[LAST UPDATED: 5 March 2021]

For decades, the internet has been underpinned by the humble browser cookie—a small data file installed by a web browser on a user’s computer as they browse the internet. These seemingly innocuous little files have allowed the modern web to develop into what it is today by allowing publishers and site owners to track which products have been added to an online shopping cart, whether a visitor to their website is new or returning, how many times a user has seen an advertisement or to save their data for the next time they need to fill in a form.

Before cookies, each page load on a website was effectively an isolated event, completely unrelated to any other activity by the user on the website. Cookies allowed websites to string events together to create functionality and utility.

In the early nineties, websites were not particularly good at commerce. Unlike a brick & mortar store, websites had no mechanism for identifying whether the user was simply browsing, if they had returned to the site several times or even if they had shown interest in a product.

First conceptualised in 1994 by then-Netscape employee, Lou Montulli, as a method to support virtual shopping carts, the cookie was rolled out on Internet Explorer in 1995 and almost immediately became a hot topic due to the potential privacy implications.

In the subsequent decades, the cookie has gone on to make the modern web as we know it possible. From ad serving to web analytics, e-commerce to website personalisation, virtually every web application makes use of cookies to varying degrees.

THE DEATH OF THE COOKIE

If you’ve spent any time around ad tech conferences or on ‘media Twitter’ in the last few years, you will have almost certainly heard someone refer to “the death of the cookie” at some point.

While it dominates the conversations in ad tech circles and the conference circuit today, you could argue that the death of the cookie began almost immediately after it’s invention; by 1997, the browser cookie had already been the subject of two Federal Trade Commission hearings in the U.S.

By 2000, the U.S had implemented strict rules on the use of cookies after it emerged that they the Drug Policy Office was using cookies to track people who interacted with their ads and, in 2002, the European Union had issued the Directive on Privacy & Electronic Communications which required that websites gather a user’s consent prior to installing cookies on their device.

Savvy publishers simply wrote into their cookie policies at the time that by accessing their sites, a user had effectively agreed to consent to cookies and the laws were ultimately tightened up with the GDPR laws introduced in 2018 to require that consent is ‘explicit, freely given, specific and informed’. The U.S. followed soon after with the California Consumer Privacy Act of 2018 (CCPA), giving Californian citizens more control over what businesses are able to do with their personal information.

However, all of this legislation has proven somewhat toothless since the laws were written and the biggest sea change seems to have been self-imposed by the tech vendors, arguably those with the most to gain from a privacy-first approach. The impetus of this shift in focus has its roots in the narrative that modern internet users expect and demand privacy to be baked into the user experience. However, the cynical among us would note that without third-party cookies, Google, Facebook and Apple all have a competitive advantage in terms of being able to continue to carry out accurate attribution within their own “walled garden” platforms and indeed, the UK government agreed as much in their study of the role of data in digital advertising.

Nevertheless, in 2017—as part of their release of iOS 11 and macOS 10.13—Apple introduced the first iteration of its Intelligent Tracking Prevention (ITP) feature within the Safari browser in an effort to limit companies’ abilities to track people around the web.

In June of 2019, Mozilla announced that new installations of their Firefox browser would have their Enhanced Tracking Protection set on as default, blocking all “known third-party tracking cookies”

While these certainly had an impact, Firefox and Safari collectively have around 21% market share. The majority of internet users (61%) access the internet with Google Chrome. And in January 2020, Justin Schuh—Director of Chrome Engineering—released a blog post that outlined Google’s future plans for third-party cookies. In it, he described how Google would be phasing out support for third-party cookies ‘within two years’, effectively ushering in the death of the cookie.

In response, March 2020 saw Apple roll out the latest version of ITP which—similarly to Google—now also blocked all third-party cookies but did so a full 2-years earlier than Google’s proposed release.

In a sign of the times, the IAB has sunsetted DigiTrust, the non-profit platform it developed to allow SSPs, DSPs and publishers to share and sync cookies and improve match rates.

WHAT IS AN IDENTITY SOLUTION?

Broadly speaking, a ‘persistent’, ‘unified’ or ‘shared’ identity solutions were originally conceptualised as a mechanism for the open web to take on the walled gardens of Facebook and Google. However, they have rapidly evolved into the ad tech ecosystem’s response to the prospect of a post-cookie web. Early iterations were still cookie-based and were designed to improve inefficiencies in existing match rates.

Most recently, it is an attempt by various private enterprises to standardise the tracking and targeting of users in a so-called ‘privacy-first’ approach and without the reliance on third party cookies.

WHY ARE ID SOLUTIONS NEEDED?

Any publisher who has pulled a CPM-by-browser report recently will be able to tell you what impact the Safari ITP releases have had on their CPMs. The initial ITP 2.x updates saw publishers lose up to 40% of their revenue on the open exchange against their users on Safari, while Rubicon reported their publishers lost as much as 60% of their Safari revenue.

Google themselves performed a study on the top 500 global publishers to quantify the effect that disabling access to third party cookies would have on the programmatic advertising revenue of those publishers. The result demonstrated that the test publishers lost 52% of their programmatic revenue. Although when the UK Competition & Markets Authority (CMA) procured the source data of this same experiment from Google to reanalyse themselves, they found a reduction in revenue of 70%.

From a marketer’s perspective, navigating digital channels in a post-cookie world is equally challenging. Littledata found that e-commerce stores lost 8% of marketing attribution for searches on Safari mobile.

