Say Bye Bye To Your Advertising ID
In the past few years, a change in users’ privacy has been happening in the mobile realm. This change has been initiated by Apple, but others (Google) are following suit. If you are an application developer, you may not have noticed it or have not been aware of it. If you happen to have advertisements in your application, then you already know what I am talking about.
So, what’s the big deal now?
Well, starting from Android 13, users with an Android device can delete their phone’s advertising id. And if that is not enough, applications that want to use that Advertising ID, must now have permission requesting it in their application’s manifest file.
In The Beginning
Let’s take things back a bit.
At first, each phone was identified by a unique advertising id. In layman’s terms, this was a UUID string that allowed advertisers to identify the phone, and more specifically, the person using it. This was done in similarity to what cookies do in browsers on computers. What followed suit enabled advertisers to associate a user’s behavior on a specific application with behavior he/she performed on any other application and gather insight about him/her. Then, they (advertisers) could cater more precise advertisements to that user.
For a time, everything stayed the same. Privacy and user data were not the most important topics and the advertising id was left untouched by changes in operating systems. Apple had its UDID (Unique Device Identifier) and Google had its AAID (Android Advertising Id).
In 2012, Apple removed its device’s UDID and replaced it with what is called an IDFA (Identifier For Advertiser). Google followed suit and replaced its AAID with an advertising id for Android.
You might be asking yourself, why Apple and Google decided to reshuffle the deck 🎴
As privacy became more and more of an issue, Apple’s UDID was tied directly to a device and could not be changed at all. This meant that a user’s device could be directly identified and linked to the user. It also didn’t grant the user any leeway in opting out of being tracked. That’s where the IDFA was different as the user could decide to reset it if he/she pleased. Later on, an option was also made available to opt-out of behavioral tracking, also known as Limited Ad Tracking (LAT).
More so, with the release of iOS 6, Apple introduced a new identifier called IDFV (Identifier for Vendor). What this meant is that there was a single identifier for all applications from the same publisher from a specific device. While not specifically identifying a user in an application, it let advertisers collect information about a user across several applications from the same publisher. Once a user uninstalled all the applications that were related to the same publisher, the IDFV was deleted and did not persist when the user decided to install an application from the same publisher afterward.
The story doesn’t end here, though.
Present Time
As Apple declared itself a company that protected its users’ privacy, in 2020, as part of iOS14, Apple decided that every application that wants to use the device’s IDFA, must request approval from the user first. This was the infamous Application Tracking Transparency Framework that was introduced in iOS14. It showcased a dialog that had to be shown to users (it could only be shown once) that requested their permission to be tracked. If the user opted in, then you could get their IDFA and use it.
👉 If you would like to read more about this, I wrote an article describing these changes and you can check it out here
Google, always one step behind Apple, is introducing a new advertising identifier themselves, which is similar to IDFV, called AppSetId. This identifier is also shared between applications from the same publisher, but cannot be used for advertising at all. In their press release, Google stated:
⚠️ “You cannot use app set ID for ads personalization or ads measurement.”
AppSetId is only meant to be used for fraud detection and analytics. If this doesn’t seem like enough, the AppSetId automatically resets itself when:
- All the publishers’ applications are uninstalled from the device
- None of the publishers’ applications has accessed the ID in 13 months
Seems like in the not so distant future, having an identifier for users on applications, may not be available.
The Future
As of writing this article, not having the AD_ID permission in your manifest does not mean you won’t have access to the advertising identifier. Even though Google has stated that it will start enforcing advertising id changes from April 1st, 2022, the reality is more or less stayed the same.
The most recent Android 13 OS release is Beta 3, and you can still get the user’s advertising id without the required permission. But until there will be an official release, sometime in late summer, things can change.
So what can you do? Whether you are an application developer or an advertising company, how will you keep your business afloat?
Some of you may be thinking that a way to work around all of these restrictions is to create a unique id for each user of the application, instead of relying on what the platform provides. Thing is, that is completely forbidden.
Taken from here:
“Apps using a persistent ID other than the advertising ID may receive a policy violation warning via the publisher site or the email address used to register the account.”
Frankly, there isn’t much you can do. There is a duopoly in play here and they set the tone for the whole industry. You can only adapt to the changes they are making and try to make sure your business gets affected as little as possible.
As the saying goes:
