In recent years, we have seen a quick proliferation of various standardized, universal ID solutions. The consortiums and companies that stand behind them include some of the leading AdTech vendors, promising a better alternative to cookie syncing, competition with walled gardens like Facebook and Google, and a solution to the end of third-party cookies.
In this blog post, we’ll explain why these universal ID solutions and ID graphs exist, how they work, and the challenges they face.
Table of Contents
What Is a Universal ID?
A universal ID is a unique user ID that allows AdTech companies to identify users across different websites and devices. Universal IDs are created using IDs stored in cookies, typically first-party cookies, and device IDs from smartphones, tablets, and other devices.
Some universal IDs operate within one environment, such as web browsers, while others aim to identify users across different environments, such web browsers and mobile devices. For the latter, device graphs are used to match together the IDs generated in web browsers with the ones generated in other devices, e.g. mobile IDs in smartphones.
Universal IDs have emerged in response to the end of third-party cookies in major web browsers like Safari and Firefox, and the planned end of third-party cookies in Google Chrome in 2023. These universal IDs perform the same functions as third-party cookies, but the difference is in how they are created.
Why Does Online Advertising Need an ID Solution?
The need for standardized ID solutions results from a number of problems AdTech faces:
1. Being able to identify users as they move around the web is vital for everyone in the online advertising industry.
Publishers earn more money on their inventory, advertisers are able to achieve better campaign performance, and AdTech companies are able to sell their tech.
2. Web browsers don’t emit a persistent ID.
Mobile devices like smartphones and tablets emit a persistent device ID – it only changes if a user manually resets it.
AdTech companies can access this device ID during ad requests for in-app inventory, making it easier for advertisers to identify and target users as they move between apps.
Web browsers (on laptops, desktops and mobile devices) don’t have a persistent ID, which is why AdTech companies create third-party cookies to identify users on different websites.
3. Identifying users on web browsers is done via third-party cookies.
The problem with third-party cookies is that they are increasingly blocked or deleted by ad-blocking software, browser settings (think Apple’s ITP and Firefox’s Enhanced Tracking Protection), manually deleting cookies, or browsing in private/incognito mode.
4. Domains other than the one that created the cookies cannot read them.
5. To solve this problem, AdTech companies use a process known as cookie syncing.
This process works by matching the cookie IDs of one AdTech vendor with another. Read more about cookie syncing here.
6. Cookie syncing is a resource-intensive and slow process.
Hundreds of web calls are made with every page load, which impacts page loads and the user experience.
7. Cookie syncing is not always reliable.
The match rate of cookie IDs between different AdTech and MarTech platforms typically varies between 40–60%, and as the number of platforms involved in the syncing increases, the match rates decrease.
8. Walled gardens like Google and Facebook have the advantage of using deterministic data, e.g. login data tied to people-based IDs.
Programmatic vendors still rely on cookies, resulting in many advertisers and publishers turning to the walled gardens due to the advantages they offer in terms of identity, tracking and targeting.
9. Third-party cookie IDs are disappearing.
Safari and Firefox already block third-party cookies by default, and Chrome is planning on following suit by 2022. Without third-party cookies, AdTech and data companies can’t perform cookie syncing like they used.
This means companies are having to look for other ways to create IDs, such as turning a person’s login details (e.g. email address) into an ID.
10. Mobile IDs will be the next to go.
In June 2020, Apple announced that it will be making changes to how app developers can access a user’s IDFA (ID for advertisers). Basically, app developers will have to ask users to give them access to their device’s IDFA before they can pass it on to their AdTech and mobile measurement partners.
Without the IDFA, AdTech and mobile measurement companies won’t be able to identify individual users, meaning they won’t be able to run behavioral targeting, retargeting, or attribute clicks to conversions.
Enter the need for ID solutions.
- Building a customer identity graph with Amazon Neptune (a joint project between AWS and Clearcode)
- Identity in AdTech: Unravelling The ID Problem
- What is Cookie Syncing and How Does it Work?
Current Universal ID Solutions
Currently, there are a handful of universal ID solutions that help solve cookie-syncing and identity issues and compete with the walled gardens.
The Trade Desk’s Unified ID
TTD uses its adserver.org and adsrvr.org domains to power the ID-resolution service across web-browser environments (i.e. web and mobile web browsers).
Since launching the service, TTD has seen cookie match rates of 99% with its trial partner, Index Exchange.
The Trade Desk is also a member of the Advertising ID Consortium (see below).
The Trade Desk’s Unified ID 2.0
In July 2020, The Trade Desk revealed that it would be releasing a new version of it’s Unified ID solution (2.0).
