Top 6 Apple updates that make trackers’ life harder. Or do they?
For years, companies, affiliate networks, and tracking services have relied on cookies, user IDs, IP addresses, and email to track orders. But along with the tightening of control over the circulation of personal data, the international marketing market has also changed. Will the recently introduced iOS 15 have an impact on online sales? Admitad Affiliate experts studied the new Apple features and talked about how you can work with the new restrictions. Will it obstruct our businesses? It will, but the impact is going to be significantly smaller than you might think.
1. This website is (not) using cookies
Most modern browsers (except for Chrome) have already limited access to third-party cookies for known trackers — scripts that their developers marked as tracking user activity. However, the WebKit browser engine used by Safari and iOS SDK forbade using third-party cookies altogether.
The price is lower quality of data, worse targeting and higher online marketing costs. The impact will be the hardest on traffic arbitrage, content projects will hardly feel a thing — unless they start using targeting to acquire new audiences for their platforms.
But third-party cookies can be replaced with first-party ones. Currently, there are three types of them — those installed by a known tracker (lasting 24 hours), by a website owner (lasting a week) and by the server (not limited by the browser). With a smaller attribution window, a small percentage of orders may be lost.
There are also other ways — for example, to track orders, Admitad Affiliate uses redirects, advertisers’ own cookies and data from their servers and also developed its own technology called Teleport to avoid redirects.
2. Limited access to IDFA
For their mobile platforms, Google and Apple have already implemented special IDs — Google Advertising ID (GAID) and IDentifier For Advertisers (IDFA). They are used for the same purposes as cookies — to collect data on user interests for proper ad targeting and to track campaigns efficiency.
However, as the data protection laws started to beef up, access to user data curbed as well. In iOS 13, iPhone owners could deny access to IDFA to any app. And as for iOS 14.5, developers are obliged to request access to IDFA for their app. Finally, Apple released stricter guidelines on app development that defines what the IDFA request windows have to look like — and the options are scarce. Different sources estimate the share of users who will allow access to IDFA from 10% to 36%.
Mobile tracking platforms — Appsflyer, Adjust, Branch, Kochava, etc. — are already seeking how to keep tracking quality leveled. Fingerprint tracking might be the solution, even though not for long.
3. Postponed by SKAdNetwork
SKAdNetwork is a mobile algorithm to track in-app actions without breaking user privacy. Apple has been developing it for a few years, but it has only come to the forefront recently — with iOS 14.5.
What does it do?
- Actions are sent over to trackers with a random lag (2+ days) so that the advertiser cannot match the event on their servers with the conversion to mark specific users. Neither do advertisers know which publisher delivered the action — unless the winning ad network discloses the data. Apple promises to fix this in iOS 15, making data available to both the ad network and the advertiser.
- 8-byte data limit. Apple suggests that companies use numbers from 0 to 63 to send over all the possible information about specific action. Not much at all. Same reasons.
- Only CPI attribution. As of yet, SKAdNetwork can only track installations. Moreover, there are no deferred deep links — no way to launch a specific screen after installing the app.
All of that means longer payout time, lower campaigns efficiency, and obvious need to change your integration (so that parameters fall within the limit). We cannot stop this, but we can mitigate the effect if we adapt quickly enough and register with SkadNetwork.
4. Multi-vector IP Masking
Masking IP addresses will be one of iOS 15 features. In fact, there are two features that do that — Private Relay and Safari ITP. Private Relay is the iCloud+ service for more secure browsing. Replacing user IP with another one from the same region, it prevents websites from tracking user journeys, targeting ads and creating user profiles. However, It doesn’t damage your tracking if your geotargeting suggests using only country-level data.
The second part, the notorious Intelligent Tracking Protection for Safari, masks IP-addresses only from known trackers. JS-codes of known trackers won’t be able to record user IP, and the networks will have no control over geotargeting settings.
Companies have already come up with enough solutions to bypass ITP: for example, Admitad Affiliate uses regular redirects through an affiliate link (to ad.admitad.com) and server integration with webmasters through the Admitad Teleport API.
5. No More Emails
But it’s not just IP addresses that Apple wants to hide. The corporation has also developed a technology called Hide My Email that replaces your personal email address (say, firstname.lastname@example.org) when you log into Apple services. As a result, other parties can only see a different, automatically generated email (say, email@example.com). This way, users can still receive emails to their personal inboxes, but targeting services have one less parameter to identify users.
Theoretically, Hide My Email could hinder cross-device and cross-browser technologies that use email to match users with their actions. However, we believe that only a few worriers who create accounts anew every time they visit a website to avoid being tracked.
Anyway, email is not the only parameter that can be used for cross-device tracking. Other data can be utilized as well hashed user IDs received from the advertiser or a phone number. Both, of course, under GDPR and ePrivacy laws.
6. App Privacy Report
App Privacy Report is an additional section in settings which shows users all apps that collect data about user activity, as well as where and how often they upload such information. In fact, it might result in building up customers’ anxiety and decrease chances that users will grant apps access to IDFA. At the same time, it means increasing the value of SKAdNetwork for all mobile marketers. This isn’t critical, but it can’t be avoided and will certainly influence all of us just the same. However, it can also add value to SKAdNetwork for those working with mobile platforms.
What can we do?
Well, we still have plenty of options left. First-party cookies will probably never go away, and server-to-server integration with advertisers is still reliable. If you’re worried about regular redirects, then the companies have their own original solutions, just like Admitad Affiliate has the Teleport algorithm, which provides tracking without redirects even taking into account all the restrictions.
Although we can observe the negative impact on the industry, we still believe that such regulations will lead us to a new glorious form of online marketing, so it is in our best interests to cooperate in order to work out solutions to control the damage. In the end, it is advocating for business transparency that will benefit the entire advertising industry.