What the end of third-party cookies means for first-party identity solutions
Identity is a fundamental part of digital experiences. In fact, the consolidation and data privacy-compliant use of digital identifiers has become the most important differentiator for companies creating state of the art digital customer experience within modern times.
Digital identities enable organizations to create personalized, relevant, and highly engaging campaigns and content that truly speak to specific target audiences.
However, recent and profound changes to data privacy regulations and technical updates -- namely consent management and the blocking of third-party cookies & mobile ad IDs -- represent a significant challenge for marketers. The so-called “cookie apocalypse” signifies removing the bedrock of creating relevant consumer experiences as modern marketers got used to.
So, what does the future of digital identity look like in a post-cookie world? In short, brands will need to invest in new digital identity solutions to gain insight into their unauthenticated user and known customer online journeys.
This article explores the importance of digital identity management, critical drivers for new digital identity solutions, the business impact of changes in data privacy regulations, and the best solutions to marketers to overcome the cookie apocalypse.
What do we mean by “digital identity”?
Overall, a digital identity represents the body of digital information about an individual. Digital identifiers - the technical aspect of digital identities and the carrier of all data describing a user - can be broken down into three distinct groups:
- Device ID: These are unique, pseudonymized, and unauthenticated identifiers such as web-browser cookies, MAIDs (mobile ad IDs), CTVs (connected TV IDs). (These are the identifiers that are facing the heaviest restrictions nowadays).
- User ID: These are unique, pseudonymized, and authenticated identifiers composed of #Email or other hashed unique customer identifiers), enabling the connection of different device IDs to get a comprehensive cross-device view of a customer.
- Customer ID: These unique customer identifiers enable the junction of users’ online behavior with their offline information, such as purchase and demographic data. Customer IDs include for example CRM IDs, email addresses, phone numbers or loyalty-card IDs.
All three of these identifiers are considered personally identifiable information (PII) under the EU's General Data Protection Regulation (GDPR) and must be treated as such. All organizations need explicit user consent to track, process, store and activate data based on these identifiers.
Digital Identity and identity resolution
To create relevant campaigns, organizations need to connect different data sources and their different identifiers and the data associated with them in a process known as identity resolution.
This process is made possible deterministically by identifying one shared ID across all systems meant to be connected and probabilistically with so-called identity graphs. In the end, ID resolution & identity graphs provide the foundation of a view of users/customers across all touchpoints - web, mobile apps, and offline interfaces.
The importance of the digital identity
As the foundation of digital marketing and the customer experience, digital identities allow brands to create and activate target audiences across different channels.
By 2023, Google Chrome will join Mozilla’s Firefox and Apple’s Safari towards blocking third-party cookies, the primary source for collecting user data and intelligently targeting users.
This change not only means the end of audience recognition and identification as marketers know it, but it also represents a new frontier for the industry. Both user consent strategies and digital identity solutions will need to evolve to create the so-called golden customer record, the single digital identity to continue to be a valuable driver of customer experiences.
4 Main drivers of the need for new identity solutions
It’s hard to imagine the digital marketing world without third-party cookies. However, their elimination is not the only driving force behind the need for new digital identity solutions. Let’s take a look at the four key drivers:
Forget out-of-the-box experiences: Customers now expect personalized experiences in real-time; to meet this high expectation, brands must be equipped to create actionable, intelligent and real-time customer profiles.
For this requirement, brands need to have a unified, 360° view of the customer -- in other words, an aggregation of each customer’s full-circle data in one place - the golden customer record. Not only does this enable the personalization that customers desire, it also drives successful marketing performance.
Enabling a 360° view of the customer also increases operational efficiency by breaking down data silos and providing visibility not just to marketers but to all relevant departments throughout a company.
As mentioned, Google Chrome will phase out the use of third-party cookies by 2023. Their loss alone will make up 65% of the browser market. Additionally, Apple also started to block the use of their iOS mobile ad ID without explicit user consent.
The end of third-party cookies will prevent brands and publishers from identifying unauthenticated users online for marketing and advertising purposes, forcing a redefinition of at least one essential part of the digital identity as we know it.
As consumers spend more time and money online, this behavior has corresponded with growing concerns over their data privacy and changes in data privacy legislation.
Marketers need to manage these rapidly changing shifts in data privacy regulations and enforce consistent standards. This makes data governance a reasonably complex area to navigate while also opening companies up to specific vulnerabilities. Failure to comply with data privacy laws can land them in hot legal water and put them at risk of facing penalties and fines.
