You may have heard of cookies – a small piece of the text file that stores a wide range of information such as your preferred language, location, email address, your name, etc. on your browser by the website you visit. While first-party cookies are created by the website you’re visiting, third-party cookies are created by websites that are different from the website you’re seeing.
For example, Google Analytics creates a cookie when you visit a website for the first time to help publishers measure the traffic. Similarly, if you visit a website with affiliate links or ads, third-party websites (affiliate marketers or advertisers) create cookies for a particular user.
Example of First-party and Third-party cookies on theatlantic.com
For the past two decades, cookies have been the crucial input of digital advertising, powering the free Internet, as you know today. Publishers and advertisers have capitalized on cookies to identify the users across different sessions and websites, which helps them run personalized ads.
This article will guide you through how cookie-syncing or cookie matching, a process that helps advertisers show personalized ads, and its importance in the digital advertising industry.
Table of Contents
- What is Cookie-syncing?
- Importance of Cookies in Digital Advertising
- How does Cookie-syncing work?
- Benefits of Cookie-syncing
- Disadvantages of cookie-syncing
What is Cookie-Syncing?
As cookies are domain-specific, a cookie created by one ad-tech partner cannot be read by another ad-tech partner. Let’s say a user comes to your website, and you drop a cookie to save information (interests, age, location, etc.) for the particular user. Similarly, your third-party analytics providers and ad-tech partners (e.g. ad networks, SSPs, ad exchanges, DMPs, etc.) create their own cookies to store user’s data and identify the same user in the future.
Now, when the same user goes to another website that has the same ad-tech partners, they can recognize the user with the help of their cookie IDs. But what about the DSPs that don’t have direct access to the website? How are they going to know the user and place the right bid? This is where cookie-syncing comes in.
Cookie-syncing is a process that enables the ad-tech partners (SSPs, DMPs, CDPs, and DSPs) to synchronize their cookies and share the incorporated user’s data from different websites with each other. As a result, the DSPs are able to know about the user (interests, demographics, location, etc.) and return the bid response with the right bid and relevant ad creative.
Importance of Cookie-syncing in Digital Advertising
As personalized advertising has grown in importance, buyers need to know how well the visitor matches the advertised product or service. For this reason, they need to identify the visitor and rely on the user’s data to purchase ad impressions in Real-Time Bidding (RTB) based auctions.
During an RTB auction, the bid DSPs place on a given ad impression is linked to the amount of information they have about the particular user. For example, a DSP may bid higher for a known and relevant user, but a DSP is unlikely to bid higher for an unknown user. However, the Same-Origin Policy (SOP) doesn’t allow the DSPs to synchronize the cookies.
As shown in the above example, the ad requests are first sent to the SSP, which passes it to the ad exchange. The SSP has the user’s cookies, but DSP cannot read the cookies until it bids first, wins the auction, and reaches the user. This is where cookie-syncing plays an important role.
Using cookie-syncing, the DSP will identify the user in the future when it buys the ad impressions in an auction held by the same ad exchanges or SSPs for the same user. As the DSP knows the users, it will bid higher, which, consequently, improves the ROI for advertisers and revenue for publishers.
How does Cookie-syncing Work?
Here’s how a cookie sync work,
Let’s assume John, a user, visits theatlantic.com, in which there is an ad exchange – OpenX. Consequently, OpenX has the chance to set their cookies on John’s browser to re-identify him in the future. Henceforth, OpenX knows John with the ID ‘JohnXYZ.’
When the auction starts, OpenX sends bid requests (along with the user ID for John) to a DSP (let’s say The Trade Desk). As the DSP doesn’t know anything about the user, it will create a user ID for JohnXYZ (e.g., John123) in its database and return the bid response. However, the bidding price will be low, and the ad will be less relevant to John.
