Mobile ad networks have been busily stress testing SKAdNetwork in preparation for Apple’s IDFA changes – but they’ve been doing so with one arm tied behind their back.
For months, two of the most crucial pieces of information necessary for attribution were absent in the postbacks coming from SKAdNetwork, which is Apple’s API for enabling ad networks and advertisers to attribute installs directly from the App Store.
Independent analyst John Koetsier first called attention to the issue in late October.
The first missing bit of info was conversion value, a time-limited mechanism for post-install measurement, and the other was source app ID, which is the publisher app where an ad ran. Proper attribution is impossible without both of these parameters in place.
Although conversion value and source app ID were both supposed to have been added to an updated version of SKAdNetwork released in June, it took more than four months for Apple to make them available.
On Nov. 6, without fanfare or any sort of announcement, Apple finally fixed the problem and mobile ad platforms, such as ironSource, and attribution companies, such as AppsFlyer, started receiving postbacks with conversion value and source app ID included.
“The major showstopper which prevented advertisers from really testing SKAdNetwork is now removed,” said Barak Witkowski, general manager of AppsFlyer.
Testing, testing
To be fair, there were some things that ad networks, developers and advertisers could begin testing even without conversion value and app source ID.
The redownload ID within SKAdNetwork was functional, for example, said Yevgeny Peres, VP of growth at ironSource.
Networks and mobile measurement providers could also do the necessary prep work to arrange the intricate set of relationships necessary to allow data to flow between partners. That part of the process was not dependent on the missing fields.
Ad networks need to be able to send cryptographically protected postbacks collected from the iOS device itself to an advertiser’s mobile measurement partner. The MMP then has to respond to the ad network with a translation to decrypt the postback. This is done to avoid install fraud. The MMP is the only entity that knows what an advertiser’s conversion value refers to. From there, attribution information is made available to advertisers in the SKAdNetwork dashboard.
“Everyone in the SKAdNetwork protocol has to play their role correctly for this to work,” Witkowski said.
Now that Apple has instituted its fix and SKAdNetwork 2.0 is functional, developers and their partners can move forward with their testing, Peres said, despite the fact that they still don’t have full visibility into the real-world impact of Apple’s AppTrackingTransparency framework.
That, Peres said, will depend on opt-out rates when the ATT framework goes live.
Clock is ticking
Even with conversion value included in postbacks, advertisers are quite limited in what they can measure through SKAdNetwork. And that’s by design. Apple is purposely making it difficult for anyone to figure out a user’s identity.
Once the SKAdNetwork API is called for the first time, for example, a 24-hour timer is set. An app is allowed to share a conversion value within that window that corresponds to a six-bit number with values between zero and 63. The 24-hour window renews with every subsequent call that includes a higher value than the previous conversion value.
When the first timer expires, Apple sets a second timer with a random duration between zero and 24 hours, during which time it’s no longer possible to call the API. When the second timer expires, the device sends the postback to the ad network, which sends it to the MMP – etcetera.
“Not only do you have limited data that can be passed, you’re dealing with this complex timer mechanism,” AppsFlyer’s Witkowski said. “And so advertisers now have to think about something they never had to before iOS 14: What should they measure with these bits of data and what are the pros and cons of keeping the timer alive?”
Despite these inherent constraints, however, conversion value is the only mechanism that advertisers can use to tie post-install downstream activity with a specific campaign.
Privacy threshold
And here’s another wrinkle. In its documentation about verifying an install validation postback, Apple refers to the concept of a “privacy threshold” that must be met in order for conversion value and/or the source app ID to appear.
Apple does not define what the privacy threshold is or what needs to be done in order to satisfy that requirement, and until it does so, “we just don’t know,” said ironSource’s Peres.
Without conversion value and source app ID, an advertiser might only know that a conversion happened, and pretty much nothing else about it.
It’s “definitely another gray area,” said Shamanth Rao, CEO and founder of mobile user acquisition startup Rocketship HQ.
“While I see why Apple would want to put a privacy threshold to prevent indirect attribution of users, the opacity around this makes it harder for marketers to plan their strategy around SKAdNetwork,” he said. “For instance, if the privacy threshold is so high that there are very few conversions available, then that defeats the entire purpose of conversion values.”
And the clock is ticking.
Apple’s IDFA changes were postponed until “early next year,” but early next year is less than two months away, and it’s uncertain whether SKAdNetwork – or the mobile ad ecosystem – will be ready for prime time in time.
“While there certainly is going to be time to simulate performance before the change kicks in, there still won’t be anything close to adequate preparation, because it’s going to be hard to infer how CPMs will behave or how user behavior will change,” Rao said. “And those will fundamentally impact how well SKAdNetwork will function for marketers.”
