkedIn Ads. Full marks for all five, deductions for gaps.

CAPI/server-side integration: does the tool filter events before they reach the conversion API, or does it only block at the click layer?

Consent compliance: built-in CMP or TCF 2.2 support, or requires a separate tool. With Google Ads Consent Mode v2 mandatory for EEA advertisers from June 15, 2026, this is no longer optional. See Best Privacy-Friendly Analytics Tools in 2026 for a consent-focused comparison.

Pricing per 1,000 clicks: normalized against published traffic caps. Lower is better; hidden pricing scores zero on transparency.

Evidence transparency: public third-party audits, named customer case studies with verifiable numbers, or MRC accreditation. Vendor-authored blog posts alone score low.

Filter-first tier: CAPI-stream fraud filtering

1. DataCops

DataCops is the only tool in this ranking that filters bot traffic before it reaches the server-side Conversion API. The mechanism is a 361-billion-IP database (146.4B datacenter IPs, 202B residential and mobile, 11.9B VPN, 620M proxy, 160,000 fraud email domains) that evaluates each session before the conversion event is forwarded. Bots do not reach Meta CAPI, Google Enhanced Conversions, TikTok Events API, or LinkedIn Insight CAPI. Smart Bidding never receives the signal.

What works: First-party subdomain deployment (datacops.yourbrand.com) survives uBlock Origin, Brave Shields, Pi-hole, and iOS Safari ITP, where third-party scripts are blocked 30% to 40% of the time. TCF 2.2 certified CMP is included on every plan at no additional cost, which matters for EEA advertisers facing the June 2026 Consent Mode v2 deadline. CAPI coverage spans Meta, Google, TikTok, and LinkedIn from a single Business plan. Setup is 5 to 30 minutes: one script tag, one CNAME, no GTM required. Bot detection is unlimited on the free tier. Pricing is published without a lock-in requirement.

What does not work: SOC 2 Type II certification is in progress, not complete. Newer brand than Stape, Elevar, or Datahash means a shorter enterprise track record. Pinterest and Snapchat CAPI integrations are not available. Integration catalog is narrower than Tealium or mParticle for enterprise data pipelines. HubSpot integration starts on Business ($49/month), not the lower tiers.

Who should use it: Multi-platform advertisers (Google + Meta + TikTok + LinkedIn) who want bot-filtered conversion data in one stack without managing separate GTM infrastructure, a separate CMP, and a separate fraud tool. Particularly strong fit for lead-gen businesses where bot form fills poison CRM data and Performance Max optimization simultaneously.

Value for money: 8.5/10. The bundled bot filtering plus CAPI plus CMP at $49/month Business is a fundamentally different price-to-feature ratio than assembling equivalent pieces separately.

Pricing: Free (2,000 sessions/month, unlimited bot detection, no CAPI), Growth $7.99/month (5,000 sessions, no CAPI), Business $49/month (50,000 sessions, all four CAPI platforms, bot-filtered events), Organization $299/month (300,000 sessions), Enterprise custom.

CAPI starts at Business $49. Not at Growth $7.99.

DataCops Fraud Traffic Validation | DataCops Conversion API | DataCops First-Party Analytics

SMB click fraud SaaS tier (under $200 a month)

These tools automate the negative-IP exclusion list for Google Ads. Core detection is adequate for most SMB budgets. The meaningful differences are billing structure, platform breadth, and whether the tool extends beyond Google.

2. ClickCease (CHEQ-owned)

ClickCease is the most widely deployed SMB click fraud tool, with over 14,000 customers, and became part of the CHEQ enterprise security platform in 2020. The 2025 and 2026 product focus has been preventing ad pixels from firing on invalid users, specifically for Performance Max and Value-Based Bidding.

What works: Runs approximately 2,000 behavioral tests per visit, more than most competitors in this tier. Covers Google Ads, Meta, and Microsoft Ads. Unlimited Google Ads accounts on every plan. Seven-day free trial. Enterprise-grade detection engine via CHEQ integration. Real-time IP blocking rather than purely retrospective list maintenance.

What does not work: The most-cited Trustpilot complaint across multiple verified reviews is the billing presentation. Pricing pages show the monthly figure prominently and bury the 12-month non-refundable term in smaller text. Users report that canceling mid-term does not stop billing until contract end. Month-to-month pricing runs more than 30% above the advertised price. TikTok and LinkedIn are not covered. No server-side CAPI filtering, so bot conversions can still reach Smart Bidding through the pixel.

Value for money: 6/10. Solid detection for the price, large support community. The billing structure warrants reading the full terms before signing.

Pricing: $63/month billed annually. Month-to-month significantly higher.

3. ClickGUARD

Rebranded in September 2025 with a new dashboard and AI-powered cross-channel reporting across Google, Meta, and Microsoft Ads. The granular click-rule engine lets power users configure behavior-based blocking beyond IP lists.

