Mobile Post-Click TrackingFAQs

FAQ

s

Contents

1. Definitions & Scope

2. Understanding user journeys on mobile

3. What are the technologies available for tracking user journeys on mobile?

4. What else do I need to know about post-click tracking on mobile?

Introduction

This mobile post-click tracking FAQ document aims to make it easier to understand the way we can track a user journey after they click on an ad on a mobile device. This booklet is aimed at people who both buy and sell mobile advertising and need to understand how to track it, but are not necessarily technical experts.

As a result of the output of the IAB UKs Mobile Ad Tech Working Group, this booklet addresses the frequently asked questions in this field. It is worth noting that technology changes very quickly, and although this information was correct at the time of printing some developments and changes in mobile post-click tracking may occur. If you would like more information about this subject or anything in this booklet please contact mobile@iabuk.net.

1

Definitions & Scope

What is Mobile Post-Click Tracking?

Broadly speaking mobile post-click tracking refers to the technology that follows the journey of a user after clicking on an ad on a mobile device. Most often, this technology is used to measure the effectiveness of an ad on a mobile device, for example if a user clicked on an ad promoting a mobile app, post-click tracking is used to understand if the app was then actually downloaded by the user that saw that ad. Post-click tracking can be useful for measuring many different types of mobile advertising, for example if an ad on a mobile device prompted someone to go on to visit a website, download an app, or request further information.

What does the user journey on a mobile phone mean and why is it so important?

When someone sees and clicks on an ad, there are a number of types of user journey that someone might follow on a mobile phone. For example, a user might see an ad on a browser, click, then go to the app store, or alternatively, a user might see an ad in an app, click, and then go to a browser - to name a couple. Later in this document the full list of user journeys will be explored and explained. The reason the user journey is so important is because each one requires a slightly different technology to track it, which causes some confusion in the market and is what this document seeks to clarify.

Can you help me understand if my mobile ad sent someone in store?

This document seeks to only explain further how to measure the user journey on the mobile device and does not cover how to track someone who sees an ad on their mobile and then makes a purchase in store.

Why is post click tracking a particular barrier for mobile compared to online?

On desktop computer, cookie technology has traditionally enabled advertisers to follow the user journey. A cookie is dropped on the browser of every user that sees the ad impression, and will then be able to track the user after they click to see if they go on to convert (i.e. makes the purchase/download/visit etc.) On mobile, however, there are challenges with using this technology due to the variety of operating systems, the app/browser landscape and the unique technical attributes of mobile.

2

Understanding user journeys on mobile

Before we can understand the technical differences in the way you measure user journeys on mobile, it is important to list out the six main iterations of the user journey when they see and click on an ad on a mobile phone and their subsets. This is best understood when looking at the table on the next page, and using the following explanations to get a full understanding of the journeys.

The different user journeys on mobileTo read this chart, start reading from the column on the left, and then follow with the row on the top. E.g Journey 1.i is where the user starts on a mobile website via a browser that accepts tracking cookies, clicks, and then goes to another website via a browser that accepts tracking cookies.

Key

1. Mobile Site to Mobile Site

2. Mobile Site to App Store

3. Mobile Site to Mobile App

4. Mobile App to Mobile Site

5. Mobile App to App Store

6. Mobile App to Mobile App

3

Further explanations of the user journeys

1. Mobile Site to Mobile SiteA user starts on a mobile website, clicks and then goes to another mobile website. In terms of tracking technology however, it matters if the browser they are using to visit the site will accept tracking cookies from a 3rd party. A user most often will use the same browser, however it is also possible for one user to have multiple browsers on their device that might deal with cookies in different ways (as in journeys 1.ii and 1.iii).

Then goes

User starts

Mobile browser

does NOT accept

tracking cookie

Mobile browser

does NOT accept

tracking cookie

Android App

Android App Store

Apple App Store

Android App

iOSApp

iOS App

Mobile browser accepts cookie

tracking

Journey 1.i Journey 2.i Journey 2.ii Journey 3.i Journey 3.ii

Journey 3.ivJourney 3.iii

Journey 6.i

Journey 6.ii

Journey 2.ivJourney 2.iiiJourney 1.iii

Journey 4.i

Journey 4.iii Journey 4.iv

Journey 4.ii Journey 5.i

Journey 5.ii

Journey 1.iv

Journey 1.ii

Mobile browser accepts cookie

tracking

4

A cookie is a text file that is stored on your browser by a websites server, and each cookie is unique to your web browser. It will contain some anonymous information and can only be read by the server that set the cookie. 1st party cookies are set by the website you are visiting and they can only be read by that site. Other cookies, tracking cookies or 3rd party cookies, are set by other websites or technology providers, and therefore the domain is different from the visited website. Most mobile web browsers accept first party cookies, but some mobile browsers do not accept 3rd party cookies. To understand more about Mobile Cookies pleocumen Cookies (http://www.iab.net/media/file/IABDigitalSimplifiedMobileCookies.pdf)

at

A cookie is a text file that is stored on your browser by a websites server, and each cookie is unique to your web browser. It will contain some anonymous information and can only be read by the server that set the cookie. 1st party cookies are set by the website you are visiting and they can only be read by that site. Other cookies, tracking cookies or 3rd party cookies, are set by other websites or technology providers, and therefore the domain is different from the visited website. Most mobile web browsers accept first party cookies, but some mobile browsers do not accept 3rd party cookies. To understand more about Mobile Cookies please refer to the IAB US document Understanding Mobile Cookies.

User starts on a mobile website via a browser that accepts tracking cookies, and then goes to mobile website on the same/another a browser that also accepts tracking cookies.

i. User starts on a mobile website via a browser that accepts tracking cookies, and then goes to mobile website on a different browser which that does NOT accept tracking cookies.

ii. User starts on a mobile website via a browser that does NOT accept tracking cookies, and then goes to mobile website on a different browser that DOES accept tracking cookies.

iii. User starts on a mobile website via a browser that does NOT accepts tracking cookies, and then goes to mobile website on the same/another browser that does NOT accept tracking cookies.

2. Mobile Site to App StoreThis journey starts on a mobile website, and then the user clicks and goes to the app store. The main differences here are between operating systems, where we will look at iOS and Android.

i. User starts using mobile website on Android via a browser that accepts tracking cookies, and then goes to Google Play store.

ii. User starts using mobile website on iOS via a browser that accepts tracking cookies, and then goes to Apple App Store.

iii. User starts on mobile website on Android via a browser that does NOT accept tracking cookies, and then goes to Google Play store.

5

iv. User starts on mobile website on iOS via a browser that does NOT accept tracking cookies, and then goes to Apple App store.

3. Mobile Site to Mobile App This journey starts on a mobile site, and then the user clicks and goes to an app. The main differences here are both between the operating system and if the browser that accepts tracking cookies or not.

i. User starts using mobile website on Android via a browser that accepts tracking cookies, and then goes to an app.

ii. User starts using mobile website on iOS via a browser that accepts tracking cookies, and then goes to an app.

iii. User starts using mobile website on Android via a browser that does NOT accept tracking cookies, and then goes to an app.

iv. User starts using mobile website on iOS via a browser that does NOT accept tracking cookies, and then goes to an app.

4. Mobile App to Mobile SiteThis journey starts on a mobile app, and then the user clicks and goes to a mobile website. The main differences here are both between the operating system and if the browser that accepts tracking cookies or not.

i. User starts on Android mobile app, and then goes to a site via a browser that accepts tracking cookies.

ii. User starts on Android mobile app, and then goes to a site via a browser that does NOT accept tracking cookies.

iii. User starts on iOS mobile app, and goes to a site via a browser that accepts tracking cookies.

iv. User starts on iOS mobile app, and goes to a site via a browser that does NOT accept tracking cookies.

6

5. Mobile App to App StoreThis journey starts on a mobile app, and then the user clicks and goes to their app store. The main differences here are between operating systems, where we will look at iOS and Android.

v. User starts on Android mobile app, and then goes to Android App Store.

vi. User starts on iOS mobile app, and then goes to Apple App Store.

6. Mobile App to Mobile App This journey starts on a mobile app, and then the user clicks and goes to another app. The main differences here are between operating systems, where we will look at iOS and Android. This is a less commonly found journey currently.

i. User starts on Android mobile app, and then goes to another app.

ii. User starts on iOS mobile app, and then goes to another app.

What are the technologies available for tracking user journeys on mobile?

With a clear understanding of the different possible user journeys on a mobile device, it is now important to understand the different technologies available for tracking user journeys.

The table below provides a summary of the different types of measurement technology available to advertisers specific to each user journey.

Cookie

A cookie is a small text file deployed to a browser by a visited website or advertisement that can contain information such as login settings, user preferences, geographic, and demographic information. Cookies allow advertisers, where possible, to identify occurrences on a unique browser and understand the user journeys that take place on that browser.

7

Device ID

Both Android and iOS operating systems offer advertisers a software identifier that is unique to that handset. This means in certain situations, particularly in the app environment, advertisers have access to a unique device code that allows them to track a journey from click to conversion on that particular device. The current Android version is called Advertising ID and the current iOS version is called IDFA.