Because of the growing decline of third-party cookies in popular web browsers like Safari and Firefox, and soon in Google Chrome, the new iteration will replace the use of third-party cookies with encrypted email addresses.
This newer version of Unified ID is open source and can be used by all companies, not just those working with The Trade Desk, and will be underpinned by hashed and encrypted email addresses.
Watch the video below to learn more:
But using hashed and encrypted email addresses as an ID is only one function of Unified ID 2.0.
During the AdWeek Spotlight Event, The Trade Desk’s CEO, Jeff Green, outlined the four main elements of Unified ID 2.0:
Many AdTech and data companies have already adopted the Trade Desk’s Unified ID 2.0, including Xander, LiveRamp, Index Exchange, Magnite, PubMatic, OpenX, Neustar, and Criteo.
In order to meet the “open and independent” status, The Trade Desk submitted its UID2 to the Partnership for Responsible Addressable Media (PRAM), which is an independent organization made up of 400 companies, including advertisers, agencies, AdTech companies, and publishers. Unified ID 2.0 officially became open source in May 2021.
The IAB Tech Lab, which is the technology standards arm of PRAM, will take on the role of Admin for UID2. This role will involve managing and distributing encryption and decryption keys for Operators — companies that will generate and manage the UID2 tokens.
Prebid has become the first Operator, but there will likely be many others in the future.
- Working Together to Support UID2 – IAB TECH LAB
- Prebid.org to Serve as Operator of Unified ID 2.0 – BusinessWire
- Unified ID 2.0 Faces Roadblocks In Europe As A Result Of GDPR – AdExchanger
- AdExchanger’s Regularly Updated Guide To UID 2.0 – AdExchanger
Advertising ID Consortium
The Advertising ID Consortium is an open and independent group governed by representatives from AdTech companies like Index Exchange, LiveRamp, The Trade Desk and dataxu, and boasts the support of a number of other ad platforms.
The Advertising ID Consortium utilizes cookie IDs (TTD’s Unified ID and DigiTrust’s ID) and their own cookie ID via AppNexus’s domain, as well as people-based identifiers supplied by LiveRamp’s IdentityLink (IDL).
The latter allows publishers to generate a unique user ID without having to rely on cookies, which is a great advantage at a time when third-party cookies (and even first-party cookies) are becoming less available because of ad-blocking tools and privacy features in web browsers.
The video below explains how the Advertising ID Consortium works.
While the consortium is constantly adding new partners, it has lost others in the process. AppNexus, one of the founders of the group, left shortly after it was acquired by AT&T. MediaMath departed the Advertising ID Consortium as well in 2018, reportedly due to disagreements about the direction of the ID solution.
This exposes an inherent problem with initiatives like the Advertising ID Consortium’s ID and Unified ID – its individual members are often competitors, and issues associated with governance, payment structure and trust sometimes may stop them from easily settling for a single standard.
Although AppNexus did retire from its leadership role in the consortium, it is not planning to take away its domain, which suggests continued availability of the AppNexus cookie ID for the consortium’s members.
DigiTrust is a neutral, industry-wide organization that began as a spinoff of the IAB cookie-standardization working group in 2014 to solve the identity problem in AdTech.
DigiTrust became part of the IAB once again after its acquisition by the IAB Tech Lab back in April 2018. It now operates as one of the IAB Tech Lab’s working groups, allowing both DigiTrust and IAB members access to its encrypted and standardized ID.
Decryption is only available to members of the consortium who are part of regulatory programs and uphold consumer-privacy standards. DigiTrust maintains policies which prohibit its members from passing on the decrypted persistent ID to non-members.
Platforms on the buy side pay a fee to use the service, which goes towards helping support the technical infrastructure that powers the DigiTrust ID.
Recently, DigiTrust joined forces with another ID solution – the Advertising ID Consortium. The collaboration aims to standardize one of three domains: AppNexus (Advertising ID Consortium), The Trade Desk (Unified ID), and DigiTrust.
Being a neutral, vendor-agnostic organization, DigiTrust differentiates itself from other ID initiatives. This is a huge selling point for the programmatic partner platforms, which, for specific business reasons, would rather avoid using a standardized ID from a vendor-owned domain like the ones offered by The Advertising ID Consortium and The Trade Desk.
Goodbye DigiTrust ID
In June 2020, the IAB Tech Lab announced that it would be shutting down DigiTrust due to the ongoing decline of third-party cookies, which underpin DigiTrust ID.
French-based startup, ID5, also offers an independent ID solution, known as Universal ID, that works in a very similar way to the open solutions mentioned above.
