What are cookies?
Cookies – a small text file containing information about the user's activities on a given website. The file is sent to the browser when you browse pages and perform various actions on Internet resources.
It can be any information:
- products that the visitor viewed, purchased or added to the cart;
- its operating system, screen extension, browser version;
- time of the first/last visit to the website, number of sessions;
- information you provided earlier: login, password, name and so on (so you don't have to log in every time you log in to Facebook);
- its location;
- source, channel, campaign, keyword for which he came to the site now or for the first time (losing this information about your customers is the most painful for advertisers).
Cookies may be stored on your computer temporarily or permanently. These are the main parties (first parties) and the third parties (third parties). The main files are created directly by those Internet resources on which the visitor is located at the time of operation. Third party cookies are set by other websites (subdomains are not considered third parties). Yes, other online resources add their code to ours, and this code sends the saved information back. By adding Google Analytics or Facebook Pixel code to your online resource, we receive third-party cookies.
The main browsers Chrome and Safari are going to fight against storage times and third-party cookies. However, their ultimate goal is to reject third-party cookies completely. All this to protect users' privacy.
localStorage as a cookie replacement
SessionStorage and localStorage are data stores. They store information locally in the browser and, unlike cookies, data is not sent to the server with each request. This means that information is saved only for the user visiting the website. The GDPR (General Data Protection Regulation, which entered into force on May 25, 2018 and regulates the handling of users' personal data) does not mention localStorage, which automatically allows any data to be stored there. Does this mean the problem is solved?
No, I haven't decided. Using cookies, you can track transitions between domains. For example, if you want, you can combine pages into one and analyze them, and also analyze transitions within the same domain but different subdomains.
By tracking we mean the presence of the same identifier in the analytical system, which allows the same user to be associated across different pages.
But with localStorage this will not be possible because the domain restriction policy applies to it. And if cross-domain tracking becomes impossible in the new reality, even with or without cookies, then the loss of cross-domain transitions could be critical for many advertisers.
However, this is not the main problem. Safari has already added a limitation on the lifetime of objects in localStorage. Now it's only a matter of time before they tighten these requirements and Google Chrome introduces something similar. Therefore, the use of localStorage in the near future will have the same consequences as the use of cookies. Let's take a closer look at what happened and how it will impact advertisers.
Fighting cookies and analytics
Apple has been fighting cookies for a long time. Currently, Safari users can store information for 1 (third party) to 7 (first party) days, depending on their settings. And data in localStorage is stored for 7 days. This is catastrophically inadequate.
Let's imagine that on January 1, a customer saw an advertisement. He was intrigued and decided to visit the website via the Safari browser. There, the customer looked at several products, added two to the cart, but decided to postpone the purchase until later. On January 3, he returned via direct visit (it doesn't matter whether he remembered the name of the website, clicked the tab, or simply did not close the website) and made a purchase.
And Google Analytics will associate this purchase not with a successful advertising campaign, but with direct traffic.
In reports, it will look as if the customer appeared out of nowhere and made a purchase without even adding the product to the cart. This situation will devalue the advertising and will not allow drawing the right conclusions.
Another sad consequence of rejecting cookies will be an increase in the share of direct traffic, deterioration of the quality of remarketing and lookalike audiences. The increase in the share of direct traffic is directly related to the increase in the number of new users due to the loss of the original source from which the customer came. Users will only be in your remarketing audience for 1 day in Safari and X days in Google Chrome (subject to Google's decision). Lookalike audiences will also deteriorate as their size becomes noticeably smaller as the lifetime of source data users decreases.
Google is in no rush to worry about user privacy, so advertisers on Google Chrome aren't doing too badly. Cookies and localStorage objects may survive for several years. However, in early 2020, Google officials announced that they also intend to phase out third-party cookies. Chrome will most likely one day also shorten the lifespan of first-party and third-party cookies and localStorage.
To see how much data your site will lose, you can go to Google Analytics and compare Safari's new user share with other browsers. The difference will be the percentage of data lost.
What is IDFA and upcoming changes for iOS
Previously, we learned about the mechanism and changes in website tracking. IDFA, on the other hand, affects mobile application analytics.
IDFA – unique device identifier. In marketing, it is needed to understand where a specific customer came to the application. This means that it fulfills some of the purposes of cookies, but only in terms of mobile analytics.
What happened? In the fall of 2020, Apple decided that IDFA access would no longer be granted by default. It was supposed to happen this year, but the dates kept getting pushed back. According to current information from Apple, changes to the new privacy policy are expected with iOS 14.5. Its public version should be released at the turn of April and May. Apple also revealed what it will look like.