Then goes

User starts

Mobile browser

does NOT accept

tracking cookie

Mobile browser

does NOT accept

tracking cookie

Android App

Android App Store

Apple App Store

Android App

iOSApp

iOS App

Mobile browser accepts cookie

tracking

Cookie Browser IDs Pixel Tracking Server

to server integration

3rd Party Mobile Measurement Company

Probabilistic ID

3rd Party Mobile Measurement Company

Probabilistic ID

Publisher/ developer specific data

Publisher/ developer specific data

Publisher/developer specific data

Publisher/ developer specific data

If user already has app Advertiser ID

If not opens either app store/site, see journeys 4.i or 5.i

If user already has app, IDFA

If not opens either app store/site, see journeys 4.iii or 5.ii

3rd Party Mobile Measurement Company

Probabilistic ID

3rd Party Mobile Measurement Company

Probabilistic ID

Browser IDs Pixel

Tracking Server

to server integration

Probabilistic ID

Cookie Pixel Tracking Probabilistic

ID

Cookie Pixel Tracking Probabilistic

ID

Cookie Pixel Tracking Probabilistic

ID

Cookie Pixel Tracking Probabilistic

ID

Advertiser ID 3rd Party

Mobile Measurement Company

IDFA 3rd Party

Mobile Measurement Company

Browser IDs Pixel Tracking Server

to server integration

Probabilistic ID

Browser IDs Pixel Tracking Server

to server integration

Mobile browser accepts cookie

tracking

8

o Advertising ID Androids Advertising ID is a software identifier unique to each Android device, which replaced the Android ID in the KitKat OS update of October 2013. The Advertising ID is a string of numbers and letters that is unique to each device but does not contain any user specific information. Furthermore, the Advertising ID is not permanently tied to a device, but can be reset or limited by the user at any time.

o IDFAApples IDentifier For Advertisers (IDFA, or occasionally IFA) is the most recent device identifier that was released with iOS6 in September 2012, replacing the UDID. The IDFA is a piece of code unique to each mobile device, but does not contain any user specific information. Furthermore, the IDFA is not permanently tied to a device, but can be reset or limited by the user at any time.

Browser IDs

There are a couple of unique identifiers available to advertisers when a user is using a browser on their mobile phone - but this exclude app usage for the most part. Firstly, the IP address and secondly the User Agent String.

9

o IP addressAn Internet Protocol (IP) address is a numerical code that is assigned to a device that is connecting to a network that uses the Internet Protocol. Internet service providers assign IP addresses in blocks, so an IP address gives an indication of geographical area as well as give each computer connected in that area a unique code. There are however occasions where a large number of users will be associated with one address, for example a large organisation. Furthermore, in mobile there are challenges with this, as IP addresses can change as the user moves around and uses different cell towers.

o User Agent StringThe User Agent String is a list of keywords that describes the profile of that browser, creating a code based on all the settings of that browsing experience that an advertiser can use as part of identifying unique users. For example, a user agent string will be able to tell us the browser type, the system it is running on. The user agent string on a mobile device will have a slightly different set of information from online as some things for example fonts and plugins arent available, but other information such as screensize may be included in the header.

10

Pixel Tracking

A tracking pixel traditionally refers to a 1x1 pixel that can be requested by an ad-unit or server in order to increment a counter on another server. This pixel can be inserted in ad creative or on webpages without being seen, and will make a server call allowing advertisers to track the user journey.

3rd party Mobile Measurement Company

Some technology companies have created mobile measurement products to help advertisers track user journeys on devices better. These technologies are particularly useful to fill the gaps where for example a device or browser ID may not work, and also by providing a trusted 3rd party angle. By paying a fee to these companies, advertisers can use these solutions to understand a user journey. Each company has developed proprietary technology to make this work, creating a range of methodologies, and these are what cause differentiation between these companies. Examples of companies that provide 3rd party Mobile Measurement include AD-X (Criteo), HasOffers, or Kochava.

Probabilistic ID

Probabilistic ID technologies anonymously create a profile of a user, or a probabilistic ID, based on the aggregation of a range of data available about their device such as device type, browser version, language settings, or time zone. This unique profile is created when the user undertakes an action (such as clicking on an ad) and then when a conversion happens (for example the download of an app). The tracking technology can then match the profiles to determine they are likely to be the same device, and therefore user. Examples of companies that provide this technology include Adtruth, or Tapad.

