Identity in ad tech: Meet the cookieless ID solutions

A new wave of cookieless identity (ID) solutions is sweeping the ad tech industry in the wake of the deprecation of third-party cookies. In a previous post, we covered The Privacy Sandbox, Google’s proposed alternative to third-party cookies, which uses browser anonymization and machine learning to build interest-based cohorts of users (FLOCs) that advertisers can target.

As Google starts testing FLOCs in the real world, independent ad tech is working in parallel to create ID solutions that advertisers and publishers might use to identify users in the near future. In this article, we’ll review some of the most popular cookieless ID solutions and how they work.

Towards the end, you’ll find some frequently asked questions about these ID solutions.

Unified ID 2.0 by TTD

The latest version of The Trade Desk’s ID solution, Unified ID 2.0, uses anonymized email addresses as an identifier to replace third-party cookies. The solution has a lot of collaborators, including Salon, Newsweek, Magnite, Index Exchange, and SpotX.

Last month, AdExchanger reported that Prebid.org will operate UID 2.0 and make sure that it remains open source. Prebid is the industry body that oversees Prebid Server, an open source server-to-server header bidding solution, and Prebid.js, one of the most popular open source header bidding wrappers. In addition to handling the hardware and software infrastructure for UID 2.0, Prebid will also handle the email encryption and decryption process.

Prebid will set up the infrastructure needed to support UID 2.0 in Q2 and go live by the middle of 2021. In this time, The Trade Desk will hand over the working code to Prebid and relinquish control of the standard. “I’d argue that UID 2.0 and Prebid’s efforts around identity are moving at a faster pace than the Privacy Sandbox and that they’ll probably be ready earlier than some of the Privacy Sandbox work,” says Tom Kershaw, Chairman of Prebid and CTO of Magnite.

On the consumer side, UID 2.0 will function as a single sign-on module that operates across the open web, enabling single-click logins for signed up users. With so many alternatives being developed in parallel, the jury’s still out on which solution will end up becoming the gold standard for identity resolution, but UID 2.0 is one of the frontrunners in the ID race.

Universal ID by ID5

French-based startup, ID5, provides an independent ID solution, known as Universal ID. While Universal ID also aims to replace third-party cookie based targeting and the inefficiency of cookie syncing, unlike UID 2.0, it doesn’t use anonymized emails to achieve that result.

Instead, Universal ID uses a combination of soft signals (including IP address, user agent, page URL, page referrers, etc.), combined with first-party storage mechanisms to identify users. That might sound a lot like “fingerprinting”, which gets a bad rap in ad tech. However, the key difference is the ID5 captures user consent from a CMP that the publisher is already using, thereby creating a consented mechanism for identifying users without third-party cookies.

Why does ID5 take this different approach? “Most users are not ready to provide an email when visiting a website, and will see this requirement as far more privacy-invasive than other types of requirements based on a simple consent,” says Matheiu Roche, CEO of ID5, “And most publishers are reluctant to create barriers to access their content, and cannot justify the additional effort to establish this type of relationship with their audiences.”

In July 2019, ID5 announced Prebid support for its Universal ID, allowing its use in header bidding auctions. At the time of writing, Universal ID is active on over 100,000 sites, reaches over 400m users per day globally, and has over 100 participating members including publishers like Advance Local, Chegg, and DailyMail, and vendors like Adform, Mediamath, and Xandr.

Fabrick ID by Neustar

In December 2020, Neustar launched Fabrick ID, a deterministic identifier designed to replace third-party cookie targeting. Neustar is implementing the Fabrick ID with its existing partners, including Index Exchange, PubMatic, LiveRamp, and The Trade Desk. According to AdExchanger, roughly one third of top Comscore publishers are already using Fabrick ID.

Here’s how it works: Publishers can use Neustar’s API to make calls with the information they have about users, such as a hashed email address or phone number. Neustar returns the API call with a token (Fabrick ID), which publishers can then share with Neutrar’s demand-side and advertising partners to sell inventory programmatically on the open exchanges.

Connections made using the Fabrick ID allow limited use, which means that a token only works for the partner that it was generated for and can only be used for securely transmitting the data. The IDs also expire in seven days, making them more privacy friendly than cookies.

Advertising ID Consortium

The Advertising ID Consortium is an open and independent industry group with a mission to democratize the use of identity in ad tech. The consortium comprises 30 supply-side and demand-side technology providers, and is governed by representatives from ad tech companies like Index Exchange, dataxu, The Trade Desk, and LiveRamp.

The group was created to enable buyers and sellers of programmatic advertising to leverage a two-party identity framework that uses cookie IDs (TTD’s Unified ID) and people-based identifiers (LiveRamp’s IndentityLink) for creating more relevant campaigns and improving UX.

One of the founding members of the group, AppNexus, exited shortly after its acquisition by AT&T. MediaMath also left the consortium in 2018 due to disagreements over the direction of the ID solution development. Although AppNexus existed, it kept its domain available, which means that consortium members can continue using the AppNexus cookie ID.

Britepool ID

New York based Britepool offers a persistent ID solution that allows publishers to identify logged in and anonymous visitors without using third-party cookies.