Now, let’s say that John visits vice.com that has OpenX’ script. This time, OpenX knows that John (the same user from theatlantic.com) has visited Vice. So, it will collaborate with The Trade Desk and both ad-tech partners will synchronize their respective cookies (JohnXYZ and John123). Once the cookies are synced, OpenX and The Trade Desk share the user’s (John’s) data.
Consequently, The Trade Desk finds out John is the same user who visited theatlantic.com before, and John123 and JohnXYZ are the same. As it knows about John’s interests and other details, the DSP will bid higher this time. All of this was possible due to cookie-synchronization.
Now that you have a basic understanding of how cookie-syncing works, let’s dig a little deeper into how cookie-synchronization happens in RTB auctions.
- A user comes to your website (example.com), where you load the ads. The website calls the SSP, enabling them to drop a cookie on the user’s browser. This cookie usually consists of a ‘userID.’ Further; the SSP returns a cookie-sync pixel from the DSP.
- When the cookie-syncing pixel loads, DSP drops their cookie (with the userID) on the user’s browser.
- Now, when DSP’s cookie-syncing is called, the DSP redirects that call to the endpoint provided by the SSP. Via this call, the DSP passes their userID in a query string parameter to the SSP. The endpoint looks like below:
Here buyer_id is the SSP’s internal ID for the DSP, and user_ID is the DSP’s ID for the particular user.
- The SSP reads their cookie for that particular user and stores their user ID alongside DSP’s userID in a ‘match table.’ In the future, when SSP sends a bid request to the DSP, it looks up in the match table if there is any matched user in the table. If it finds one, the SSP sends the userID in the outgoing bid request to the DSP.
Just like above, the SSPs can synchronize multiple DSPs through a series of redirects. Without cookie-syncing, the targeting capabilities of publishers and advertisers would be severely restricted.
Benefits of cookie-syncing
It is almost impossible to re-target the users without cookie-syncing. The process enables the advertisers to drop a cookie in the user’s browser when they first visit the product page. As the user visits your website or any other website, the advertiser leverages cookie-syncing to identify the same user and serve the right ad.
2. Exclusion of converted users
Why would advertisers want to pay for the users who already bought their products or services? There is no use in serving such ads to a converted user. This is why cookie-syncing is needed. It gives the ability to target such users and stop serving the ads and exclusively target those users who haven’t purchased the products/services yet.
3. Interest-based and demographics targeting
Many advertisers require users’ interest-based data and demographics to segment audiences and serve relevant ads that they might be interested in. For example, when a user visits different webpages, the publisher can collect terms or keywords that the user searched for. These users’ information is shared with the advertisers via cookie-syncing.
Disadvantages of cookie-syncing
Since SSPs, ad exchanges, and DSPs heavily rely on cookie-synching, it causes page latency and may result in a negative user experience. According to ID5’ cookie-syncing (user-syncing) report, third-party redirects take an average of 19 seconds on a page and consume 0.8 MB of bandwidth (equivalent to a 15-sec video ad).
2. Privacy vulnerabilities
For publishers, third-party redirects may put them at risk of data leakage and privacy violations. As per a recent study, 81% of publishers had vendors identified as potentially perilous for the brand, and 58% of vendors registered with IAB TCF didn’t include the gdpr_consent parameter in their parameters.
3. Data leakage
Cookie-synchronization and third-party redirects embedded to the ad creatives can cause data leakage. In the same study, it was found that some vendors had no direct relationship with the publishers but were able to monetize their branded audience segments.
We don’t deny that cookie-synchronization has downsides. Every technology, every technique has some. But there is a solution to every problem. In this scenario, a little bit of awareness could mitigate the negative impact of cookie-syncing. For example, take necessary steps to ensure that you’re not losing sight of page speed, partner with trustworthy ad-tech vendors, and keep yourself updated with each privacy compliance (GDPR, CCPA, etc.). Besides, the benefits of cookie-syncing greatly outweigh the disadvantages. Couldn’t find what you’re looking for? Let us know in the comments.