Nathan Darst, Author at Kochava

WWDC 2022: Updates to SKAdNetwork and Silence on Private Relay

Nathan Darst — Thu, 09 Jun 2022 22:07:56 +0000

Did you miss WWDC 2022? Kochava has the breakdown for you.

Apple’s Worldwide Developers Conference (WWDC) 2020 and 2021 came out with major updates to privacy that impacted mobile marketers for years to come in the iOS space. It’s no surprise everyone was waiting with bated breath to see where Apple would take us with WWDC 2022 announcements around iOS 16. While there were certainly going to be some updates for iOS 16, the big worry by many, and hope by others, was the anticipated expansion of Private Relay.

Private Relay is somewhat of a quasi-VPN, obscuring consumers identifying IP address information and assigning those individuals with a more general IP address based on regional location. The feature already existed for iCloud users but was not turned on by default and had remained in beta. While many Kochava customers do not rely on any probabilistic signal for attribution and therefore this change would not impact them – there are those in the industry that do leverage it. Kochava provides industry leading support for SKAdNetwork, focused on delivering attribution capabilities in-line with Apple guidance.

While Apple has not yet enforced their guidance against using identifiable information (like IP address) for the purpose of targeting or attribution, many (including us) thought the expansion of Private Relay would be the selected strategy for enforcement and would be announced at WWDC 2022. The absence of expanded roll-out is telling – but we remain convinced that Apple will enforce their guidance eventually and we suspect that they have been waiting for forthcoming innovations with SKAdNetwork 4.0 (described further later) before they engage in enforcement.

WWDC 2022 gave us a great breakdown of additional functionality for Apple’s SKAN and all of its new features. SKAN received a massive increase in attribution after June of last year when Apple released iOS 14.5+ but it was always seen as limited. Thankfully, Apple addressed many of these issues and is planning on making some needed improvements, but the number of changes could overwhelm even the most well-versed iOS marketers. Luckily, we have the analysis you need.

Note that new SKAN 4.0 functionality is not yet available and according to Apple is “coming later this year” although no specific date was shared. Until that time, SKAN 4.0 functionality remains largely conceptual and we cannot yet thoroughly test the new functionality announced. Having said that, Apple did a good job of covering what to expect and the Kochava team will be implementing full support for SKAdNetwork 4.0 once available.

SKAN 4.0 includes four major updates:

Hierarchical IDs
Multiple conversions
Web-to-app attribution
SKAN testing improvements

Hierarchical IDs

Crowd Anonymity Tiers

Historically, Apple has not provided much information around the privacy threshold which determines the minimum amount of attributed volume which must be met before conversion values will be included in postbacks. With SKAN 4.0, Apple has finally defined three tiers of “crowd anonymity” based on attribution volume: low, medium, and high. With each tier, more granular data becomes available within the postback. Note that Apple still does not provide precisely what the thresholds are for each tier — only that with more attributed volume each tier is reached.

Source Identifier

SKAN 4.0 replaces the 2-digit campaign identifier field from the ad impression with a new 4-digit ‘source identifier’ field. This field should be thought of as a ‘conversion value’ equivalent for the ad impression, but should not be thought of in terms of bits, as each of the 4 digits becomes available as higher tiers of crowd anonymity are reached.

Similar to conversion values, these 4 digits could be used to represent different data. However, unlike conversion values, Apple obfuscates certain digits based on the level of crowd anonymity, which means each digit (not each bit) should represent something meaningful. Apple used the following model as an example:

Digit #4 = Ad placement bucket
Digit #3 = Date bucket
Digit #1,2 = Campaign ID

As you can see, like conversion values, models could be defined to interpret each digit differently per customer based on needs.

Coarse Value

SKAN 4.0 introduces a new value which is set along with the conversion value in the advertiser app named the ‘coarse value’. This coarse value can be set to one of three possible values (we’ll use “a”,”b”, and “c” in this blog) and is included in postbacks in place of the conversion value when the crowd anonymity tier restricts the conversion value. In other words, when the attribution volume is too low to allow the conversion value to be shared, the coarse value will be included in its place. Note that the coarse value and conversion value are mutually exclusive; the coarse value cannot be used in tandem with the conversion value in terms of the conversion model.