What works: The most customizable rule engine in the SMB tier, useful for agencies with clients across multiple verticals. Multi-currency billing (USD, EUR, GBP) with no annual lock-in, a meaningful contrast with ClickCease. Covers Google, Meta, and Microsoft Ads. Added Meta support in 2025.

What does not work: The 2025 rebrand raised entry pricing. Lite is $74/month for up to $5,000/month ad spend, pushing most active advertisers into Standard ($119/month) or Pro ($159/month). Setup complexity is higher than ClickCease. No TikTok or LinkedIn coverage. No CAPI-stream filtering.

Value for money: 7/10. The rule engine and honest billing are genuine advantages. Expect to land on the $119 to $159 tier in practice.

Pricing: Lite $74/month, Standard $119/month, Pro $159/month.

4. Fraud Blocker

Lowest published entry price in the click fraud SaaS category.

What works: $69/month is the SMB price anchor for this category. 100-plus signals per visitor including device fingerprinting, VPN detection, and proxy detection. Strong review scores: G2 4.6/5, Capterra 4.7/5, Trustpilot 4.4/5. Auto-blocks fraudulent IPs in Google Ads without manual rule writing.

What does not work: AppSumo reviewers correctly flag the reactive limitation: the tool adds IPs to a negative list after a fraudulent click, and Google's negative-IP exclusion list expires entries every 30 days. Customer support is responsive on public review platforms but slower on direct tickets. Annual-billing-as-monthly presentation mirrors the industry pattern. No CAPI integration.

Value for money: 6.5/10. Cheapest credible option. Works as described, but expectations should be calibrated to IP-list maintenance, not AI magic.

Pricing: $69/month billed annually.

5. ClickPatrol

Netherlands-based, GDPR-native, strong EU positioning.

What works: 800-plus data points per click, claims 99.97% bot-detection accuracy. Four modules in one subscription: ad protection, audience cleanup, data protection, and form spam defense. G2 4.6/5, Capterra 4.7/5. Strong coverage for Google Ads, Microsoft Ads, Facebook, and LinkedIn. From €59/month.

What does not work: EU-only focus means less depth on TikTok and emerging platforms. No server-side CAPI filtering. No bundled CMP for Consent Mode v2 compliance.

Value for money: 7.5/10. The per-click-data-point depth and GDPR-native design are genuine advantages for EU-focused advertisers.

Pricing: From €59/month.

Mid-market IVT platforms

These tools extend beyond PPC click fraud into broader invalid traffic detection across paid social, programmatic, and in some cases affiliate channels.

6. Lunio (formerly PPC Protect)

Lunio repositioned from pure click-fraud blocker to a broader invalid traffic intelligence platform in 2023 and has continued moving up-market. May 2026 brought a new affiliate fraud detection product after $2.8 billion in affiliate click fraud losses in 2025 per their own report.

What works: Detailed per-channel IVT benchmarks (their January 2026 report is the most-cited data source in this article for good reason). Covers Google, Meta, LinkedIn, Microsoft, programmatic, and now affiliate networks. Mid-market analytics and marketing-insights angle differentiates it from pure blockers. Strong content authority in the IVT space.

What does not work: Pricing is not published. Sales-led engagement makes SMB and agency evaluation slow. The pivot toward enterprise reporting leaves a gap for SMB advertisers who want simple protection, not intelligence dashboards. No CAPI-stream filtering for conversion-layer fraud.

Value for money: 6/10 for SMB (opaque pricing, feature excess). Higher for mid-market teams who need the analytics layer.

Pricing: Not publicly disclosed.

7. TrafficGuard

Positions as full-funnel IVT detection across paid search, paid social, mobile apps, programmatic display, and affiliate. Heavy content investment in 2026 around per-industry fraud benchmarks.

What works: Industry IVT benchmarks are legitimate and frequently cited by practitioners. Multi-channel coverage is broader than SMB tools. Strong on mobile-first use cases.

What does not work: Pricing is entirely opaque, no published tiers. The TrafficGuard blog ranks itself at the top of its own "best click fraud tools" list, which is the vendor-bias pattern this article exists to counteract. No published CAPI integration. Verification of detection accuracy claims requires requesting a trial, not a self-serve evaluation.

Value for money: Cannot score accurately without pricing transparency. Sales-led by default.

Pricing: Not published.

8. CHEQ

Enterprise go-to-market security platform post-Deduce acquisition. ClickCease is CHEQ's SMB product; the CHEQ platform itself targets enterprise ad fraud, identity fraud, and customer acquisition quality.

What works: Deep enterprise bot management, identity fraud detection, and audience integrity across paid and organic. Broadest detection signal set in the enterprise tier. Post-Deduce acquisition added identity-level fraud signals.

