Starting this May, marketing and business media truly began to bury cookie-based advertising and tracking, foreshadowing the radical transformations in the industry. We were all impressed by terrifying titles about Apple’s recent Intelligent Tracking Policy and its updates. But are all these threats for digital marketing real? Or just some clickbait tricks which make a mountain out of molehills? Let’s figure this out. In the article:
- the real meaning of ITP for the affiliate marketing industry,
- the possible ways to counter the restrictions,
- the role of an ad tracker in the upcoming changes.
– Okay, RedTrack. Tell me more about ITP and its key points
Intelligent Tracking Prevention (ITP) is Safari’s anti-tracking feature that was first introduced in Apple 2017. The main purpose was to prevent cross-site tracking and shorten the life of cookies to 24 hours. Overall, despite the little buzz around it, the actual number of companies affected was not so critical. The majority has already used analytical and tracking instruments that relied mainly on first-party cookies.
Another wave of restrictions happened with the roll-out of iOS 12 and macOS Mojave in the fall of 2018. It brought users:
- The removal of the 24-hour grace period and the third-party cookies’ actual shutdown.
- “Protection against tracker collusion” release that recognizes all redirects used for tracking purposes. It prevents cookies from being dropped or read on a users’ browser during redirects through tracking domains before they get on the advertiser’s site.
- “Origin-Only Referrer” release that cuts off and removes any information after the root domain. For example, thebestaffiliate.com/snickers starts looking like thebestaffiliate.com.
Despite all the restrictions, companies still had a variety of solutions to track users’ activity with cross-site tracking via link decoration based on first-party cookies.
Cross-site tracking — is a method that allows companies collect browsing data across multiple websites. The scheme is simple: when someone clicks a link from one website to another, the first website passes the special ID in the destination URL to the second website. The second one stores it within a first-party cookie and passes back to the first website to record users actions.
And then Apple took up first-party cookies. ITP 2.1 warned everyone that it would delete first-party cookies seven days after their installation on a browser. In two months, ITP 2.2 simply cut their lifespan to one day. This forced companies to refer to different kinds of workarounds to store users’ information within non-cookie-based web storage mechanisms. Did Apple like it? Apparently, not at all. ITP 2.3 released this October aimed to eliminate those workarounds but re-extends the window to 7 days so long as companies use non-cookie-based web storage to hide the identifier.
So, if Safari sees that a company classified as a cross-site tracker has decorated the link, it deletes all the non-cookie-based website data for it from the user’s browser after seven days in which he used Safari but didn’t visit the site since clicking that link.
Seems like we are in trouble, aren’t we?
– Wait, I’m a little lost. Please, explain the difference between cookies types and how do they actually work?
Sure, let’s talk about cookies. There are basically three types of them: first, second, and third (ugh…yes, that’s easy :)). We will not dwell on the second type of cookies as it’s just a name for the first-party cookies transferred from one company to another via some kind of partnership agreement. In this case, we are more interested in the first-and -the third-party cookies:
- Third-party cookies, in their turn, are loaded by third-party servers on publishers’ websites. They record the users’ behavior and path on the internet in order to create their profile and display personalized ads on the basis of their preferences.
How does it work in practice? Let’s look at an example of an ad-retargeting service. Website owners put a 1×1 transparent pixel on their site. This pixel sends a request to the ad-retargeting server when the page loads and the server, in its turn, returns the requested information. Such an exchange allows them to assign a cookie to the users and retarget them later with the products or services they’ve viewed, interacted with previously or relevant new ones.
– Got that. Now, please, explain how ITP will actually affect affiliate marketing?
ITP 2.0 has brought about challenges for all digital marketing channels. Now there are very few affiliates left who rely on third-party cookies while tracking users’ behavior. They are fully blocked on Safari, which makes affiliate companies unable to accurately identify the sales that affiliates have delivered for their clients.
As a result, companies can’t determine their best-performing marketing channels, affiliates are getting paid less as the sales are not linked back to their activity. Basically, it becomes almost impossible to make solid digital marketing strategies and plan marketing investments to meet business objectives.
You’ll probably say that Safari is not the only browser in the world. And you’re absolutely right.
The Usage share of web browsers
The fact is that this kind of threat is coming not only from Apple. The whole data-privacy landscape is continuing to change. And this will certainly cause the emergence of new developments and sophisticated security features are expected across more browsers and platforms soon.
“We need to think about all the data-collection mechanisms that take place across the ecosystem. We are making a number of upcoming changes to Chrome to enable these features, starting with modifying how cookies work so that developers need to explicitly specify which cookies are allowed to work across websites — and could be used to track users” — Google
Chrome is now aggressive against “fingerprinting”. They consider it as a harder-to-detect method of user tracking that overthrows cookie controls. So, they are more focused on “reducing the ways in which browsers can be passively fingerprinted so that we can detect and intervene against active fingerprinting efforts as they happen.”
Fortunately, affiliate companies are mindful of this and already started to implement solutions designed with respect to consumers and privacy laws. As to ad trackers, the most secure and reliable solution for tracking today is S2S postback URL. By the way, RedTrack was one of the first ad trackers which started massively implementing this method and made deep API-based integrations with affiliate marketing companies. The latest one was with CJ Affiliate.
– Okay, tell me how RedTrack can help me track my website users’ activity?
S2S Postback Tracking
The principle of work
|passes information about conversion through the cookie of a user’s browser||passes information about the conversion between the server of an affiliate network and the tracker through the link|
|Being highly dependent on external factors, conversions are not always fired and lower the data reliability||Shows less randomness in results. Can be used for verifying if there are any differences or distinctions in the number of conversions|
Options for conversion signal
|fires a conversion at the loaded thank you or confirmation page||provides broader opportunities to register successful events. Can register conversion after shipping an order, or a successful call (i.e. upsells)|
|Mozilla Firefox, Apple Safari has already implemented restrictions and baned the third-party browser tracking cookie||Is supported by all browsers across the web|
|Users use ad blockers and can delete cookies (clear his cache)||Can’t be affected by users’ actions|
|Easy to implement. doesn’t require any skills||Easy to implement. Need some basic skills|
S2S postback tracking, or server to server tracking, is captured and stored at the client-server, so you can easily understand the entire customer journey and develop specialized attribution/compensation models that reward contributing upstream partners in addition to the converting partner. It allows you to save the identifier (or user ID) directly to the advertiser’s, RedTrack’s and Affiliate Network’s servers.
So, clicking on the link, in a split second a user is transferred through their tracking domains and leaves the information about himself to all of them. After the transfer to the landing page, the user gets the ID in his URL. Neither Safari, no Google Chrome won’t block any information about users in this way. When the conversion is made, Affiliate Network fires a postback, RedTrack gets the signal and initial user identifier and verifies conversion.
Still have questions which tracking method should you choose?