Like The Trade Desk’s UID 2.0, Britepool also creates email-based identifiers by providing publishers the tools to set up their own single sign on (SSO). which at least until last year, it was offering free of cost to publishers. According to a recent Adweek article, adoption of Britepool’s cookieless targeting solution is growing fast among publishers.

Apart from helping publishers build their own first-party data set of logged in users, Britepool also provides them the ability to identify anonymous visitors and users on browsers like Safari and Firefox by matching their identities using the Britepool ID.

Switchboard by Tapad

With so many different ID solutions coming up on the market, there is a risk of data fragmentation, with advertisers and publishers getting locked into different standards. To solve this problem, Tapad launched Switchboard earlier this year in February.

At launch, the ID solutions supported by Switchboard included UID 2.0 (TTD), Universal ID (ID5), Britepool, and Lotame, among others. By providing agnostic interoperability for all the various cookieless ID solutions, Tapad intends to provide a layer or connectivity that is natively missing.

Even though the solution is designed to help marketers, the success or failure of newer ID solutions for publishers invariably depends on the demand-side adoption of these standards.

“Interoperability is paramount for brand marketers, agencies, publishers and platforms if we want to support an open and free Internet and break free of the stranglehold of walled gardens. Lotame Panorama ID’s participation in Switchboard reflects our steadfast commitment to collaborating across and within the industry and providing value to all of its players,” Pierre Diennet, Head of Global Partnerships at Lotame, said at Switchboard’s launch.

Frequently asked questions

What is first-party data?

Any data collected by the domain that the user is currently on is called first-party data. For publishers, this means any data directly collected from its own audience. Due to recent industry developments, first-party data has become more valuable than ever before. Publishers who have put in the work of collecting, segmenting, and packaging their first-party data can benefit by sharing it with buyers and putting a premium on their inventory. Some newer ID solutions also rely on first-party storage mechanisms to make their technology work.

What is interoperability in this context?

Since a lot of cookieless ID solutions are being developed independently, they operate in siloes. This means that a publisher using UID 2.0 will not be able to work with a DSP that uses Universal ID and vice-versa. Despite the privacy concerns associated with third-party cookie based targeting, it has enjoyed universal compatibility among all members of the ad tech industry. The lack of interoperability is a hurdle for the various cookieless ID solutions to cross before they are useful in a mainstream way. Some vendors are building interoperability in their own standards, while others (like Tapad) are building solutions that might address the problem at large.

What is a single sign-on (SSO)?

Single sign-on enable users to log in across multiple domains using a single ID (most commonly an email address). For instance, it’s now common to log into many websites using your Gmail ID. For users, it makes the login experience more seamless across the web. Incidentally, SSO can also be utilized as a deterministic identifier for identity resolution in ad tech use cases. This is what people mean when they say that Google and Facebook have built a huge “walled gardens”, i.e. the ability to identify hundreds of millions of users anywhere on the web. This is also how some newer cookieless ID solutions work: by allowing publishers the ability to use their SSO.

What is deterministic and probabilistic matching?

These are the two main types of matching used in identity resolution. Deterministic matching relies on using encrypted personally identifiable information (PII) such as email address or phone number to link devices to that identity. Deterministic matching is more accurate by design, however, there are scalability concerns associated with getting users to part with their PII, and the business consideration of maintaining that data and complying with privacy regulations. Probabilistic matching use “soft signals” like device type, software version, screen resolution, OS, location, and IP address to build an ID graph for users. Probabilistic matches never reach a 100% accuracy, but can achieve reasonable confidence level in resolving identities.

What is salting and hashing?

You’ll often hear vendors say, “We protect user privacy by salting and hashing the identifier used for our ID solution.” Both of these are steps implemented during the process of encrypting information (email address or phone number). Hashing is the first step, wherein the input is transformed into a series of random numbers or letters. But due to the deterministic nature of the hash function, input values that are identical will have identical outputs. Salting the hashed values ensures that the final hash is always unique. Modern encryption is highly secure and the fact that ID solutions use email addresses as identifier shouldn’t give anyone pause.

Which is the best ID solution?

There’s no simple answer to that. All the ID solutions are in various stages of development, with some already in use. For publishers, the final choice may depend on which ID solution helps them transact seamlessly with the programmatic demand partners that they are already working with, while offering a relatively high rate of success in identity resolution. It’s also important to note that ID solutions aren’t the only alternative to third-party targeting. Google is pushing forward with its Privacy Sandbox and contextual targeting is always an option.

While you're here...

Did you know that the average publisher loses 10-40% of their revenue to ad blocking? What you may not know is that ad blocking has largely shifted to ad-filtering, with over 300M users allowing a safer, less interruptive ad experience to be served to them—in turn supporting their favorite sites and creators.

Blockthrough's award-winning technology plugs into publishers' header bidding wrapper and ad server to scan ad creatives for compliance with the Acceptable Ads Standard to activate this "hidden" audience and generate incremental revenue, while respecting the choice and experience of ad-filtering users.

Want to learn more?