Familiar and reliable third-party cookies that have served the digital advertising industry for years are likely to disappear from the market in the future. Google has announced that it will end support for third-party cookies in the Chrome browser in the second half of 2024. Support has already been removed from Safari and Firefox browsers, and applications have always had their own limitations and technologies. With the removal of third-party cookies, the entire digital advertising industry will have to revamp its practices. We will need new ways to target advertising and measure its effectiveness.
In this post, we aim to provide publishers with a comprehensive picture of the current alternatives for targeted advertising. We start with the basics such as data types and storage technologies, then we discuss alternative ways of targeting and creating publisher-owned segments. Additionally, we evaluate how the removal of third-party cookies will affect different stakeholders. Finally, we share tips on where publishers should start.
Cookies and storage technologies
- 0 Party data: This is data that a visitor voluntarily provides about themselves, for example by answering a survey on the website. It can also be data collected by the device manufacturer.
- First-party data (1st Party): This is data that a company owns itself, such as a customer database or browsing data collected with user consent on its own website.
- Partner data (2nd Party): This is data that two companies have agreed to share with each other, such as in the context of joint campaigns or partnerships.
- Third-party data (3rd Party): Data that comes from a third-party provider who does not have a direct relationship with the company.
It's important to note that different technologies are able to recognize and utilize primarily 1st and 3rd party data. For example, programmatic advertising primarily uses 3rd party data for targeting, while website personalization tools may utilise 1st party data.
Data storage technologies
When data is stored about visitors online, it is linked to the visitors by storing a unique ID in their browser. This ID is typically stored either in a cookie or in the browser's local storage (HTML5 storage).
Cookies can be either first-party or third-party cookies. The determining factor is whether the cookie is set from the same domain where the visitor is currently located (1st party) or from a different domain (3rd party).
Reading/writing of 1st party cookies is limited only to the specific domain, meaning they are page-specific. The same limitation applies to the browser's local storage.
3rd party cookies are set from a different domain than where the visitor is. This allows the cookie to be used on multiple different websites. 3rd party cookie setting is already blocked by default in browsers such as Safari and Firefox.
Client-side and server-side 1P cookie
It also matters how the 1P cookie is installed on the browser. There are two options: client-side and server-side.
A client-side 1P cookie is a cookie installed by a script in the browser. Its expected lifespan in the Safari browser is 7 days if the user doesn't visit the service during that week. If "link decoration" is used, which includes identifiers that make marketing measurement easier, the lifespan is limited to 24 hours in Safari.
A server-side 1P cookie is a cookie that is set by the server. Currently, the lifespan of this cookie is longer than that of the client-side cookie, but Apple is planning to limit the lifespan of these cookies to 7 days.
Cookies and browsers at the moment
A huge number of Universal ID (UID) providers have emerged in the market, aiming to solve the limitations on data usage across different domains that will arise due to the removal of third-party cookies.
Universal IDs typically work in two different ways:
- Based on login information - Visitors are connected based on email or other login credentials. The identifier is transmitted encrypted to the UID provider, who returns an ID based on the identifier, which is the same across sites.
- Model-based - Visitor data from the device is used to estimate whether the visitor has already been assigned an ID. If they have, the same ID is assigned to the visitor regardless of the site. If the visitor cannot be identified with sufficient certainty, a new ID is assigned
To work, UIDs also require the user's consent. Universal ID providers set a first-party ID (either a cookie or local storage) that is passed along with ad requests. Read more.
1st party segments in DSP
The segment data is typically transferred from a DMP to buying platforms using ID synchronisation between systems and utilising third-party cookies. In the future, this model will not work, and it also does not work today, for example, in Safari and Firefox.
This challenge has been addressed through different methods:
- Publishers’ package segment data and inventory - The benefit of this approach is that it is likely to work in the future as well, but it may not be a very scalable way to operate with a large group of advertisers.
- 1st-party ID utilisation for data transmission - For example, Adform supports the transmission of segment data based on 1P identifiers. The ID previously provided for use by DSP is also sent with the ad request so that the ad can be targeted based on segment data. At least for now, targeting based on 1P identifiers requires manual work.
- Utilising Universal ID for transmitting data - This implementation is easy to adopt, but utilising it may incur additional costs. However, some UID vendors offer their technology free of charge to publishers. Moreover, there is no guarantee of its functionality in the future.
Adform ID Fusion
Adform has developed a new solution called "ID Fusion" that aims to solve the challenge of ad targeting by combining different 1st party IDs within its own ecosystem. The goal is to find connections between the same user across different devices and websites in order to make ad targeting and measurement work while respecting user privacy.