ID5 allows publishers, data providers and AdTech companies to outsource their cookie-syncing processes with their partners and use ID5’s Universal ID and Connect services..
In July 2019, ID5 announced that Universal ID is available in Prebid.js, allowing publishers and AdTech vendors to utilize the ID in header-bidding auctions.
While ID5 originally used third-party cookies for identification, it has since moved towards using deterministic and probabilistic matching to produce first-party user IDs.
Secure Web Addressability Network (SWAN)
Here are the main things you need to know:
- SWAN is open sourced and decentralized.
- SWAN will produce an ID, called Secure Web ID (SWID).
- To use SWAN, publishers and consent management platforms (CMPs) will need to work with at least one SWAN Operator (more on this below).
- Users run an audit to see which companies have handled their data.
- The main companies behind SWAN.community are Zeta Global, 51Degrees, Open X, ENGINE Media Exchange (EMX), PubMatic, Rich Audience and Sirdata.
The SWAN Ecosystem
SWAN runs inside the SWAN Ecosystem, which is made up of SWAN Operators and SWAN Senders and Receivers.
- SWAN Operators — companies that will facilitate the use of SWAN Data by publishers within the SWAN Network.
- SWAN Senders and Receivers — companies that will use the pseudonymous identifiers for identifying users and their preferences during Transactions (i.e. media-buying processes). During Transactions, SWAN Data is sent from the Sender to the Receiver. To provide transparency, the Transactions must be cryptographically signed by the Sender and the Receiver.
How Does SWAN Work?
When an Internet user visits a website using SWAN for the first time, they’ll be presented with a consent box (example below) where the user can reset their SWID, opt in to personalized advertising (optional), and provide their email address (optional).
If a user does provide their email address, then it can be used with other ID solutions that generate IDs via hashed email addresses, such as UID2.
Once a user has updated their preferences, the information will be passed to SWAN Operators who will then update the user’s preferences across the SWAN Ecosystem.
The SWID will be stored in a first-party cookie and can be used for ad targeting, frequency capping, measurement, and attribution.
Once a user has selected their preferences, they won’t be shown the consent box again on websites using SWAN. Users can also update their preferences at any time on any website participating in SWAN and will be updated across the SWAN Network.
On the 31st of March, 2021, SWAN began a 60-day consultation period whereby companies can provide feedback on the modal terms. SWAN is expected to go live in the middle part of 2021.
This SWAN initiative is not to be confused with the SWAN (Storage With Access Negotiation) proposal that was put forward by 1PlusX in the W3C Business Group, which is the group working on the Privacy Sandbox proposals.
ID and Device Graphs
Apart from the ID solutions mentioned above, there are many companies that offer ID resolutions services like ID and device graphs.
The main goal of these solutions is to piece together IDs from online and offline channels to create a centralized view of consumers, rather than to use these IDs for online media buying.
LiveRamp is a company that many folks in the digital advertising and marketing industries are familiar with. It offers many data-related services, including first-party data onboarding and ID resolution.
Companies can upload their offline and online data to LiveRamp and utilize its ID graph to identify users across different devices and channels, allowing them to power behavioral targeting, retargeting, and cross-device attribution.
Tapad is another global leader in the ID graph and resolution space.
The Tapad Graph allows marketers to run cross-device ad targeting, personalization, and attribution by identifying users on an individual and household level and creating a single customer view.
In February 2021, Tapad released a new product called Switchboard, which aims to provide interoperability to all the cookieless IDs (e.g. first-party cookies, mobile IDs, and CTV IDs) that will replace third-party cookies.
Switchboard will use machine learning and probabilistic matching to make connections between all these IDs and can be used by other IDs solutions like Unified ID 2.0 and ID5.
Neustar is a company that provides many solutions for different parts of a business, including marketing, risk management, communications, and security.
On the marketing side, Neustar offers data and identity solutions to help marketers power ad targeting and attribution across different environments and devices.
Like many of the other data and ID solutions, Neustar recently announced the release of Fabric ID, which is a cookieless ID (i.e. not an ID stored in a third-party cookie) that will power its identity-based cloud solution; FabricTM.
The Fabric ID is a pseudonymized token that is created by an email address or phone number. Once the ID has been created, it can then be passed from the publisher to Neustar’s advertising clients in the same way IDs in third-party cookies are passed today (e.g. via RTB auctions).
Epsilon is a digital marketing and data company that was purchased by Publicis Group in April 2019. Epsilon operates an ID graph that relies on cookies and mobile IDs, but it also has its own ID — its CORE ID.
