Website cookies. Safari and Firefox have already stopped allowing them and Chrome is eliminating cookies by the end of 2023. When we refer to cookies going away, we’re specifically referring to third-party cookies. These are the browser cookies used within the ad-tech ecosystem for things like:
- Cross-site tracking
- Ad serving
- Frequency capping
- Ad optimization
- Audience-based dynamic creative optimization (DCO)
- Existing identity linkages
- Multi-touch attribution
First-party cookies (which will continue to exist and be used by site owners) are used to remember things like your site login information, language settings, or products in your shopping cart. These can also be used to store identifiers. The key difference is that first-party cookies are only visible when a user returns to the site where the cookie was set. Whereas, third-party cookies can be detected by the site that sets them—even when a user’s browser visits other sites.
So if third-party cookies are so useful, you might wonder why they are going away. The main reason is data privacy. Data privacy regulations like the EU’s GDPR and California’s CCPA are forcing opt-in or opt-out for browser cookies, which is making it very difficult for the data to be collected. Secondarily, a growing number of end-users are already using ad-blocking tools that make cookies less valuable. It makes sense that browser companies are deciding to phase out third-party cookies in order to avoid regulatory issues.
So What Does a Cookieless Future Mean for Advertisers?
Ad tech platforms have built their technology on the information from third-party cookies and mobile ad IDs (MAIDs) to enable brands to deliver personalized experiences to their audience. However, other identifiers can be used in place of third-party cookies as signals to identify, track, target, and measure user interaction across domains and devices.
Identifiers that will still exist in the cookieless future:
- First-party cookies – data from things like logins, store settings, and locations that are collected on a website will still be available to the entity collecting that data.
- Mobile Ad IDs (MAIDs) – this is the ID provided by a consumer’s mobile device that can be used for tracking and targeting users. That said, an announcement from Apple that they will start forcing users to opt-in to its mobile Identifier for Advertisers (IDFA) may be signaling that MAIDs may one day go the way of the third-party cookie.
- Hashed Email (HEM) – a hashing algorithm transforms email addresses into hexadecimal strings, so each email becomes an unrecognizable jumble of numbers and letters. Hashed emails are created by applying one of many industry standard hashing processes (MD5, SHA1, SHA256) to emails. An important note is that HEMs may change as the big three pursue new technology to support the FIDO passwordless logins.
- IP Address – a data attribute from your household internet access that can be used as a highly scalable ID because everyone who uses the internet has an IP address for that session.
- User Agent – a “string” (a line of text) identifying the browser and operating system to the web server.
While not as direct as third-party cookies, the above data can be combined to provide the same results as advertisers see today. The key is utilizing machine learning and probabilistic algorithms to match user identification in a new way.
How Will Identity Solutions Adapt to a World Without Cookies?
The first important evolution that positions Identity Solutions with needed identification data is the Universal ID (UID). A UID is a single identifier that recognizes the user in the digital marketing ecosystem and allows the information associated with the user to be passed onto approved partners in the supply chain. Companies have created UIDs by bringing together various data sources for analysis that results in an ID for each individual that has as many of the above identifiers related to the UID as possible. Advertisers can tap into a UID through an arrangement with its provider or they can work with an Identity Solution that works with multiple UIDs in order to increase accuracy. UIDs started being developed back when Safari and Firefox removed third-party cookies so they are already robust options.
Here are the three UIDs that are gaining traction within the ad tech ecosystem:
- UID 2.0 (US only) – The Trade Desk (TTD) created a universal ID called the UID which is essentially a hash of a hashed email using TTD’s own defined algorithm. It is the most prominent ID in the US market. Note that TTD transferred responsibility for the UID 2.0 to the IAB Tech Lab in 2021.
- ID5 – As a solution provider for cookieless alternatives, ID5 is facilitating the data exchange between ad tech parties based on their ID5 UID. It is a conglomeration of all the IDs they have previously centralized. They will work with all partners and have strong EU coverage. This UID accepts IP, User-Agent, Hashed Email, and first-party cookies as inputs.
- Panorama ID (Lotame) – A global people-based, privacy-compliant identity solution for the open web. Built from multiple inputs (web, mobile, CTV, and customer-specific IDs). Panorama ID is freely accessible and interoperable across the ecosystem.
The second important development for Identity Solutions is the data analytics technology that can execute both deterministic and probabilistic identification matching. Using both of these methods increases identification accuracy. That said, UID providers and Identity Solutions may use only one of these so it is important for advertisers to understand how they work and the value of each.
Deterministic matching uses first-party data and HEMs to unify domains or devices to unique customer profiles with nearly 100% confidence. Since users aren’t always logged in, it is difficult to resolve user identity across sites using deterministic matching alone. This method prioritizes accuracy over scale.
Probabilistic matching uses algorithms to evaluate the probability that certain attributes such as IP address, User-Agent, and location, can be tied to an individual at a certain confidence level. Probabilistic matching can help fill the gaps and resolve user identity. This approach prioritizes scale over accuracy.
In the cookieless future, Identity Solutions are adapting to send their data to UID providers to match their data to existing UIDs. The UIDs that use both matching algorithms will provide advertisers the most accurate data at scale to intelligently deliver advertising solutions.
Are Advertising Results Going to Be the Same Without Cookies?
The overall goal of the advancements in Identity Solutions is to improve consumer privacy while providing the same information that advertisers rely on today—but without cookies. Some solutions will prioritize accuracy over scale while others will focus on scale over accuracy. Advertisers will need to align themselves with the Identity Solution that fits their use case and delivers the same or better outcomes.
Technology has evolved to handle the challenge of a cookieless future, but there is no question that the big technology companies will continue to make changes to the way data is collected—or not collected—as we work toward improved data privacy. With that in mind, here are the key points that advertisers should keep in mind as we say goodbye to cookies.
- There is no single “right” UID. You need a solution that uses a combination of universal IDs to yield the best results.
- Balancing both deterministic and probabilistic matching is the best recipe for getting both accuracy and scale to optimize impact.
- The more data, the better. You’ll want an Identity Solution that is collecting as much first-party data as possible combined with UID matching to provide the best results possible.
If you’d like to learn more about how cookieless identity works, check out how ShareThis does it with their Atlas Global ID solution.