Example

How the tier of crowd anonymity impacts each hierarchical value in the postback:

Crowd anonymity tier	Source identifier “1234”	Coarse value “b”	Conversion value “32”
Low	0034 (digits 2-1)	(excluded)	(excluded)
Medium	0234 (digits 3-1)	b	(excluded)
High	1234 (all 4 digits)	(excluded)	32

Multiple Conversions

As of SKAN 4.0, up to 3 postbacks are delivered and bucketed by time of conversion with a maximum window of 35 days since install. This is a great innovation! The time buckets are: 0-2 days, 3-7 days, and 8-35 days. In short, the last conversion to take place within a given time bucket is sent at the end of the window. This is a departure from the concept of the 24 hour timer, and it means:

The SDK does not have to attempt to “keep the 24 hour window open” using valuable bits.
It may no longer be necessary to allocate bits to time windows as the postback will reflect the time window, and the conversion value itself will only be available during the 0-2 day window.
In the current implementation support for SKAdNetwork within Kochava, the Conversion Bit Modeler has been built to make up for current SKAdNetwork limitations and as a result – used valuable conversion bits. Using these new capabilities in 4.0 means that more bits can be used moving forward for optimization.

Install vs Re-engagement

Additionally, Apple stated the conversion value itself will only be available within the initial 0-2 day postback. The 3-7 and 8-35 day postbacks do not include the conversion value and instead include only the coarse value. Apple’s intent is that the 3+ day postbacks are used primarily for re-engagement. Interestingly, this suggests that the more granular conversion value is lost after the first 2 days with the trade off being that a coarse value is available up to 35 days later. It also may impact the landscape of conversion models if a conversion model is only good for day 0-2.

Note: It was mentioned that the conversion value may increase or decrease with SKAN 4.0, which suggests that the conversion value will not have to increase with each call. However, Apple did not elaborate on this.

Example

How the days since install will determine whether the coarse value or conversion value is included in the postback:

Day Since Install	Coarse value “b”	Conversion value “32”
0-2	(excluded)	32
3-7	b	(excluded)
8-35	b	(excluded)

Web-to-App Attribution

In short, this is URL link-based attribution. It’s certainly not as robust as something like the Google install referrer, but it should be thought of in a similar manner as it allows for an install to be attributed (albeit anonymously) to a URL-based link. The ad network is responsible for generating this URL-based link, which is specific to an ad impression, in a SKAdNetwork-compliant manner and then providing it to the publisher app. From there, the rest of the flow works as it does today.

There are plenty of steps required for the ad network to generate the link, but they won’t be covered here. The burden in implementing web-to-app attribution is placed almost solely on the shoulders of the advertising network. The publisher app needs only to embed the resulting link provided by the ad network, and the SDK (advertiser app) continues to implement standard SKAdNetwork API calls.

SKAN Testing

Apple added a variety of new testing tooling to help facilitate SKAdNetwork testing, which is going to be a big help for developers. Historically, this has been a significant pain point as the developer was forced to largely re-create the entire publisher to advertiser app flow in order to test anything.

While this year’s WWDC announcements didn’t change the game as much as some had predicted, it’s clear that Apple and much of the industries are moving toward expanding privacy-first features. Kochava will support these new features to ensure that our customers don’t miss any opportunity to leverage and can maximize focus on growth.

It’s important for developers and UA managers to stay informed about these changes, so be sure to sign up for our newsletter, where we will discuss these developments and more from last year, this year, and many years to come.

The post WWDC 2022: Updates to SKAdNetwork and Silence on Private Relay appeared first on Kochava.

Apple’s AppTrackingTransparency (ATT) Framework and You

Nathan Darst — Wed, 27 Jan 2021 17:26:56 +0000

What the ATT framework means for your advertising measurement

January 28th is Data Privacy Day at Apple, and with it comes Apple’s announcement that the AppTrackingTransparency (ATT) framework will go into effect with its next beta update with broad roll out in early Spring.

