Cookieless Tracking: the Future of Privacy-First Analytics
While data regulations, such as GDPR and CCPA, impose large fines and penalties for users' data security violations, browsers are phasing out support for cookies. Google Chrome limits cross-site tracking and restricts website access to third-party cookies by default.
For us, as marketing and sales specialists, it's essential to stay on top of this shift because it presents enormous opportunities in terms of lead attribution, customer acquisition, and marketing campaign optimization.
Together with Frederik Werner, a Senior Digital Analytics Specialist at DHL, we explore the modern data privacy landscape and what cookieless tracking is. Frederik will also share his experience using cookieless tracking with Adobe’s Customer Journey Analytics.
The state of modern data privacy regulations
Gathering insights about consumer preferences and analyzing visitor behavior is essential for companies looking for ways to improve user experience and gain a competitive edge.
However, data regulation policies are growing harsher with each year, applying new restrictions to personal data collection, data processing, and data storing procedures.
General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and ePrivacy are the three main policies in the current data privacy landscape that regulate the usage of cookies.
All regulations differ. For example, websites complying with GDPR must allow users to withdraw their data collection consent so their personal information can be forgotten forever. CCPA requires websites to disclose what kind of data they collect with cookies and what happens with it next.
Tech companies also contribute to the overall consumer data protection trend. For example, Apple promotes data privacy as one of its core values and confirms its words with regular privacy updates.
In iOS 14.5, the company rolled out App Tracking Transparency, requiring developers to ask users for consent before tracking their activity in other apps and browsers. With iOS 15.2, iPhones provide a summary view of what exactly each app does with user data.
Considering the rapid changes in the world of data privacy, marketing analysts have come to a disappointing conclusion.
Cookie-based analytics is dying
Yes, that's the reality we all have to accept. Statistics can vouch for that.
According to Statista, in 2021, 42.2% of users continuously rejected cookie consent banners. With almost one in every two users refusing to share information, it's impossible to build a detailed customer portrait and provide a personalized experience.
What's even more disappointing is that strict data regulations have greatly affected the revenue generated by paid ads.
For example, Meta’s CFO Dave Wehner claimed that new iOS data regulations would result in $10 billion in losses on advertising activities. No wonder regular marketers are complaining about the 40% rise in average cost per click on Meta's advertising platforms.
Plus, browsers restrict websites from accessing cookies. Apple's Intelligent Tracking Prevention (ITP) has completely blocked third-party cookies in Safari. Google has also announced that it will block all third-party cookies by the end of 2023.
What’s more, GDPR has forced Universal Analytics users to migrate to GA4. This creates many potential problems with data migration for millions of Universal Analytics users. Here's what Simo Ahava thinks of this situation:
Considering all of the troubles that the current data protection regulations create for analysts, shifting away from cookies sounds like a good plan. But how can you unlock hidden insights about your audience and get a better grasp of their preferences without collecting cookies?
Cookieless tracking is the new black.
What is cookieless tracking?
Cookieless tracking enables marketers to identify and track each user visiting their website. Instead of collecting and storing personal data, websites host web analytics scripts that work only when users enter the website.
These scripts collect data stored on the website's analytical servers as "first-party data".
First, let's review the difference between first-party and third-party cookies.
First- vs. third-party cookies
First-party cookies are files created by the website you run. These small files aren't subject to regulations because they don't contain sensitive information and are seen as an agreement between visitors and the website.
Third-party cookies are files with information created by websites and services other than yours. Advertising platforms create the majority of these files. By using third-party cookies, companies can display ads tailored to users' search queries, preferences, and overall activity on the web.
Since third-party cookies track users across different websites, they may violate privacy regulations. That's why data privacy regulations are actively fighting against them.
Now, let's see how cookieless tracking works in practice.
How does cookieless tracking work?
Third-party tracking is rapidly fading away, but companies still need a solution that helps them build customer profiles and identify the preferences of their visitors. That's where web fingerprinting comes into play.