HOW DOES ID SOLUTION WORK

There is no single answer to this question. Some identity solutions still rely on cookies although, for obvious reasons, these have a limited shelf life. Others rely on encrypted email addresses.

Outside of the privacy implications, there are several reasons why a unified ID can actually be a superior solution to cookies. Not least of which is the elimination of cookie syncing.

Under the current setup, when a user visits a website, multiple ad tech vendors (SSP, DSP, DMP) all have their own unique cookie ID for that user, which they have to synchronise with each other in real time; a process known as cookie syncing.

As there currently exists no standardised ID for each of these vendors to adhere to, the cookie syncing process can dramatically slow down the loading of the web page and have an adverse effect on the match rates. In this example from The Trade Desk, they have illustrated how an advertiser’s target audience can be reduced by over 50% as a result of these cookie syncing inefficiencies.

unified id
Example of how cookie match rates diminish the size of an addressable audience.

The Trade Desk, with their Unified ID solution, claim to have drastically improved match rates to close to 100% as a result.

WHO ARE MAIN IDENTITY PLAYERS?

Liveramp IdentityLink (IDL)

https://liveramp.com/blog/introducing-liveramp-identitylink/

The Trade Desk’s Unified ID

The Trade Desk is the largest independent demand side platform (DSP), so there is a lot of weight being thrown behind their open source Unified ID solution. Version 1.0 relied on cookies but version 2.0, announced in July 2020, future-proofs the solution by removing the reliance on cookies entirely. Initially, it will rely on encrypted email addresses from opted-in users.

When a users visits a website, they are asked to provide an email address, which is encrypted as an ID. This ID is unified (hence the name) across the network of publishers that have adopted the solution. Advertisers can use this ID to target advertising but crucially, from a privacy perspective, this ID is never transmitted along the bidstream.

Historically, shared identity solutions like DigiTrust and Open ID Consortium haven’t had much luck in the past. However, with their sheer size and buying power and with the backing of major SSPs like Magnite, The Trade Desk is well positioned to make Unified ID 2.o work.

ID5

ID5 is the shared identity infrastructure designed to improve user recognition in a privacy-compliant way. ID5’s solutions improve match rates between platforms and allow user identification in browsers where 3rd party cookies are blocked. ID5 enables publishers to better monetize their audiences and allows ad tech platforms to operate more efficiently and maximize the value of data and inventory.

Created in 2017 by seasoned ad tech professionals, ID5 services clients globally from bases in London, Paris and Germany.

LiveIntent

https://www.liveintent.com/identity-solutions/

BritePool

https://www.britepool.com/

European netID

The European netID is a foundation based in Germany, consisting of three major European media brands, Mediengruppe RTL Deutschland, ProSiebenSat.1 and United Internet. netID is a single sign-on (SSO) platform that allows users of some of the largest European web platforms to sign in across a multitude of websites within their partner network.

Project Rearc

https://www.iab.com/blog/project-rearc-an-industry-collaboration-to-rearchitect-digital-marketing/

Publisher Common ID

Developed by Conversant but made open source. The fact that their PubCID For Publishers page on their website leads to a 404 page is somewhat telling about the state of the Publisher Common ID project.

Zeotap

Zeotap offers publishers two tiers of partnership.

  • ID+ Basic: the most simple integration, Zeotap will allow advertisers to make linkages between their database and your users in order to track and target. Like most providers on this list, in the short term, there is minimal upside given that the cookie is still king when it comes to delivering and measuring ads. However, implementing something like ID+ Basic now will future proof your revenue. There is no cost to integrating in this manner and the promise is of uplift in revenue as and when advertiser and DSP campaigns come online using Zeotap’s identity graph.
    ID+ Advanced: as a publisher with a trove of valuable first party email data, you can contribute to Zeotap’s identity graph. In this model, publishers are paid for this data.

WHAT IS TURTLEDOVE?

TURTLEDOVE forms part of Google’s ‘Privacy Sandbox’ and is their proposed answer to advertising in a post-cookie world, making use of edge computing and effectively moving the auction from the server to the browser. In this regard, it could be compared to Prebid, although it has some notable differences. Namely, AdX integration.

WHAT IS SPARROW

SPARROW is Criteo’s answer to TURTLEDOVE.

TRADE HOUSE MEDIA APPROACH TO IDENTITY

From a technical perspective, the ID module in Prebid (on which our infrastructure is built), has support for:

  • The Trade Desk Unified ID
  • LiveRamp IdentityLink (IDL)
  • LiveIntent
  • PubCommonID
  • ID5
  • Criteo

That being said, we have been in ongoing conversations with our demand partners to ascertain who they are supporting. A unified ID solution is only as good as its adoption rate in market. Supporting a solution with no uptake on the buyside will result in limited advantage on the sell side.

With that in mind, we surveyed our partners and—while several of the demand vendors have outwardly ID-agnostic policies—off the record they were clear as to who they felt had strong support and who they were unofficially endorsing internally.

The apparent winners from the buy side appear to be Liveramp IdentityLink (30% adoption), The Trade Desk’s Unified ID (25% adoption) and ID5 (15% adoption) and LiveIntent (15% adoption).

demand-partner-support-for-id-solutions

We believe that at this early stage, while there is no clear industry standard, there is no reason to throw everything behind a single solution. Each solution has a light enough payload such as to allow for multiple solutions to be loaded without a detrimental effect on page performance. As such, we have rolled out support for ID5, Liveramp & Britepool, with others already on the roadmap for future integrations. We are continuing to monitor the space & will keep this article regularly updated.