“And starting soon, with Apple’s next beta update, App Tracking Transparency will require apps to get the user’s permission before tracking their data across apps or websites owned by other companies. Under Settings, users will be able to see which apps have requested permission to track, and make changes as they see fit. This requirement will roll out broadly in early spring with an upcoming release of iOS 14, iPadOS 14, and tvOS 14…”

That the market’s reaction to Apple’s AppTrackingTransparency (ATT) framework has been varied is no surprise. Since it was first announced at Apple’s 2020 Worldwide Developer Conference (WWDC) in June, different mobile measurement partners (MMPs) have come forward with various approaches to continue providing meaningful advertising measurement in the new reality created by Apple. The true extent of the ATT framework’s impact on digital advertising measurement requires a careful review of how it intersects with Apple’s User Privacy and Data Use Policy.

In this post, the following key points will be addressed:

What does the ATT framework mean for your advertising measurement?
How is Kochava approaching ATT?
How are other MMPs approaching ATT and why does it matter?

The ATT framework and your advertising measurement

Apple’s privacy policy states:

“With iOS 14, iPadOS 14, and tvOS 14, you will need to receive the user’s permission through the AppTrackingTransparency framework to track them or access their device’s advertising identifier.”

This means that to gain access to a user’s IDFA and perform certain “tracking”, your app must prompt a user with the ATT dialogue and obtain their permission via opt-in. However, what constitutes “tracking”?

Apple’s privacy policy states:

“Tracking refers to the act of linking user or device data collected from your app with user or device data collected from other companies’ apps, websites, or offline properties for targeted advertising or advertising measurement purposes.”

This means that if a user chooses not to opt-in through the ATT framework, not only will you not get access to their IDFA, but you’re also restricted from passing their user or device data off their device for the purpose of combining that with another company’s data to perform advertising measurement (a.k.a. attribution). “Another company’s” data is essentially interchangeable with paid media. This means that without opt-in, paid media attribution insights will be isolated to Apple’s SKAdNetwork. Owned/non-paid media would be an exception—allowing you to perform attribution between two apps within your own publisher account based on the identifier for vendor (IDFV). This would be sharing your own first-party data among your own apps, not those of another company. Thus, cross-promo opportunities should be a key factor in your future growth strategy if you have a portfolio of apps.

Is there an exception for probabilistic or fingerprint forms of attribution that don’t require an IDFA and aren’t deterministic in nature?

While probabilistic attribution for opt-out users seemed like a viable option in the early weeks and months that followed WWDC, Apple subsequently provided additional clarity within a Q&A section of their privacy policy. The following is an excerpt on a specific question and answer.

Excerpt from Privacy Q&A:

Q: “Can I fingerprint or use signals from the device to try to identify the device or a user?”

A: “No. Per the Developer Program License Agreement, you may not derive data from a device for the purpose of uniquely identifying it. Examples of user or device data include, but are not limited to: properties of a user’s web browser and its configuration, the user’s device and its configuration, the user’s location, or the user’s network connection. Apps that are found to be engaging in this practice or that reference SDKs (including but not limited to Ad Networks, Attribution services and Analytics) that are, may be rejected from the App Store.”

This clearly leaves no ambiguity. Probabilistic and fingerprint methods of attribution that leverage IP address, device user agent, and other contextual device attributes in lieu of the IDFA are also prohibited in the absence of ATT opt-in. This means that paid media run on mobile web channels cannot be attributed by probabilistic or fingerprint methodologies if the user DOES NOT opt-in through your app’s ATT prompt. If a user DOES opt-in to ATT, then probabilistic or fingerprint methodologies can still be leveraged to attribute to media outside of an iOS app when IDFA wouldn’t be available from the source.

Once again, owned media is an exception. Probabilistic and fingerprint methods of attribution are permitted when attributing user conversions to owned media run on mobile web channels since this would still be matching first-party data to other first-party data, and not that of another company.

So, what will your attribution look like post-ATT enforcement? The answer depends on who your MMP is.

How Kochava is approaching ATT

Collecting ATT status

To begin, Kochava is working with all media partners to pass ATT status on clicks and impressions coming from your marketing campaigns.

ATT=0 indicates that either the user has been prompted and chose to opt-out, OR they have not yet been prompted.

ATT=1 indicates that the user has been prompted and chose to opt-in.

For advertisers, Kochava has published an iOS SDK that supports seamlessly passing ATT status. Download our Native iOS SDK, or supported wrappers (Unity, Xamarin, Cordova, etc.) here. Documentation has also been published to support advertiser clients using our server-to-server (S2S) integration. View S2S support documentation here.