What is the threat? The user will have to consent to the use of IDFA similarly to push notifications. The owner of the iOS device will be presented with a very simple and scary text. It will sound something like this: "Do you consent to this app tracking you across other developers' apps and websites?" Only 10% of users are expected to agree. This will shake up the mobile analytics market, and advertisers will no longer be able to know exactly where a given customer is coming from.
Why IDFA is so important
There is a simple scheme on the Internet. Add special labels to your landing page - and live peacefully. In mobile applications, everything looks completely different. There is an intermediate step in the form of the App Store or Play Market. They do not provide information about where a given user came to the application. Therefore, a different scheme was invented for them.
First, the user clicks on the ad.
Then it is redirected to a specially created page. Various information about him is collected there, including: IDFA and traffic source.
Only then is it redirected to the application page itself in the App Store or Google Pay. Steps 2 and 3 happen very quickly, this process is even imperceptible to an ordinary visitor.
When the user launches the app, information about it will be sent to the mobile analytics service (which must be connected before launching advertising campaigns).
If the data obtained in step 4 and step 2 match, the appropriate source will be assigned. If not found, the user will be considered organic.
This information is then sent to the advertising network to evaluate the effectiveness of the advertising.
The importance of IDFA is explained in step five. If the IDFA is not known, then a large part of users will simply be considered organic and it will not be possible to draw correct conclusions. There are other matching alternatives, but they are less accurate. We'll talk about them later.
What advertising giants offer instead of cookies and IDFA
FLOC
It's good that neither Google nor Apple wants to lose huge profits by protecting our privacy and going after advertisers. Google is preparing an alternative to cookies - a new technology called FLOC (Federated Learning of Cohorts).
According to Google, the new technology ensures at least 95% conversions. It is suggested that using FLOC will achieve up to 95% of the result that cookies could provide. However, whether this means that each advertiser will lose at least 5% of conversions, or in the case of 5% conversions they will lose the source of traffic - Google did not explain.
This alternative uses machine learning algorithms. Its key feature is that it does not identify users, but builds groups from them - cohorts that can be used for targeting. Advertisers will not be able to download such user-level cohorts. And this means that working with segmentation as part of optimizing business metrics will be virtually impossible.
Currently, this technology is already being tested by some enthusiasts, but little is known about its effectiveness. Additionally, Brave, Vivaldi, and WordPress browsers have announced the dangers of using FLOC over the past month. They believe that this technology provides almost no worse privacy than cookies. WordPress will disable Google FLOC on its sites and Brave and Vivaldi in its browsers. Most likely, others will follow, so it is very likely that FLOC will not solve the problems of assessing the effectiveness of advertising sources.
SKAdNetwork
Apple has its own technology to replace the IDFA tool - SKAdNetwork. The principle of its work is similar. Reports cannot be drilled down to the user level. Analytics is based on user groups.
However, this technology has a serious limitation: the day after the event or installation, they cannot be supplemented with any additional information.
However, it often happens that purchases take many days or even months from the first launch of the application (long tail of subscribers). It is important to send this data to advertising networks to improve targeting. And the inability to redefine them will negatively affect the selection of the most promising sources for advertisers who take into account the LTV (the profit that the customer brings over the entire period of cooperation with him) of their product.
To work with SKAdNetwork, your ad account must have no more than 100 companies. Additionally, the site must be connected to SKAdNetwork to be able to send conversions and signals to the ad site and receive an estimate of the value of each ad source from it.
There are no staunch opponents of this technology yet, and it has been in operation since March 2018. So far, no one has used it because the emphasis on IDFA produced better results. After changing the IDFA access policy, everything can change dramatically.
Fingerprints
Fingerprints cannot be called an alternative from Apple. This is a long-established method of obtaining the ID of a device (in the case of mobile phones) or browser (in the case of computers). It is based on various indirect signs: IP address, system version, operator, installed extensions/plug-ins, screen size, color depth and so on. After processing such a set of features, a unique identifier can be collected that will be different for different users and will be constant for one.
For example, amiunique.org can calculate browser uniqueness by looking at 5 main characteristics: operating system version, browser name, browser version, time zone and language. The site found a total of 3,453,737 devices with the same set as ours. If we increase the number of features we verify, the number of similar devices will decrease until our device becomes unique and inimitable.
In words, it seems like a "silver bullet", but in reality it is not at all. Fingerprints are often wrong. Additionally, errors occur when different IDs are assigned to the same user, and errors occur when the same ID is assigned to different users. This is because many users have the same configured devices and browsers, perhaps even with factory settings. On the contrary, other users often change their settings, thereby confusing fingerprinting algorithms.
Fingerprinting is currently used in many mobile analytics services, but only for a subset of traffic. The part where the IDFA is not available because users have disabled access to it for ad networks.