Web fingerprinting is a relatively new type of online tracking. It allows every visitor to be identified via a set of specific data that browsers pass to websites.
Instead of using third-party cookies, web fingerprinting technologies assign unique IDs to visitors based on data such as:
- Screen resolution
- Preferred color schemes
- The browser's current version
- The current version of the user's JavaScript
- Supported file formats
- The browser language
- Preferred font families
- And many other characteristics
By taking tens of parameters into account, fingerprinting solutions can build a visitor profile that will help you get a grasp of your audience without collecting restricted data. The combination of this information is almost 100% unique, and there is only a very low chance of running into two identical fingerprints.
There are numerous fingerprinting solutions on the market. One of the most prominent is FingerprintJS. It claims to build 99.5% accurate fingerprints, while other competitors can boast of only 40-60% accuracy.
Apart from standard use cases, FingerprintJS can identify users in incognito mode, which doesn't allow for any cookies. You can test fingerprinting by yourself using their banner on the website.
This tool displays all of your visits to the website, even in incognito mode.
How to use privacy-first tracking in cookieless attribution
Even if you have a unique ID for each visitor, it doesn't help you understand how they ended up on your website.
The effectiveness of your marketing strategy highly depends on attribution. You can't spend your dollars the right way without knowing which channels generate the most profit.
On the other hand, attribution without third-party cookies might be challenging.
Here at Improvado, we’ve created a cookieless attribution model that shows marketers and analysts how prospects interact with their channels without using third-party cookies.
With a cookie-based attribution, you can't build a comprehensive picture of the customer journey because of the cookie expiration period. By the time your prospects finish their customer journey, their cookie might have already expired. As a result, you could assign a new visitor ID to the same person who has already visited your website.
This factor doesn't allow you to recreate the entire customer journey, thus leaving you in doubt about which channel brought in a conversion.
We approached this problem in a different way. Instead of building attribution solely on cookies, we mixed data from different channels to simplify the identification of clients. Here are the four main channels we used:
- Advertising platforms (e.g., Facebook Ads)
- Analytics platforms (e.g., Adobe Analytics)
- Fingerprinting solutions (e.g., FingerprintJS)
- CRM and sales solutions (e.g., Shopify)
Then, we designed an identity graph to merge data from all platforms and assign a unique user ID to each prospect. In this way, even if the same user visits the site from two different devices, we can still identify them as the same user (e.g., via e-mail stored in our CRM).
This approach allows marketers to gather insights into the entire customer journey, understand where prospects fall out of the funnel, and monitor the best-performing channels without worrying about the cookie expiration time.
The benefits of cookieless tracking for marketers
As explained, cookieless tracking is a gold mine for marketing teams. It helps them set up precise attribution and identify where their marketing dollars go down the drain. However, some less obvious benefits also come with cookieless tracking.
The new era of ad targeting
Third-party cookies were essential for targeting the right audience with paid ads.
However, now that they're going away, it’s becoming hard to target ads effectively. Hard, but not impossible.
With web fingerprinting and cookieless technologies, marketers can target ads without gathering third-party cookies. This will help to smooth their transition to a cookieless future and build a privacy-first brand image.
By the way, here's the rating of the best-suited demand-side platforms (DSPs) for the cookieless future based on advertisers' reviews.
Privacy-first brand image
Today's privacy-oriented world requires the utmost attention to all customer data. Otherwise, companies might face large fines or even criminal proceedings. For example, the EU's data protection authorities can impose fines of up to €20 million or 4% of worldwide turnover for the preceding financial year.
Cookieless tracking and attribution help avoid unwanted expenses and improve your brand image in the eyes of your clients and prospects. Regular visitors highly value the fact that you're not selling or abusing their personal data.
As for the businesses, HIPAA, SOC-2, GDPR, CCPA, and other compliance badges increase trust in your product, provide you with a competitive edge, and encourage decision-makers to contact your sales team more often.
Cross-device tracking
The average American has access to more than ten connected devices in their household. That means your users probably visit your website from different devices, platforms, and IP addresses.
