A Guide to Alternative IDs in the Post-Cookie World


Whether you agree with it or not, Chrome’s third-party cookie will be no more by the end of 2023 – barring any further delays from Google. The digital advertising industry has already had some practice with the scrapping of cookies on Apple’s Safari and Mozilla’s Firefox over the last few years, but the real test is going to come next year, and all programmatic players need to be prepared. 

Google’s eventual deprecation of third-party cookies will be a seismic shift for the industry, altering the foundations of how digital advertising works. Advertisers, publishers, and data providers will have to adapt after years of reliance on cookies for identification, targeting, measurement, attribution, and personalisation. Thankfully, for them, there are a number of solutions on the market – all competing to fill the void.

Solutions available include alternative IDs, Google’s Privacy Sandbox, Contextual tools, and first-party data. Here, we will dive into the first of those solutions: alternative IDs. 

What is an alternative ID?

The most prevalent solutions out there are third-party alternative identifiers, which serve the purpose of replicating third-party cookie functionality, without the privacy issues we often associate with cookies. Although, in avoiding those privacy issues, alternative IDs require other data assets to accurately identify the user.

The existing alternative IDs can be broadly separated into two camps: deterministic and probabilistic.

The most prevalent solutions out there are third-party alternative identifiers, which serve the purpose of replicating third-party cookie functionality, without the privacy issues we often associate with cookies. Although, in avoiding those privacy issues, alternative IDs require other data assets to accurately identify the user.

The existing alternative IDs can be broadly separated into two camps: deterministic and probabilistic. 

Deterministic IDs rely on personally identifiable information (PII) about a user, usually in the form of an email address. The user’s email address is hashed (an integer value is assigned to it) to make the ID anonymous and protect the privacy of the user. 

These IDs still operate based on user consent, which tends to be obtained through the sign-in process, and the preferences set by the user – the latter much the same as many of the third-party cookie permissions received under GDPR.

However, it’s important to note that scale is a big issue for deterministic IDs, because they rely on publishers and advertisers gaining an authenticated registration from their first-party audiences. This is a major hurdle when you consider that, for the vast majority of their time spent in online environments, consumers do not log in.

Probabilistic IDs look to approximate the identity of users without having to rely on any first-party data being collected. 

They use a range of signals across multiple channels to effectively provide their best guess for who a user might be. These data points can include things such as: IP address, device type, screen resolution, and operating system.

While probabilistic IDs can deliver more scale, there can be data inconsistencies, and it can also be difficult to connect people across different devices. Moreover, some of these solutions rely on fingerprinting, which combines device attributes to create a unique identifier. Fingerprinting doesn’t go down very well with Google, Apple, or Mozilla, because it allows users to be tracked even when they choose not to be, and is a massive breach of privacy. 

The main alternative ID solutions

Here are some of the main identifiers on the market.

Deterministic IDs

Unified ID (UID) 2.0

Perhaps the most talked about solution is Unified ID (UID) 2.0 – an industry initiative originally led by The Trade Desk before being handed over to Prebid. UID2 requires users to provide consent via their email address before an identifier can be created.

The user’s email address is converted into an alphanumeric key through hashing. This is stored by DSPs, data providers, and advertisers, but never enters the bidstream. 

Instead, this ID is encrypted and assigned a different value every time it enters the bidstream in order to protect user privacy. These UID2 ‘tokens’ are stored by publishers, SSPs, and single sign-on providers. 

The solution is being tested in the US and Canada, but there are doubts whether it will satisfy GDPR in Europe.

RampID

RampID, formerly ‘IdentityLink’, is LiveRamp’s third-party cookie alternative. It works by deterministically matching offline PII and online devices to people-based IDs. 

User IDs are created using a combination of third-party behavioral data, first-party data, and offline data. Each individual is assigned a cross-device anonymous identifier, or ‘RampID’.

The RampID solution also plays a key role in the Advertising ID Consortium, which is an independent entity made up of ad tech companies, delivering an open identity solution to the digital advertising ecosystem. 

SharedID

In addition to operating UID2, Prebid also has SharedID. This solution generates unique first-party identifiers that can be used by publishers to identify unique users, and attach interest attributes to those users. These IDs are stored as first-party browser cookies or in browser local storage. 

Advertisers that receive the encrypted IDs can use it to gain information about user visits to the specific site housing the IDs.

Probabilistic IDs

ID5

The ID5 solution – available as an API for publishers – is a probabilistic identifier that stores its encrypted IDs on publishers’ first-party cookies. These IDs are then shared by the media owner with their ad tech partners, and used by advertisers for targeting and measurement.  

This is backed up by the company’s IdentityCloud, which offers user recognition and measurement capabilities. Within the IdentityCloud is a Partner Graph, which connects partner IDs to enable platforms to exchange information; and a Device Graph, which connects user IDs to enable publishers and brands to launch people-based strategies across devices.

Panorama ID

Lotame’s Panorama ID is a ‘people-based, privacy-compliant identity solution for the open web’. It connects device identifiers, associated individual behaviors, and privacy choices into a single view, and is freely accessible for all within digital advertising. IDs are built using inputs from web, mobile, CTV, and customer-specific IDs.

Hybrid Solutions

LiveIntent NonID and Authenticated Bridge

The LiveIntent Identity Graph combines machine learning with real-time signals, meaning it uses both probabilistic and deterministic data to create its identity graph. It’s built and authenticated each day through organic connections from email. The identity graph uses LiveIntent’s nonID data processing service to bridge IDs via an active, encrypted email address. 

LiveIntent also has its Authenticated Bridge solution, which uses email to ‘bridge’ identity across the programmatic ecosystem by placing ‘LiveTags’ in emails that register actions, and create authenticated, hashed email addresses.

Audigent Hadron ID

Audigent’s Hadron ID is another example of using both deterministic and probabilistic identity, combining the two with the promise of transforming real-time audience identification, and real-time header bidding. Data pushed into publisher bid requests includes first-party data, contextual data, site-level data, and more.

Hadron promises privacy compliance by ensuring that user and site-level data is never shared with third parties or stored.   

Which alternative ID solution is best?

In all honesty, there isn’t actually an answer to that question. None of the solutions are ‘one-size-fits-all’. It’s very likely you’re going to need a combination of ID solutions, alongside Privacy Sandbox, contextual tools, and first-party data, in order to continue reaching audiences effectively.

It’s important that you find a partner that’s willing to test out a variety of ID solutions to figure out which ones work best for you. Just because one business benefits from using a particular combination of solutions, doesn’t mean your business is going to be the same.

You should also be looking to use third-party alternative IDs in conjunction with first-party data and contextual solutions, which are both set to play a massive role in the post-cookie world as well. 

Unlike alternative IDs, which use a cross-publisher framework, publishers can choose to leverage their own first-party data in isolation. While, contextual advertising involves targeting specific audiences on relevant websites without using any personal data at all. 

On top of all that, we still haven’t mentioned the role that Google will continue to play in the future of digital advertising, despite its decision to scrap third-party cookies. 

Though a combination of alternative IDs, first-party data, and contextual solutions will be of undeniable importance, the vast majority of people browsing the web will still be doing so through Google’s Chrome browser. So, the tech giant is guaranteed to still have a great deal of control over things – and that’s without even getting into its Privacy Sandbox initiative. 

 

The Publisher Brief: Seller-Defined Audiences
March 17, 2022
Playing in the Sandbox: Google’s Role in the Cookieless World
March 17, 2022