article

What You Need to Know about Apple Intelligent Tracking Prevention (ITP)

Jun 27, 2018

Are you prepared for Apple's newest Intelligent Tracking Prevention update? 

What is Apple ITP 1.0?

In September 2017, Apple released an update for Safari browser versions 11 and above to include Intelligent Tracking Prevention (ITP).  Apple ITP is a browser setting called “Prevent Cross-Site Tracking” which is enabled by default for all users.

This technology was designed by Apple to limit the ability of tracking service providers to read their cookies from an Advertiser’s (or other website owner’s) website beyond the initial 24 hours. This feature targets cookies dropped by companies that Apple deems they are using to track users across multiple sites—specifically third-party cookies and cookies that are read in a third-party context.

For example, when a user visits a Publisher’s website and clicks on a CJ link, that user’s browser redirects to a CJ tracking domain and receives a CJ first-party cookie (this CJ cookie exists in CJ’s domain) before the user is directed to the Advertiser’s site. When this user makes a purchase on the Advertiser’s website, the Advertiser will fire a conversion tag that uses the CJ tracking domain. This tag will attempt to reach the CJ cookie that was placed on the CJ tracking domain.

In the example above, Apple ITP 1.0 would only permit the CJ cookie to be read within the initial 24-hour period. This is because the tag is attempting to read a cookie in the CJ domain, (considered a first-party cookie read in a third-party context) because the user is on the Advertiser’s site not the CJ domain when the tag is fired.

If a consumer elects to disable ITP via their Safari browser, we can read our cookies beyond the initial 24-hour period.

What changes does Apple ITP 2.0 introduce?

Apple ITP 2.0 introduces three important changes with the roll-out of iOS 12 and MacOS Mojave in the Fall of 2018.

  • Removal of the 24-hour Tracking Window: Apple ITP 1.0 allowed cookies to be read in a third-party context for the initial 24 hours—this is being removed with 2.0 update. This means that cookies will no longer be able to be read in a third-party context.
  • Tracker Collusion Protection: ITP 2.0 also introduces a feature Apple describes as “Protection Against Tracker Collusion”, which will recognize when redirects are being utilized for tracking purposes only. An example of this behavior is when a user is “invisibly” redirected through a tracking domain before landing on the intended destination URL. Continuing with the example provided above, when a user visits a Publisher’s website and clicks on a CJ link, the user is briefly redirected through a CJ tracking domain before ultimately landing on the Advertiser’s site.  This feature will prevent cookies from being dropped or read on a user’s browser during these tracking redirects. 
  • Origin-Only Referrer: A new feature called “Origin-Only Referrer” is included in the 2.0 update that truncates referring URLs down to the root domain within reporting. For example, if the referring URL is publishersite.com/shirts, “Origin-Only Referrer” will remove any information after the root domain leaving the reported referring URL as publishersite.com. This change does not limit data that can be passed in the URL to an Advertiser’s site.

Why does this matter to CJ and the digital industry as a whole?

Many companies that website owners rely on for ecommerce reporting and analytics leverage cookie-based tracking. The updates that Apple ITP 2.0 will include will impact companies who are reliant on reading their first-party cookies in a third-party context, negatively impacting reporting capability and accuracy. CJ’s legacy tag-based integrations leverage cookie tracking and will be impacted by Apple ITP 2.0.

The Apple ITP 2.0 update is a critical change that reflects the ever-changing digital ecosystem. It’s important to understand that this change is something that may become even more prevalent and may be adopted by additional browsers. Privacy laws such as the GDPR & ePD are also impacting tracking leveraging cookies.

What steps can be taken to limit negative impact on my business from ITP 2.0?

Advertisers who are using a legacy tag-based integration will need to update their integrations to include our cookieless tracking solutions. Our tag-based cookieless tracking is a free, privacy-compliant, simple enhancement that takes minutes to implement and solves for cookie-loss related tracking limitations such as the GDPR, private browsing, and user deleted cookies.

Website owners should also work with their digital tracking vendors to explore other options that enable tracking when a cookie isn’t present.

Interested in learning more about Apple ITP or our cookie-less tracking solutions? Connect with a Business Development representative, your account team, or via our Support Center today.

Topics: Privacy
Share