There is no doubt that a battle between tracking solutions and anti-tracking algorithms is ongoing. Even though cookies are very useful for online retailers, we live in a world where privacy has become pivotal and the center of attention for browser developers. In fact, this spring Safari, Firefox, and Chrome presented some changes in this domain. Possibly, we saw that coming. But what are these changes and how will they affect affiliate tracking? Let’s analyze it.
Is tracking prevention a fact of life now?
Late April, Apple announced an update of its Intelligent Tracking Prevention (ITP) technology. In spite of its self-explanatory name, ITP 2.2 actually does not block tracking completely. However, it does make bypassing Safari’s anti-tracking feature harder and limits site owners’ capacity to track the user journey 24/7.
Apple previously introduced this feature earlier in its ITP 2.1 which suggested deleting first-party cookies after 7 days. The new ITP 2.2 cuts this time down to 24 hours. This means that if a customer clicks an ad on Monday, by Wednesday it will be impossible to define via cookies which publisher delivered the order. The initiative is aimed to further curtail the freedom of corporations such as Google and Facebook to measure traffic and target ads at the user.
The cookie control attribute
In early May, Google announced two updates. The first one will affect the cookie management policy in Chromium browsers, splitting cookies into first-party (used within one site) and third-party ones (that can be used by multiple websites). In order to achieve this, Google and Firefox intend to introduce a new attribute in HTTP-heading ‘SameSite’. The attribute will have three possible values: strict/lax/none.
- ‘Strict’: Cookies can only be used within the one website that was given explicit permission to process user data.
- ‘Lax’: It allows keeping authorization cookies. It gives more freedom, however, such cookies are blocked if there is a suspicion of cross-site request forgery.
- ‘None’: If the website owner does not install the attribute, its value will be regarded as ‘none’, so cookies will be available for use by other platforms.
The Chromium feature is expected to be released in the coming months.
*Full description of the SameSite attribute is available on web.dev.
Fingerprint tracking will be prohibited
The second Google update that we expect will affect Fingerprint Tracking technology. Fingerprint or ‘Digital Fingerprint’ is a set of general data about the user’s device and browser: plugins, display resolution, manufacturer and device model. The complexity of these parameters is so unique that an actual Digital Fingerprint can be used to track movements of a specific user online, even in incognito mode.
Google believes that such methods are hardly ethical and that Fingerprint Tracking has to be stopped. Fighting fingerprint is one of the key objectives that Google is going to pursue in future Chromium development. Until now, the exact date of the feature release remains undisclosed.
What should you do?
First of all, don’t panic. The new policies won’t smash your Affiliate Marketing program. Nevertheless, it is important that you are able to be aware of any traffic fluctuation.
The next step is, of course, to safely adapt. To get on-board of this challenge, Admitad, for example, has joined the Interactive Bureau (IAB) Europe and decided to share expertise with industry peers, all of this with the goal of developing and implementing cutting-edge solutions on the tracking tools market.
One possible road you can take is the ‘cookieless tracking’ solution. This strategy integrates a parameter in each click that allows you to store tracking information on your website. Then, you can pass along this information to your affiliate network which is capable of assigning the conversion to a publisher. This strategy is compatible with the new GDPR requests.
Another solution is integrating via a postback request. This path sends a request from the advertiser’s server with information about the actions performed on the advertiser’s website to the affiliated network server. The last one receives this data and records it.
Finally, your affiliated network can offer you integration via XML. This one allows the affiliated network to download the data of the actions performed on a website and then upload it to the statistics.
Respecting GDPR is key in order to deliver a safe, user-friendly experience to all users. Even though these policies are constantly changing it is possible to adapt. But, more importantly, it is essential to be prepared for other privacy requests coming in the future so you don’t get caught up in an infinite anti-tracking spiral.