This multitude of devices creates new challenges for companies when they need to recreate the full customer journey. Since cookies are tied to a specific browser, marketers can't track prospects if they change devices.
But not with cookieless tracking. The cookieless attribution model and fingerprinting technologies make it possible to trace each customer journey from the first touchpoint all the way down to the conversion, regardless of the device or platform the prospect is using.
Due to cross-device tracking, you get a precise picture of your website visitors and the channels they use to access your content.
Bonus section: Cookieless server-side tracking with Adobe Analytics
Identity graphs and fingerprinting technologies ensure a high level of transparency in the customer journey. However, that's hardly the only approach to cookieless tracking.
Server-side tracking with Adobe’s Customer Journey Analytics also provides extensive capabilities for marketing specialists. Currently, there's no uniform definition of server-side tracking in the industry.
For this part, Frederik Werner, a senior digital analytics specialist at DHL and our featured expert, shared his experience with cookieless server-side tracking in Adobe’s Customer Journey Analytics.
Here’s what Frederik wrote in his recent article:
"To track information about our users, we first need a way to capture interactions, like a page load. Luckily, most web servers that serve websites have a way to log which content has been served. On top of that, they often allow for some clever customization that we will use to identify users. There are many web servers out there, but we will focus on the widely used Apache web server today. The Apache web server is quite flexible when it comes to logging requests," says Frederik.
After setting up the Apache server, we can gather a hashed combination of the user's IP address and a user agent to uniquely identify them.
"As always, don't forget to consult with your legal team before identifying your users," Frederik reminds us.
Then, we need a way to collect log files with user IDs from the multitude of servers that we're going to use. Frederik's personal recommendation is to use Apache NiFi in cases like this.
Setting up Adobe Experience Platform
Now it's time to set up the environment in Adobe Experience Platform (AEP).
Here's how Frederik approaches it: "Like all things in AEP, our adventure begins with the XDM schema definition. I’m using the AEP Web SDK ExperienceEvent Field Group that Adobe provides so that we can benefit from some automated lookups in CJA later on. My very simple schema just looks like this. The only changed field is the device model that I declared as an identity field."
After setting up the schema, we need to map the log file structure to our schema. The data mapping process depends on the types of connectors you use, but the overall data preparation process is pretty similar. Here are Frederik's data fields after mapping the log file.
Setting up Customer Journey Analytics
Our next step is to set up Customer Journey Analytics. Here's a step-by-step guide from Frederik:
- Create the connection based on the dataset we created previously.
- After setting up the connection, create a Dataset. Add all fields that contain data.
- Create Entry- and Exit Page use cases for your Page Name dimension.
Setting up a dashboard in Adobe’s Customer Journey Analytics
Here's a table that provides visibility into all requests from a demo log file:
Frederik explains what we are seeing on this dashboard: "the visitor identification through IP address and User Agent worked just fine. We can see that Sessions are way lower than individual Requests, meaning that each request is correctly attributed to the actual user."
We managed to recognize our users with these steps without any front-end code or cookies. So, Adobe Analytics’ cookieless tracking proves itself as a powerful tool in today's privacy-first landscape.
Get ahead of the competition with cookieless tracking and attribution
The "cookieless future" is a term with wide latitude, and industry leaders are still figuring out what exactly it means. Server-side tracking, fingerprinting, implementation of identity graphs, and many other activities are intertwined to recreate the customer journey and build a well-designed attribution model.
Improvado could be your guide in the cookieless world. By connecting 500+ marketing and sales data sources, the platform reveals all of the touchpoints your customers interact with. Data from cross-device tracking platforms, web fingerprinting solutions, and ad services allow you to see what drives conversions and where users fall out of the funnel.
It's a surefire way to assess the performance of your marketing channels and allocate your marketing dollars in the right way. Book a consultation to learn how Improvado can help you set up cookieless attribution and manage your marketing data.
500+ data sources under one roof to drive business growth. 👇
Boost your Enterprise with Improvado marketing attribution