CORE ID uses deterministic matching based on data collected from logins and forms to help brands understand how their customers interact with them during the customer journey.
Zeotap is a customer intelligence platform that allows brands and publishers to connect their CRM data with IDs in Zeotap’s people graph (i.e. ID graph). This data is then enriched and activated, e.g. used to power ad targeting via programmatic advertising platforms.
InfoSum offers a fairly different type of ID solution than the ones listed above.
Instead of ingesting data into a centralized platform like a DMP or CDP, InfoSum’s clients upload their first-party data to a decentralized system, known as a bunker.
From there, the InfoSum platform uses a federated architecture and mathematical representations to make connections between the different bunkers, without any data leaving the individual bunkers.
InfoSum’s ID resolution service uses a combination of deterministic and probabilistic matching to connect their client’s first-party IDs to other IDs across different devices and channels. Again, this is done without sharing any of the data stored in the bunkers, making it a highly privacy-safe solution.
Optable is another data platform built for the privacy era. But unlike other data platforms, Optable is designed specifically for the AdTech ecosystem.
The platform utilizes cryptographic technology to offer a decentralized and “headless” approach to help advertisers, publishers, data companies safely and securely compare and leverage audience data. It allows companies to segment both identified and completely anonymous traffic, and easily activate Deal IDs using existing programmatic infrastructure.
Chicago-based SaaS company Signal connects brands with customers at scale through real-time, continuous data onboarding and identity resolution. Signal’s customer identity solution provides a platform for brands and data owners to address customers across multiple devices and channels in real time.
Signal helps brands build their own first-party identity graph, an asset that becomes more valuable over time as marketers wish to reach their customers 1:1 outside of walled garden ecosystems such as Facebook, Google and Amazon.
Flashtalking Identity Management
Flashtalking, a leading ad-management and analytics-technology company, also offers a solution to the ID problem with FTrack.
FTrack is a cookie-less tracking solution that incorporates data from different devices and across the web and mobile apps. The result is a probabilistic ID that can be used to not only target audiences, but also to attribute conversions to campaigns.
Apart from FTrack, Flashtalking also provides other identity-management solutions, such as identity graph for cross-device, people-based marketing, IDconnect to unify data across different platforms, and IDconnect+ to provide model-ready data sets.
How Do ID Graphs Work?
ID graphs have been around for a number of years, but they are starting to really take off.
The reason for the increase in popularity stems from the identity challenges mentioned above.
Because the main identification mechanism (i.e. third-party cookies) is becoming less and less available, there’s a need to look for other ways to identify users across not only websites but also other devices like mobile and CTV.
And that’s where ID graphs come in.
By collecting multiple IDs from different channels, ID graphs can create a single customer view (SCV), which consists of an individual’s behavior and data points across multiple devices and channels.
Below is an example a single customer view from Piwik PRO’s customer data platform (CDP):
Here’s an explanation of how ID graphs work:
Step 1. Data collection: A company would send its customer IDs (i.e. first-party IDs) to the ID graph. These first-party IDs could be taken from websites, mobile apps, and customer and data platforms (e.g. CRMs, CDPs, and DMPs).
Step 2. Match the customer IDs with the IDs in the graph: The company’s first-party IDs would then be matched with all the other IDs in the graph, which would be done using a combination of deterministic and probabilistic matching.
Step 3. Activate the data for cross-device activities: The company can now identify their customers across different devices and channels and run various cross-device activities, like ad targeting, personalization, and attribution.
Looking at building an ID graph?
The Challenges Facing These ID Solutions
Apart from the fact that some of the solutions don’t scale in the same way as they once did (i.e. IDs created from hashed email addresses aren’t as readily available as IDs stored in third-party cookies), all these identity solutions face the same challenges — they still revolve around identification and rely on some type of ID.
The reason this is a problem is because walled gardens like Google and Apple are constantly strengthening their products to make them more privacy friendly.
We’ve seen this with Apple’s ITP and changes to IDFA, and even Google has made changes to how Chrome handles third-party cookies and is also planning on phasing them out in the near future (possibly by 2022).
AdTech companies are moving from one identification method to another, and it won’t be long until Apple and/or Google make some changes to their web browsers or mobile operating systems to prevent these identification methods.
For this reason, many folks in the industry believe that these ID solutions are rather short-term solutions. Many say that the future of digital advertising and marketing won’t be done on an individual basis, but rather done in a privacy friendly way where individuals are not identified.
It’s too early to say if and when identification will disappear completely, so in the meantime, companies need to use an identity solution like the ones listed above to ensure they can still run effective advertising and marketing campaigns.