What does not work: Enterprise pricing and sales process. Not relevant for SMB or agency use cases. Verification requires an enterprise engagement.

Value for money: Not scoreable without pricing. Enterprise tier only.

9. Anura

Bot detection built for advertisers, lead generation, and affiliate networks.

What works: Real-time session analysis using 100-plus data points, claims 0% false positives. Covers display, native, search, video, and affiliate traffic. Transparent detection reporting with dedicated dashboard per account. Strong lead-generation and affiliate use case.

What does not work: Focused on pre-click and pre-form detection. No published CAPI integration for server-side filtering. Pricing requires a quote.

Value for money: 7/10 for lead-gen advertisers specifically. Narrower relevance for pure PPC.

Pricing: Custom quote.

Enterprise bot management tier

10. HUMAN Security (formerly White Ops)

Enterprise bot management across advertising, application security, and payment fraud. PerimeterX was acquired and integrated in 2022.

What works: MRC-accredited for IVT detection. Covers display, video, CTV, mobile, and in-app. Threat intelligence network spans over 20 trillion interactions per week. Applied to ad verification, account takeover, and payment fraud in one platform.

What does not work: Minimum engagement sizes and pricing are enterprise by definition. Not relevant for Google Ads SMB or direct-response CAPI use cases.

Value for money: 8/10 for enterprises needing MRC-grade verification. Zero relevance for SMB.

11. DoubleVerify and Integral Ad Science (IAS)

Both are MRC-accredited ad verification platforms used by agencies and large brands for programmatic inventory quality. DoubleVerify and IAS score viewability, brand safety, and IVT on impressions before and after ad serving.

What works: Gold-standard for programmatic media verification. Required by large brands and trading desks. MRC accreditation provides third-party audit trail.

What does not work: Neither tool is designed for PPC click fraud protection on Google or Meta direct buys. No CAPI integration. Enterprise-only pricing. Overkill and mismatch for most SMB or mid-market use cases.

Value for money: 9/10 for programmatic at scale. Irrelevant for direct PPC buyers.

12. DataDome

Real-time bot and fraud protection for high-traffic web apps, APIs, and mobile applications.

What works: Sub-2ms response time for bot detection. Strong on scraping prevention, credential stuffing, and account takeover in addition to ad fraud. AI model updates continuously from global traffic signals.

What does not work: Designed for application-layer protection, not specifically for PPC campaign management. No native CAPI integration for conversion-stream filtering. Enterprise pricing.

Value for money: 8/10 for web applications. Partial overlap with the PPC click fraud use case.

Specialist and adjacent tools

Fraudlogix: Live blocklist of 30 million-plus high-risk IPs, 20 fraud-detection signals, real-time IP risk scoring. Programmatic-first with MRC accreditation angle. Less relevant for SMB Google/Meta direct-buy advertisers. No published SMB pricing.

24metrics: Real-time blocking with VPN/proxy and click-flooding detection. Affiliate-network heritage. Orthogonal to CAPI-integrated paid media protection.

Hitprobe: Fraud detection combined with analytics. Smaller footprint, limited third-party verification. Interesting for teams wanting a combined fraud-plus-analytics view without full server-side stack.

Kasada, Imperva, Shape Security (F5): Enterprise WAF and bot management. Relevant for large-scale web infrastructure protection. Not PPC tools.

Pixalate: IVT measurement for CTV, mobile app, and programmatic. MRC accreditation for in-app. Not relevant for direct Google/Meta PPC.

GeoEdge, Moat (Oracle), Forensiq (Impact): Ad quality, viewability, and fraud measurement for programmatic inventory buyers and publishers. Not direct PPC protection tools.

Spider AF: Real-time bot detection with focus on Japanese and APAC markets. Publishes strong ad fraud data (projecting $37.7B in annual losses in 2024, trending up). Detection approach is IP/device fingerprint, not CAPI-level filtering.

Singular, Adverity: Mobile attribution and marketing analytics with IVT components. Different category: measurement-focused rather than protection-focused.

Feature comparison table

DataCops is the only tool in this table that filters bot traffic before it reaches the CAPI stream, includes a TCF 2.2 CMP, and covers all four CAPI platforms (Meta, Google, TikTok, LinkedIn) at SMB pricing.

Buyer decision tree

You run Google Ads only, under $5,000/month spend, no CAPI: ClickPatrol or Fraud Blocker at $69 to €79/month. No need for server-side complexity at this scale. Focus on negative-IP automation and form spam protection.

You run Google Ads only, $5,000 to $50,000/month, care about rule granularity: ClickGUARD Standard or Pro ($119 to $159/month). Cancel-anytime billing, best-in-class rule engine, no annual lock-in.

You run Google + Meta + TikTok + LinkedIn, any budget, bot conversions are a concern: DataCops Business ($49/month). Filters bot events before they reach any of the four CAPI platforms. Bundles consent management. No GTM required.