Attribution eligibility based on ATT status

Once Apple begins enforcement of ATT, Kochava will start identifying advertiser and media partner traffic sent to Kochava iOS apps as consented (opt-in), non-consented (opt-out), or not subject to ATT (eg, mobile web). Traffic identified as non-consented will not be eligible for MMP attribution or any form of linking to another company’s data. SKAdNetwork will be the only form of attribution available for non-consented users. As discussed earlier in this document, owned media is the exception, since it’s comparing first-party data to other first-party data.

The table below outlines attribution methods available based on a variety of ATT scenarios. Attribution eligibility will be dependent on the ATT status of the user in both the advertised app and the source where the ad interaction occurred (paid vs. owned media and in-app vs. mobile web). For Kochava to perform deterministic attribution on ATT opt-in users, please refer to our support documentation on configuring our SDK to handle your app’s ATT prompt timing.

About the SKAdNetwork

Per the table below, Apple’s SKAdNetwork will play a pivotal role in providing attribution and campaign performance insights post-ATT enforcement. Kochava offers holistic advertiser support for SKAdNetwork, which will position you to continue driving successful growth efforts on iOS. Visit Kochava.com/SKAdNetwork-for-Advertisers to learn more.

How are other MMPs approaching ATT & why it matters

From the attribution hash to aggregated attribution, and a cross-customer identity graph, the approaches to providing continued attribution in the face of the ATT framework are varied across the competitive MMP landscape. Due to the implications for advertisers using these MMP approaches, it’s important to address viability concerns related to each.

Attribution hash

The Attribution hash was one of the first solutions proposed to mitigate the impact of ATT. The idea was to create a hash from the IDFA/IDFV on the demand side for both opt-in and opt-out users. The hash could then be used to attribute to ad signals of opt-in users. Unfortunately, this technique was not viable as it relied on the SDK accessing the IDFA without first obtaining the user’s ATT permission. In addition, hashed or not, the IDFA would still be sent off of the device, regardless of ATT permission status, and linked with another companies’ data, which Apple has clearly said is prohibited in instances where ATT opt-in is not present. In cases where ATT is applicable, consent must be obtained on both sides for attribution to occur.

Aggregated attribution

Aggregated attribution seeks to take the IDFA and/or other user/device data, regardless of ATT permission status, and process attribution matching at the row-level, but then ONLY surface aggregated reporting to advertisers and their partners, not exposing the row-level/user-level data. It relies on the continued use of probabilistic attribution of users who have opted out of tracking. While the final output of data is aggregated and anonymous, the solution at its core still relies on sending user/device data off the device for linking with other companies’ data. This is out of alignment with Apple’s User Privacy and Data Use Policy, which is applicable not only to the app owner (advertisers, publishers) but any SDK activity within their app. MMPs are no exception from Apple’s point of view.

Cross-customer identity graph

Cross-customer identity graphs work by linking device IDs, IP addresses, user agents, and browser cookies when they are available on an attributed click and install. By logging these connections, the MMP can reference it for attribution on another customer’s app where one or more of these attributes are missing, resulting in attribution that would otherwise not be possible. This can be thought of as a co-op among an MMP’s customers, where the benefit is an increased number of attributions and resulting insights. However, if this method is used for opt-out users, it is out of alignment with Apple’s User Privacy and Data Use policy due to the reliance on combining one app’s data with the data of not just one but many other companies.

Why it matters which approach you choose

The following is an excerpt from Apple’s privacy policy Q&A:

Q: “I have integrated an SDK from another company. Am I responsible for the data collection and tracking of users of my app by that company?”

A: “Yes. Developers are responsible for all code included in their apps. If you are unsure about the data collection and tracking practices of code used in your app that you didn’t write, we suggest contacting the developer of the SDK.”

This means you’re responsible for all data collection in your app, even the data collected by a third-party SDK, like that of Kochava and other mobile measurement providers (MMPs). You’re also responsible for how that data is used after it leaves the device. This is why Kochava is strictly adhering to both the letter and the spirit of Apple’s User Privacy and Data Use Policy. This ensures that our clients have absolute peace of mind that the data collected by our SDK and how it’s used (with ATT opt-in) or NOT used (with ATT opt-out) for advertising measurement purposes is 100% in alignment with Apple’s guidelines.