How to adapt to the upcoming changes
Opt out of ads
Pros: Saves your advertising budget in the first few weeks.
gradual displacement from the market by competitors;
loss of product recognition;
serious loss of benefits, starting from the first days of refusal;
complete collapse of the company is possible.
Evaluate the effectiveness of advertising campaigns only in the advertising service office itself. Forget about segments and analytical systems
Here are the cons. First, you can decide that advertising campaigns are working well, there are orders and some income. But this may not be the case because we are limited by the advertising showcase. Secondly, in the advertising office they look at the indicators at the highest level, without going into details.
Encourage users to register/log in to the website and application
This should be the first and main stage of preparation for the new reality in tracking marketing activities.
Pros:
neutralizing the impact of cookies on analytics;
ability to match logged-in users from different advertising campaigns and devices with 100% accuracy.
Disadvantages: users may get scared by the intrusiveness and switch to the competition.
Implement a unified data storage and management system
As long as the data is stored in advertising accounts, CRM, and tools that do not belong to us, drawing the right conclusions will be problematic, especially in the new reality.
In parallel, you should start collecting raw data from your website or mobile app. At the same time, it is important to provide the maximum amount of data for each user: from User-Agent to the operating system version, from the IP address to the name of the mobile device, from the time zone to the age.
Raw data should be collected in the form of hits (individual interactions with a website or app). These hits need to be broken down into metrics and parameters already in the data warehouse you've created.
It's time to implement full, comprehensive analytics.
Pros:
with competent implementation, the impact of advertising giants' refusal to accept cookies and IDFA is significantly reduced as the full data collected can be used to communicate with the user;
new growth points for the company that were previously impossible to find without complete user information. This plus should far outweigh the minus of rejecting cookies and IDFA;
the data belongs exclusively to us and compliance with the GDPR depends solely on us. And this means that you can dispose of the information received as needed (within the framework of the privacy policy, of course);
there is no longer any need to compare information from dozens of different systems, because all data is collected in one place. This makes it easier to find effective advertising campaigns and sources in general;
reports for management staff are created faster and better.
you can create a universal dashboard that will contain all the most important information about business indicators and you will not worry that it will be damaged or display incorrect data;
it is easier for new employees to understand the company's marketing activities and the overall state of all online promotion because they no longer have to navigate between different offices and accounts.
Pros:
price. To set up such a system, you need to pay a significant amount. Exact numbers can only be given after understanding the product and business;
you have to pay for both data storage and the services that will be needed for setup. The amount can range from $10-20 to $500 per month (it all depends on the size of the company and the architecture of the planned solution);
Minuses:
time. Building a full-fledged, comprehensive analytical system will take a significant amount of time. To at least somehow reduce the impact of this disadvantage, you should start implementing comprehensive analytics now.
Benchmark users by comparing collected raw data with data from advertising and analytics systems
Pros:
ability to calibrate internal algorithms to find problems in their settings;
a clear understanding of how much data will be lost.
everything described in the previous point should already be fixed. This means that only companies with established end-to-end analytics can currently benefit from this advice;
price. It won't be cheap. Although it will be cheaper than setting up end-to-end analytics.
Go to Server-side tagging
This is an alternative to the usual client-side tracking method. As the name suggests, tracking is configured on the server side and that's where the data is stored. This bypasses the cookie issue (not advertising third parties, but personally embedded first parties, so this advice won't be of much benefit without setting up comprehensive analytics).
Using server-side tagging is beyond the scope of this article. However, the main reason we mention it here is that with GTM Server Side you can extend the lifetime of first-party cookies to the amount of time you need (for example, up to 3 years) and bypass the blocking of analytical scripts on your websites.
Pros:
ability to set the life of basic cookies to several years;
most ad blockers will stop blocking various scripts from your website's analytics systems and monetization platforms. This is a nice bonus for improving the completeness of information collected through comprehensive analyses;
speeding up site loading speed;
full control over data sent to advertising sources.
Minuses:
this is a paid solution. You have to pay to store data on servers. The minimum price is around $120 per month;
hiring additional contractors for setup, who will also have to pay for it.
The main thing
Soon it will be more difficult to assess which advertising campaigns are more effective and which are worse. The changes will affect both websites and mobile applications. This is due to the rejection of cookies and limited access to IDFA. Apple and Google offer alternatives, but their effectiveness will be much lower than what advertisers are used to. At the same time, FLOC from Google threatens to disappear as quickly as it appeared, and the advertising giant will have to find a replacement for it.
You can't fold your hands and just wait. It is also impossible not to change anything in your approach to the analysis of advertising activity. It's time to start thinking about getting started with end-to-end analytics, setting up site/app authorization, and starting to prepare to move to server-side tagging.
Comments