Is the cookie crumbling?

Alex Dixie in Advertising

in Advertising

One of the fundamental lynch pins of current behavioural advertising and targeting technology is a small, non-descript text file stored by the browser of users, the humble cookie. What started off as a piece of technology to allow cross-webpage data transfer and persistent storage of local variables has evolved into the basis of the most powerful advertising technologies across the Internet. However, with tightening regulations, consumer mistrust, lack of relevance in the mobile space and lack of cross-device support, is the day of the cookie coming to an end?

Traditional cookie use

Cookies are traditionally used in desktop environments where they are dropped by advertisers or publishers during the course of consumer interaction with websites. Over time, the reading and writing of such cookies across multiple websites allows advertisers to build up a profile of the consumer in question and allocate them to a specific audience segment, allowing advertisers to target specific advertising to them. Cookies are also the driving force behind more sophisticated advertising techniques such as retargeting.

Cookie regulation

With Europe in particular, new regulation (such as the e-Privacy directive) has resulted in the effectiveness of cookies being reduced due to the enhanced notifications provided to consumers and the ability offered for consumers to opt-out of having such cookies set on their devices. Although cookies currently remain a powerful force for targeted advertising within the desktop environment, initiatives such as Do Not Track currently being developed and gaining wider adoption within the US and internationally have caused advertising technology providers to consider alternative options. As privacy concerns continue to grow, particularly within Europe, there is a concern that permission to use cookies will decline further as consumers exercise their opt-out rights to any type of data collection by advertisers.

Cookies on mobile

Historically mobile devices have had limited support for cookies at best. Although this is no longer the case in relation to the majority of mobile browsers, which do now support cookies, the problem remains in relation to apps on mobile platforms and devices, where advertisers are technically unable to make use of cookie-like technologies.

Next-generation targeting

So what is next? How are technology providers replacing the cookie in their tracking technologies? The answer is that new technologies are proving surprisingly difficult to develop; although rival approaches do enable technology providers to track devices without the use of cookies, the reliability of such technologies is questionable, particularly over time where the unique device identifiers being generated tend to degrade as the signatures they identify rely upon data within the device which, over time, is increasingly likely to have changed. Although the Advertising ID available within Google Android devices and the Identifier for Advertisers (IDFA) available within Apple iOS devices provide a level of unique device identification, their support by third party advertising units is patchy and although frequently passed back through the bidstream for ad exchange buys, direct sales are unlikely to be able to access this information.

More and more new players are appearing in this space and promising an end to cookies using their device fingerprinting technologies but no one company has yet managed to discover the secret sauce of truly unique but time resilient identifiers. For a more detailed discussion of device fingerprinting, see our article.

Bridging the device gap

An even more pressing concern is mapping the consumer journey across multiple devices. Increasingly frequently, consumers now start their journey on one device (for example, initially searching for a product on their mobile) but complete the transaction on a separate device (completing the purchase on their desktop). The difficulty for advertisers is therefore two-fold: firstly, how do you track conversions and campaign effectiveness when there is a disconnect between origination and completion; and secondly, how can you ensure that device profiles are combined to provide a holistic view of the users interests rather than remaining siloed between individual devices?

The approach taken by the industry to attempt to address this issue has been divided into two, dependent on the data assets held by the companies in question.

Deterministic Device Matching

Tech giants such as Google, Facebook and Microsoft have an advantage in this space as they can make use of their consumer platforms (such as Gmail, Google+, Facebook and to map consumer logins across devices. Although vast technical challenges remain to amalgamating the deep data pools across services, the changes to Google’s privacy policy (now allowing the use of consumer data across all products, irrespective of where such data was originally collected) show the intent that all these goliaths have to fixing this problem.

How does this all work? Imagine a user sitting at their desktop. They log into their webmail account and at this point the service provider sets a cookie tying that device to the account. Later in the day, the same user logs into an app on their mobile device using the same account – at this point the service provider ties that mobile device to the same account, creating a deterministic link between the desktop and the mobile. This matching only works where a user signs into their account held with the service provider – hence the plethora of “single sign-on” services apparently being offered for the consumer’s convenience.

Statistical Device Matching

However, where the provider is not a tech giant with a presence across the majority of the web or desires to work independently of the closed-loop ecosystems controlled by these companies, the problem becomes more difficult. Using techniques such as device fingerprinting, as discussed above, a number of start-ups (such as AdBrain and Tapad) are using probabilistic matching to attempt to identify common device ownership. By using the IDFA and UDID tags and combining these with derived data such as location, these companies are attempting to establish to a given degree of certainty that multiple devices map to the same consumer. For example, a mobile device may travel from a set point every morning to another fixed point for the day and then return in the evening. The algorithms developed by these companies may identify the first location as “home” and the second location as “work”. If a tablet device also happens to make the same journey at the same time, the two devices would be matched and a cross-device profile created for the consumer.

Clearly this approach will only produce a probablistic result (that is, it can only establish that two devices are owned by one consumer to a given level of certainty; it cannot produce an absolute answer) and is therefore not as precise as a deterministic approach. It’s advantage is that it remains platform-neutral as the algorithm can collect data across all platforms and channels to analyse and does not rely on a single provider to allow access to records relating to its users sign-on activities.

So is this the end for cookies?

On desktop, it seems unlikely. Although new technologies are developing which allow for IP-based tracking or use device fingerprinting techniques even on desktop, the cookie is a well-established and effective method for profiling. On mobile, the cookie has never really had a foothold due to technological barriers. The new technologies discussed above which are being developed for mobile devices and work to follow the consumer journey across devices will replace cookie-based tracking on such devices. However, when considered across the consumer journey from initial ad impression through to purchase, these profiling techniques are not mutually exclusive. We are likely to see advertisers and platforms using all available techniques to enhance the data collected and provide further insight rather than the new superseding the old.

Is the cookie crumbling? was last modified: March 25th, 2015 by Alex Dixie