As we look toward ATT enforcement in early spring, be sure you understand the approach your MMP is taking with ATT and how they intend to use the data collected from your apps. In the event that your MMP’s data use practices are considered to be in violation of Apple’s user privacy and data use policy, Apple reserves the right to remove your app from the App Store because of it. That’s why it’s vital to understand right now whether your MMP’s approach follows Apple’s policy.

If you want to discuss the Kochava approach to Apple’s AppTrackingTransparency (ATT) framework, or other approaches in the space, we’re here to help. Contact us for a consultation on your ATT strategy.

Vivian Watt – Product Manager
Kochava

The post Apple’s AppTrackingTransparency (ATT) Framework and You appeared first on Kochava.

Kochava Releases Beta SDK for iOS 14

Nathan Darst — Fri, 04 Sep 2020 18:08:04 +0000

Get ready for the AppTrackingTransparency (ATT) framework and SKAdNetwork.

The Kochava beta SDK for iOS 14 is now available and offers a great opportunity for advertisers to work with their developers in preparation for the upcoming changes to their iOS apps.

Note to Developers: Apple’s Swift Packages allow for a simpler and more seamless integration of an SDK as an XCFramework. While Swift Packages are not new to iOS 14, Kochava will begin utilizing this as the distribution model for the iOS 14 SDK and future iterations.

Because this SDK release is a major update, it is integrated differently and some function names have changed. This will require some light lifting on your behalf. Support documentation features code examples for V3 and the new V4, allowing you to see the differences.

Quick Resource Links

Download Beta SDK

Visit Support Doucmentation

Key points for consideration

IDFA collection flow in relation to the AppTrackingTransparency (ATT) framework
SKAdNetwork readiness
Support for App Clips

IDFA collection and the AppTrackingTransparency (ATT) framework

In prior versions of the Kochava iOS SDK, in order to gather Apple’s identifier for advertisers (IDFA) the SDK would ask the operating system (OS) for it. In the event that Limit Ad Tracking (LAT) was enabled, the IDFA was null, otherwise the IDFA was provided. This approach had virtually zero lag time, and the install was sent immediately with the provided IDFA. As of iOS 14, the SDK can no longer ask for the IDFA immediately but must wait for the user to first be prompted through the ATT framework.

The user’s response dictates whether the IDFA can be collected. This is similar to other permission-based collections, like location.

This new flow introduces several challenges which we surfaced in a previous blog post from our Lead SDK Engineer.

Challenge #1: The Install

For the IDFA to be included within the install signal, the SDK must wait for both the developer to prompt the user for tracking authorization and for the user to answer that prompt (it is up to the developer to choose when to prompt the user). This means that install signal quality heavily depends on when the user is prompted for tracking authorization. Prompting too soon may result in significantly less tracking authorization while prompting too late may result in lower quality or latent install signal. Curating that experience for the user will be an important aspect of UX and design going forward.

Challenge #2: Attribution Results & Deferred Deep Linking

Attribution cannot take place until the install signal has been sent. On its own, delayed attribution is not an issue. However, it can pose significant challenges for those leveraging attribution results for time-sensitive deferred deep linking. Striking a balance between tracking authorization and timely deferred deep linking will be a challenge, but Apple’s new App Clips can be leveraged to overcome this challenge and also provide a more deterministic and seamless deferred deep link experience than before.

Challenge #3: Click and Install IDFA Parity

A significant and overarching issue with a permission-based IDFA is that tracking authorization parity between the click and install signal becomes hard to achieve. While a user may authorize tracking within an app serving an advertisement, the same user may not also authorize tracking in the app for which the advertisement was targeted. This can result in a click which contains an IDFA and install signal which does not or vice versa.

We encourage advertisers and their developers to carefully consider the best approach to handling the timing of ATT prompting and sending of the install. Here are four different options you can choose from.

Option 1 is now available with the beta SDK, and will also be included in the upcoming production SDK to be released based on Apple’s launch timing for iOS 14. Options 2-4 do not require the new SDK.

Option #1: SDK awaits tracking authorization

RECOMMENDED

Available Attribution: Deterministic with opt-in. Probabilistic attribution (see iOS 14+ restrictions) in certain scenarios.