Significant improvements in both technology and data privacy policies will help companies comply with complex data governance requirements. However, they also need to gain the trust and consent of users to personalize customer experiences effectively. Customers must be assured that their data is protected and that they can control the use of their data via permission while also understanding the value that their consent will provide them.
According to the GDPR, any organization targeting EU citizens must obtain informed consent for tracking, processing and storing user data.
- For user recognition to remember user preferences.
- For side improvements by analyzing visitor behavior.
- To use 3rd party advertising cookies for off-site targeting.
- To merge user data to create customer profiles.
In many cases, customer data is still fragmented across many different systems and business units, which prevents a complete view of the customer. When companies fail to eliminate silos, this also prevents the ability to draw actionable insights and enact powerful personalization strategies.
The ability to connect customer data sources comes only via customer authentication and their consent (i.e. a customer logs in, registers, fills out a form, etc.). This allows creating one shared customer ID, such as #Email (“Hashed Email”), for example. While unique customer IDs are only actionable internally, #Email is also actionable with external partners.
It’s also vital that companies develop and pursue a secure but appealing login strategy. Those that do link all of their first-party data have a massive advantage over companies who don’t. That being said, only relevant data points for specific marketing purposes should be combined in a single customer data platform.
What is the business impact of the cookie apocalypse?
The major business impact of the loss of third-party cookies is that digital marketing will undoubtedly become a first-party data discipline only since they will remain available and reliable -- as long as you can obtain and handle the user consent.
This means that the following use cases that rely on first-party data will remain:
- Owned website data usage for onsite personalization.
- Owned app data usage for in-app messaging and personalization.
- Owned online data usage for retargeting in walled gardens (#email).
- Offline CRM data for direct marketing.
However, the following use cases that rely on third-party cookies will no longer function as they did to identify users across domains and channels:
- Programmatic advertising (retargeting), cross-domain customer journey analysis, attribution modeling, frequency capping.
- Third-party data purchasing, overlap reporting.
The bottom line is that the fundamental pillars of performance marketing in the open web will no longer function the way we are used to.
Additionally, we will likely see brands and agencies leveraging the use of their first-party data in “walled gardens” -- closed platforms or ecosystems that have direct control of and access to their audience and their consent.
To counteract the overreliance on these platforms, we’re already witnessing many initiatives moving towards “login alliances” whereby large publishers are grouping to create one login system or other industry shared ID solutions. This is also why, so far, #Email as a shared ID appears as the most promising matching identifier across the internet.
Many publishers have also begun to instigate paywalls or registration requirements to gain those durable user IDs. Brands will need to incentivize user authentication to obtain stable IDs. In other words, they need to provide customers with value in exchange for both their data and consent.
What solutions and opportunities are available?
The cookie apocalypse represents a need for companies to seek new solutions to provide their customers with compelling, personalized experiences.
One of these solutions is a Real-Time Customer Data Platform. Amongst others, provided also by Adobe, within their Adobe Experience Platform.
Users will no longer be seen as an anonymous ID within this platform but as a profile with various IDs. These different IDs need to be stored, consolidated, and activated in a data privacy-compliant manner in a single source of truth platform -- which is what Adobe’s RT-CDP is built for. It helps marketers to:
- Simplify the identity resolution process
- Manage known and unknown / on- and off-line customer data in real-time
- Marketer friendly access of a 360°, up-to-date customer profile
- Leverage Machine Learning-powered insights
- Enable personalized experiences across channels
Adobe’s RT-CDP also helps marketers build future-proof data strategies based on durable actionable customer identifiers, with reduced dependencies on cookies and device IDs, where typically the DMP (data management platform) is located or comes from. Marketers can also ensure data privacy compliance with defined enterprise data usage policies and governance enforcement.
Here’s the bottom line: brands need to invest in a CDP solution to redefine their data collection, aggregation, and activation strategies. This will allow them to connect more easily to their various customer data sources and ensure a seamless data flow between systems in a scalable and cost-effective way.
Digital marketing as we know it is changing. The recent significant changes to data protection regulations, the elimination of third-party cookies, and the rise in customer demand for personalization require brands to rethink their data strategies to stay competitive.
The end of third-party cookies doesn’t signal the end of customer personalization -- but it does mean that companies must explore new technologies and first-party data capabilities that will enable them to keep delivering stellar experiences.