This article was originally posted on Advertising Week. Be sure to pop over there when you’re done and catch up on identity, privacy, and the latest industry news.
What can playfully be described as a kerfuffle around how DSP IDs are being derived in the bidstream, the recent discord at the IAB Tech Lab has exposed not only shortcomings in the RTB protocol, but also a functional deficit in the programmatic ecosystem.
At the heart of the debate is the issue of how some SSPs and publishers are using probabilistic methods to apply DSP user IDs to requests from browsers that do not have 3rd party cookies enabled. Historically, DSP IDs have only been pinned to a cookie. Any bridging of IDs from a cookie-enabled browser to another browser, no matter how reliable the methodology, is not in-line with many DSP expectations. A shorthand term for this activity could be ID-Bridging. This is not the worst form of the practice. And it can grant a publisher additional coverage of DSP IDs, resulting in more revenue, but can result in some blowback when the DSPs realize that the user’s browser doesn’t actually have their cookie.
Why Is This Happening
With the looming demise of the third-party cookie hanging over publishers like a wicked spector, and the mitigation solutions coming from the Chrome Privacy Sandbox team delivering less than spectacular revenue possibilities, publishers and their SSP partners are hedging their bets. Alternative identifier vendors have risen in the ranks as another post-cookie solution to the pending money gap. As it happens, however, they have yet to deliver significantly offsetting potential. Everyone seems to agree that alt-IDs will be part of the portfolio when cookies go away, it’s just that… well, cookies haven’t gone away yet. That forcing function isn’t in force.
One thing the alt-IDs have made popular, however, is the notion of probabilistic mechanics to link disparate devices to a single individual, without having a direct identity linking them together. Some companies have taken these mechanics and applied them to DSP identifiers. So the ID from a cookied browser on a given network can be linked to an uncooked browser on the same network using sophisticated probabilistic methods. A measurable control group, two browsers on the same network that can both be cookied, is leveraged to determine if the probabilistic methods are reasonably reliable.
The Kerfuffle
Many companies providing identity services are very transparent about their methods, working directly with others in the ecosystem, and often establishing an identity syntax such that the DSPs and others know the nature of the identifier. However, not every vendor is making these efforts and some in the market, observing the oddness of an ID in the bidstream not matching the ID on the browser, have taken this issue with the practice. Without visibility of the derivation of the ID in the bidstream, buyers and buy-side platforms don’t know whether or not they can use that interaction to model attribution and optimization. The problem and the pain is real.
A debate that started in the IAB Tech Lab spilled out onto the pages of AdWeek on March 6th. While the conversation and consternation may have been heated, it’s Tech Lab, and that is the place where we have those debates. Ultimately a protocol-based solution was proposed.
Effectively some metadata will get included in the bid stream to indicate how the identifier was derived on the request. DSPs can either throw it out, or use it. It should be, and should always have been their choice as they represent the buyer’s interests.
Surviving the Cookiepocalypse
The pending deprecation of cookies has publishers scared for their survival. There’s desperation in the air. They and their SSP partners are doing their part to mitigate cookie loss—supporting the sandbox, partnering with alternative ID providers, pushing more contextual signals into the bid stream, and doing their best to market first-party data.
Unfortunately, most of these efforts fail. The bid request goes out, brightly decorated with all the signals available in the market. But if it doesn’t have the DSP’s cookie ID, it doesn’t get a bid. All those efforts on uncookied traffic are wasted.
In their desperation they’ve turned to questionable methods that show results, and some of those methods mean probabilistically decorating non-cookied traffic with DSP user IDs. They know it’s a short-term fix, but it’s revenue that buys them time until the DSPs start putting budgets against these other efforts.
Inviting Trouble
Buy-side systems keep the score in the ecosystem in the way they direct their spend. Winners make more money. Unfortunately scoring systems are always gamed. Players in this game often employ any method that hasn’t explicitly been deemed to be against the rules.
In the last fight, sellers, SSPs and exchanges exploited the way DSP pacing algorithms favor volume. Bid duplication ran rampant until new bidstream signals provided a way to filter out redundant requests. This ID-Bridging problem is just another iteration of the ecosystem taking advantage of a similar exploit.
While the current resolution proposes additional signals in the bidstream, it’s a mitigation, and not solution to the more fundamental problem: DSP’s spend mostly on their ID. Until these systems start leveraging other bidstream signals for targeting, frequency capping and attributing performance, ongoing abuse of that first-class identifier will likely persist.