Now available with the beta SDK and upcoming production SDK release. In this scenario, the SDK will allow for the collection of the IDFA following a time-based wait interval or upon receipt of an update to the tracking authorization status.

How it works:

App launches
Developer starts the SDK with a set maximum wait interval
• 30 seconds is recommended
SDK awaits tracking authorization prompt results
Once tracking authorization results are known (or the wait interval is reached), the SDK will proceed with IDFA collection
If the user ever changes their tracking authorization status, the SDK will send an update accordingly

See Related Support Documentation.

Option #2: SDK started immediately

Available Attribution: Probabilistic ONLY

In this typical scenario the SDK is started immediately upon app launch. As of iOS 14, the IDFA will not be included in the install payload, but if and when tracking is authorized in the future, an updated IDFA will be sent.

How it works:

App launches
Developer starts the SDK immediately, at which time the install signal egresses from the device without an IDFA
Sometime in the future, the developer prompts for permission and the IDFA becomes available
The SDK sends an updated payload with the IDFA

Option #3: SDK started after permission

Available Attribution: Deterministic with IDFA opt-in. Probabilistic without IDFA opt-in.

In this scenario, the developer does not start the SDK until after permission is given. Once started, the SDK will send the install and proceed normally.

How it works:

App launches
Sometime in the future, the developer prompts for permission and the IDFA becomes available
Developer starts the SDK, and the SDK collects the IDFA

Option #4: Event queuing – Sleep SDK until after permission

Available Attribution: Deterministic with IDFA opt-in. Probabilistic without IDFA opt-in.

In this scenario, the SDK is started but is put to sleep which means events can queue, and the SDK can be used as if it had been started. However, the SDK will not proceed with the install until the developer wakes it up after the user grants or declines permission.

How it works:

App launches
On the first launch of the app, the developer starts the SDK but puts it to sleep, which prevents the IDFA from being collected
Developer may queue events to be sent while the SDK is sleeping
Sometime in the future, the developer prompts for permission
Developer wakes the SDK, which allows the SDK to collect the IDFA
The SDK begins sending any queued events
On future launches, the developer does not put the SDK to sleep

SKAdNetwork readiness

The SDK for iOS 14 will handle all of the heavy lifting for SKAdNetwork on behalf of advertisers. There are no code changes required; developers will just need to include our AdNetwork SDK module in order to utilize the built-in SKAdNetwork functionality.

Action Item for Advertisers
To best take full advantage of the SKAd conversion models discussed in this blog post, now is the time to ensure that you’re tracking all of the in-app events and any revenue metrics that you would like to factor when configuring your conversion model.

For example, if you plan to leverage the User Journey conversion model, be sure you’re tracking key events down-funnel of the install. This will provide ample varieties of user journey event sequences, which can each include up to three events.

Update or add any needed events and metrics now, so you can maximize quality performance insights on your SKAdNetwork campaigns.

Support for App Clips

While you cannot yet register App Clips with the App Store, it’s important to call out how Kochava will support them. No separate SDK version will be required for App Clips. You can leverage the same SDK in both your full app and App Clip.

Two additional steps will be required when configuring App Clips with Kochava.

Use separate Kochava app GUIDs for the app clip and full app.
- The App Clip and full app should not use the same Kochava app GUID. For an App Clip, you will need to create a separate app profile in your Kochava account with the platform type set to “iOS – App Clip.” That app GUID should be passed to the SDK during configuration of your App Clip. Your full iOS app should be a separate app profile with the platform type set to “iOS.” That is the app GUID to pass to the SDK during configuration of your full app.
Pass the App Clip’s invocation URL to the SDK’s Process Deep Link API.
- When the App Clip is launched via a Universal Link invocation URL, pass this URL to the SDK’s existing Process Deep Link API as soon as possible, just as you would any other deep link. For complete instructions on how to use the Process Deep Link API, see this support documentation.

Stay up to date on the latest information on iOS 14 and Kochava. Visit our iOS 14 Resource Center.

If you have questions regarding, please contact your Client Success Manager or email Support@Kochava.com.

Nathan Darst – Lead SDK Engineer
Kochava

The post Kochava Releases Beta SDK for iOS 14 appeared first on Kochava.