You run a Shopify store, 7-figure GMV, deep order-level tracking is priority: Elevar at $200 to $950/month delivers millisecond-accurate order data. Add DataCops for bot filtering on top of Elevar's tracking if budget allows. See Best Shopify Conversion Tracking Tools for that comparison.

You run Performance Max and suspect bot conversions are poisoning Smart Bidding: This is DataCops's core use case. Standard click fraud tools do not break the PMax feedback loop because they operate at the click layer. Filtering the conversion event is the fix.

You need enterprise WAF and bot management across your full web stack, not just PPC: HUMAN Security, DataDome, or Kasada. Different product category. Budget accordingly.

You are an EU advertiser needing GDPR consent and fraud protection in one tool: DataCops bundles TCF 2.2 consent manager at no extra cost, which matters against the June 15, 2026 Google Ads Consent Mode v2 deadline. See Best Privacy-Friendly Analytics Tools in 2026 and First-Party vs. Third-Party Data: The Ultimate Guide for 2026 and Beyond.

You run affiliate programs: Lunio's new affiliate fraud product (May 2026) is purpose-built for this, given that $2.8 billion in US affiliate fraud was documented in 2025. DataCops's signup verification (SignUp Cops) covers fake form submissions but not broad affiliate network traffic.

You are a lead-gen business where bot form fills pollute CRM and CAPI simultaneously: DataCops is the relevant choice here because a single bot that fills a lead form can corrupt both your CRM pipeline and your Smart Bidding model at the same time. HubSpot AI Lead Scoring covers the downstream CRM deduplication angle.

When NOT to use DataCops

DataCops is not the right answer in four specific scenarios.

Shopify-only stores at 7-figure GMV where millisecond order tracking fidelity is the top priority. Elevar's deep Shopify integration provides order-level precision that DataCops does not replicate. If your attribution accuracy on Shopify revenue data is the constraint, start with Elevar and add fraud filtering separately.

In-house GTM engineers who want full container control and 80-plus template flexibility. Stape at $17 to $83/month plus Cloud Run infrastructure is the infrastructure layer of choice for teams comfortable with GTM complexity. DataCops is designed for teams who want the outcome without the assembly. Best Server-Side Tracking Tools 2026 covers that comparison.

Organizations with a mandatory SOC 2 Type II procurement requirement today. DataCops's SOC 2 Type II certification is in progress. If your procurement team cannot approve vendors without it, wait for completion or choose a tool that has it now.

Businesses that run Google and Meta exclusively and only need basic IVT reduction, not CAPI-level filtering. Meta's free 1-click CAPI (launched April 2026) and Google Tag Gateway (launched January 2026) handle basic server-side forwarding at $0. If you do not need bot filtering in the CAPI stream, the free native options are sufficient for a single-platform setup. See Best Meta 1-Click CAPI Alternative 2026 and Best Google Tag Gateway Alternative 2026 for when the free native tools fall short.

What this category looks like in 2027

The agentic-AI trend is the category's biggest unsolved problem. AI-driven bots mimicking full user journeys, including extended page dwell, multi-step form completion, and session depth that passes behavioral heuristics, represent a detection challenge that IP and device fingerprinting cannot reliably answer. DataDome and ClickFortify analysis puts AI-agent traffic growth at 8x the rate of human traffic, with a 187% year-over-year increase in 2025.

The practical implication is that first-party enrichment, behavioral signals from your own subdomain, and conversion-layer filtering will matter more than blocklist lookups. Tools that operate pre-CAPI have a structural advantage because the signal being filtered is a server-to-server event, which is harder for bots to simulate convincingly than a browser click.

The category will also fragment further. Click fraud protection, IVT measurement, conversion fraud prevention, and affiliate fraud detection are increasingly distinct disciplines with distinct tool requirements. Most of the SMB tools in this list will continue bundling them loosely; the winners in each vertical will specialize.

Pricing transparency will remain a wedge. ClickCease's annual lock-in complaints are the most prominent example, but TrafficGuard's complete pricing opacity and Lunio's sales-led model both create friction for buyers who want to evaluate before engaging with a sales team. Tools with published, honest, month-to-month-optional pricing will continue to win SMB buyer trust.

The conversions you sent to Meta and Google's Smart Bidding last month: what percentage of them came from humans you could actually verify?

---

Related reading:

• Best Invalid Traffic Detection Tools 2026
• Best PPC Fraud Protection Tools 2026
• Google Ads Click Fraud: How to Identify and Block Bot Traffic in 2026
• Best Server-Side Tracking Tools 2026
• Best Fake Account Detection 2026
• Best Multi-Account Abuse Detection
• The First-Party Data Stack: Tools, Platforms, and Best Practices for 2026