The ID Fusion solution relies on user consent and connects different 1st party IDs to each other. If the same ID is available on different websites, that real ID is used. If there is no matching ID available, the solution tries to connect different IDs together by predicting them.
This new solution helps to better understand user behavior across different platforms and provides a better understanding of the type of advertising that should be targeted. ID Fusion is already available on Adform's platform and is expected to offer new opportunities for ad targeting. Read more.
Google has been working on the Privacy Sandbox project for the past few years with the aim of finding alternative solutions to third-party cookies and improving user privacy. One of the latest proposals is the Topics API, which suggests that the browser returns a few interest groups that can be used for ad targeting without personal information.
However, the W3C TAG (Technical Architecture Group of the organisation that sets standards for the web) has rejected this proposal and recommends that its development should not continue. One reason was that Topics API does not provide sufficient privacy protection for users and is not secure enough. Apple and Mozilla have also expressed that they do not support this proposal in their browsers, which poses additional challenges to its adoption. Read more.
Seller Defined audiences
Seller Defined Audiences (SDA) is a standard published by IAB Tech Lab in early 2022. It enables visitor segmentation into over 1700 audience categories based on three classifications: intent, interest, and demographics. SDA technology works synergistically with contextual categories, allowing publishers to combine page-level context with SDA-defined behaviour for more precise targeting for advertisers. SDA audience data is transferred in the auction according to the ORTB standard, making it platform-agnostic.
SDA technology provides publishers with a standardised way to classify and sell first-party data cohorts across browsers and devices. It allows publishers to leverage their private audience targeting on a larger scale without third-party cookies or data processors. The technology leverages several existing programmatic technologies, such as ORTB, Prebid, and IAB's data transparency standards.
However, there are still challenges to the widespread adoption of Seller Defined Audiences, as DSPs must enable SDA audience groups to be used on their own platforms. Read more.
Impact on different stakeholdersThe disappearance of third-party cookies will affect all stakeholders. Below is our assessment of how the change will affect ad buyers, sellers, and other actors.
Buyers of advertising:
- Advertisers will need to reconsider retargeting and targeting of advertising.
- Measuring advertising effectiveness will become even more difficult without third-party cookies.
- Safety solutions are of interest.
- Media agencies face the same challenges as advertisers.
- Running their own data business is no longer possible with the old tools.
- "Classic" modelling becomes more valuable.
- Media agencies can seek new partners and partnership opportunities with new technologies.
Sellers of Advertising:
- Media companies with a lot of logged-in users are in a stronger position.
- Contextual targeting allows for the commercialisation of contexts through direct sales and deals.
- The ability to deliver quality profiles, impactful environments, and formats is emphasised.
- Small sites with low profiling capabilities may find the change difficult.
- The change could open up opportunities for high-quality networks that can curate targeted deals for a wider range of publishers.
- Overall, sellers are more agile adapters than buyers.
- In addition to technical challenges, global giants face legal issues as the removal of 3rd party cookies and Apple's restrictions make it difficult to prove the effectiveness of advertising. Meta may not be able to track users based on their terms of service, and Google is also under constant review.
- Data traders are likely to focus on UID opportunities, and businesses based on 3rd party cookies are likely to end.
- Cleanrooms are growing in importance, but they can provide the most value to those who have significant 1st party data.
- Retailers have a lot of 1st party data and distribution channels, giving them a strong negotiating position with brands and opportunities to increase their market share. However, they may not yet be very skilled in local media sales, so partnerships may be found here.
- DSPs and SSPs who are openly receptive to different identifiers may increase in popularity compared to those who are unwilling to work with publishers and advertisers.
Where to start?
Don't worry about the disappearance of third-party cookies, instead, it's important to boldly test new methods:
- Publishers should evaluate whether they can increase their first-party data assets by encouraging visitors to log in, participate in surveys, or subscribe to newsletters.
- It is also worth considering whether developing contextual targeting capabilities can provide growth opportunities.
- Targeting profiled sites is easier because they already allow advertisers to reach consumers interested in a particular topic. In this case, deals and direct campaigns are good options for targeting.
- UID operators who actively operate in the domestic market are worth testing, and it is worth delving into the added value they offer.
- Naturally, we should all closely monitor the development of new standards, especially the promising journey of the Seller Defined Audience from design to implementation.
We are not alone in facing this situation, as the change affects the entire industry. By sharing our experiences together, we can achieve the best results. At Relevant Digital, we closely monitor the developments in the situation.