TIME TO FIX COOKIE SYNCING

(originally published on Exchangewire)

Even though it was not their original intention, cookies have quickly become the default mechanism to identify users anonymously on the Internet. Anonymous user identification through cookies has many applications, from default login, to shopping cart retention, to content personalisation, but none of these is more important to our ecosystem than ad targeting.

Cookies aren’t so bad after all

Online advertising promises one-to-one targeting at scale - a promise that relies heavily on cookies as the main means of user identification for profiling and targeting. Cookies are far from perfect for that application - they are temporary, can be fraudulent, and they are also attached to a device, not a human being. But there are also many advantages: they are totally controlled by users (who can choose to refuse them or delete them through a simple user interface - the browser - with the click of a button) and they are easy for ad tech platforms to use because they travel naturally within the HTTP stack.

The main drawback of cookies is that they are domain-specific: each platform can only read and write cookies on its own web domain. With programmatic making user-level data the mandatory fuel of digital advertising, sharing information between platforms becomes increasingly important. Enter the cookie synchronisation process…

Ad tech’s dirty little secret

To share information with each other, platform A (which knows me as user [123]) needs to synchronise my ID with platform B (which knows me as user [abc]). This process happens via calls to transparent pixels initiated in web pages, as explained in detail by Clearcode: http://clearcode.cc/2015/12/cookie-syncing/

(source: clearcode.cc)

In order to maximise their connections with the rest of the ecosystem (a quality measured by the ‘match rate’ between two platforms), each platform tries to synchronise its user IDs with all its partners as often as possible. As a result, the number of pixels being fired on each page grows exponentially with the number of ad tech vendors - the exact formula being [n x (n-1)] where n is the number of platforms in the industry. Synchronising 10 platforms with each other requires 90 pixels to be fired. This number grows to 2450 calls for 50 platforms, 9900 calls for 100 platforms, etc. A look at the Lumascape paints a picture of the challenge for ad tech vendors to properly share information with each other…

(source: ID5)

In addition to overloading users’ browsers, cookie synchronisations create a massive risk of data leakage for publishers - because this process happens in the background, without their consent, and sometimes even without their knowledge, calls can be made to vendors with whom they have no relationship. In most cases they are just used for cookie synchronisation, but this lack of structure leads certain dishonest vendors to use information associated to the calls (such as URL or IP address) for profiling purposes, effectively stealing publishers’ valuable audience information.

Last but certainly not least, the upcoming evolution of the regulatory data privacy framework in Europe (the General Data Protection Regulation, GDPR) is going to make this process very difficult, if not purely illegal. Because of their lack of transparency, cookie synchronisations are in total opposition with key GDPR principles, including communication with data subjects and traceability of data collections.

Time to clean up our (cookie sync) acts

So does this mean we should forget about user-level information sharing between platforms? Should all advertisers and publishers move to a single, integrated ad tech stack to avoid cross-domain issues? Fortunately for the future of ad tech, diversity, and innovation, there is a solution! By centralising and optimising cookie synchronisations calls, we can solve these issues and improve the ability of ad tech platforms to connect with each other.

A centralised cookie sync platform means that instead of calling dozens of partners, each vendor needs to synchronise with only one, which gives them access to the rest of the world. Think of it as going from a spider-web, to a star-shaped structure. Fewer calls, less bandwidth being used, faster page load times, and a better browsing experience for users.

To facilitate this reduction in the number of pixel calls, optimisation of the cookie syncing process is key. By managing mapping tables centrally, it is possible to know which users are already matched across which platforms, how recently they’ve been matched, and which matches are more important. We can therefore optimise pixel calls to maximise outcome whilst reducing footprint – effectively, doing more with less.

Cookie syncing has been happening in the background for too long, creating fears and frustration across the industry. A dedicated platform will bring transparency to the cookie sync process, enabling publishers and ad tech vendors to define whitelists of match partners, to monitor synchronisation calls, and to regain control of the entire process.

We created ID5 to address the cookie sync challenge and provide a solution to the industry. Our goal is to enable independent ad tech vendors to remain competitive versus. integrated tech stacks by providing them with an efficient way to connect with each other. ID5 is an enabler, but improving cookie synchronisation is a collective effort requiring the participation of all stakeholders. By joining ID5, publishers, data providers, and ad tech platforms have a chance to help solve a key issue for the industry. Let’s work together towards this goal!