Server-to-server integration

Depending on the mobile ad server, macros can be appended onto the destination URL in order to track post-click actions. Macros are strings of text that the ad server replaces with other strings of text according to a set of rules. The advertiser would require ensuring an URL (like a pixel) is pinged back to the mobile ad-server in order to record the actions following a click.

11

For this reason, thinking about a users privacy should be on your mind at the

(http://hico.org.uk/for_organisations/data_protection/the_guide) and , (http://ico.org.uk/for_organisations/privacy_and_electronic_communications

nd how do I help them manage their privacy? Who is in control of the data? Do I make sure that this is the minimum data necessary for the task and do I keep it only as long as I need? How do I keep the data secure? Answering these types of questions lays the groundwork for respecting a users privacy.

The ultimate goal should be to create an environment in which users enjoy confidence and trust in the services they access via their mobile devices. Providing transparency and giving users control over their data are tools with which to achieve that. Users generally want to know more than what type of data you use. Tell them you use it and whom you share it with. Remember your audience and use plain English as much as possible when you describe the purpose of the data you process. And think about the context in which

you present this information. Making this available the moment it is relevant

to the user is often the most effective way. EU sel http://www.iabuk.net/EUselfreg symboli the AdChoices icon, http://www.iabuk.net/icon and trust Seal, http://www.edaa.eu/certification-process/trust-sea . Whilst technology-neutral, the self-regulatory initiative was primarily designed for a desktop world and

Publisher / developer specific data

It is sometimes possible to work directly with the owners of websites or apps, i.e. publishers or app developers, to feedback information about how users interacted with the ads that appeared on their properties. This requires a direct relationship between the advertiser/agency and the publisher/developer and will produce data specific to that publisher/developer.

What else do I need to know about post click tracking on mobile?

How do tracking technologies work in the programmatic environment?

Cookies and probabilistic IDs will both work in a programmatic environment. Device IDs (i.e. IDFA and Advertiser ID) are also often accessible via the ad exchanges (in the initial bid request), allowing buyers to map back a device ID to the impression and click event in their mobile demand side platform (DSP) once the ad is delivered. In other words, if the user clicks on an ad and then installs an app for example, mobile demand side platforms will match device ID recorded at the click event with the one of the device that installed the app to their server. There is however a challenge, as many supply side platforms use different methodologies to hash these device IDs. Hashing protects the device ID to keep it private, but the discrepancy in the way SSPs hash complicates unique user identification and understanding of user behaviour post-click. Its also worth noting as mentioned above, using device IDs for programmatic buys will only work for ads delivered in mobile apps.

What are some current best practises for privacy in post click tracking?

The fact that for most people mobile devices are often the most personal devices they own puts increasing importance on meeting their privacy expectations.

For this reason, thinking about a users privacy should be on your mind at the beginning of any campaign or project and not come as a second thought. Start by familiarising yourself with the legal requirements laid down by the Data Protection Act, and the Privacy and Electronic Communications Regulations.

12

For this reason, thinking about a users privac http://po.st/UGCVhL http://po.st/TfnWhF http://www.edaa.eu/certification-process/trust-seal the self-regulatory initiative was primarily designed for a desktop world and work is underway to adapt them for the mob mobile environment, something that is progressing in the US and Euro

Common to them all is a series of some basic questions that you should ask yourself: What data do I collect? How do I gain consent from the user and how do I help them manage their privacy? Who is in control of the data? Do I make sure that this is the minimum data necessary for the task and do I keep it only as long as I need? How do I keep the data secure? Answering these types of questions lays the groundwork for respecting a users privacy.

The ultimate goal should be to create an environment in which users enjoy confidence and trust in the services they access via their mobile devices. Providing transparency and giving users control over their data are tools with which to achieve that. Users generally want to know more than what type of data you use. Tell them why you use it and whom you share it with. Remember your audience and use plain English as much as possible when you describe the purpose of the data you process. And think about the context in which you present this information. Making this available the moment it is relevant to the user is often the most effective way.

These principles build the foundation of the EU self-regulatory programme, for behavioural advertising, symbolised by the AdChoices icon, and the EDAA Trust Seal. Whilst technology-neutral, the self-regulatory initiative was primarily designed for a desktop world and work is underway to adapt them for the mobile environment, something that is progressing in the US and Europe.

13

With thanks to..

Thank you to our Mobile Ad Tech Working Group for their contributions to this document, in particular:

Any questions?

If you have any further questions on this document, please contact the mobile team at the IAB mobile@iabuk.net

14

Follow us: @iabukEmail: info@iabuk.netVisit us: www.iabuk.netCall us: 020 7050 6969

2013-2014