Understanding Identity in Digital Advertising
Anybody who’s worked in digital advertising knows that identity is the backbone of this entire ecosystem. Whether it’s targeting the right audience, capping how many times someone sees an ad, or measuring conversions, identity signals make it all possible. But while the concept of identity feels obvious to most ad tech pros, the mechanics behind it are often less clear. How exactly do publishers establish user identity? How do platforms process these signals to enable advanced advertising features? Let’s unpack all of this.
This guide will cover:
• The major types of identity signals
• How publishers collect and transmit these signals
• The pros and cons of each identity type
• Where each identity signal is heading in the future
What is an Identity Signal?
Let’s start with the basics. An identity signal is essentially a unique value tied to a user, their device, browser, or even personally identifiable information (PII) like an email address or phone number. These signals are created by websites, publishers, identity vendors, or operating systems and passed along to advertisers via SSPs (supply-side platforms).
Advertisers use these signals to:
1. Target audiences based on attributes, behaviors, or interests.
2. Cap ad frequency to avoid overexposing the same user.
3. Measure outcomes, like clicks and conversions, by tying ad exposures to user actions.
To get into the weeds, let’s break down how each signal works, starting with the oldest kid on the block: cookies.
Cookies
What Are They?
Cookies are small text files stored on a user’s browser by websites. When it comes to advertising, the focus is on third-party cookies—files dropped by ad platforms rather than the website the user is visiting.
How Do Cookies Work?
Imagine this: You visit a snowboard website. A cookie with a unique ID like “1234” is dropped on your browser. The website’s SSP reads that cookie and attaches your ID to an ad request. Now advertisers on DSPs (demand-side platforms) can use that ID to show you snowboard ads. The process becomes more complex with cookie syncing, where different platforms map their unique IDs for the same user (e.g., “1234” for the SSP becomes “5678” for the DSP).
Pros:
• Easy to implement and universally supported on the web (for now).
• Enables cross-site tracking and retargeting.
Cons:
• Privacy nightmare: Users often don’t know cookies track them across sites.
• Fragile: Many browsers, like Safari and Firefox, already block third-party cookies.
• Dependent on Chrome: Google keeps pushing back its cookie deprecation plans, but the writing’s on the wall.
Future Outlook:
Cookies are hanging by a thread. Chrome’s planned cookie consent system will likely limit their reach even further. While they’re not dead yet, relying on them long-term is risky.
IP Addresses
What Are They?
An IP address is a unique identifier assigned to your network router by your internet service provider. It’s like a digital home address for your devices.
How Do IP Addresses Work?
Every time your device sends an HTTP request (e.g., loading a webpage or an ad), the server reads your IP address. Ad platforms use this to identify users at the household level. This cross-device capability is why you might see ads for your dad’s CPAP machine after Thanksgiving dinner.
Pros:
• Universally available: Every ad request has an IP address (unless masked by a VPN).
• Cross-device tracking: All devices on the same network share the same IP.
• Essential for connected TV (CTV): Links ad exposure on TVs to user actions on phones or laptops.
Cons:
• Inaccurate: Tied to households, not individuals.
• Privacy-invasive: Users have no control over IP collection unless using VPNs or privacy tools.
Future Outlook:
Privacy-focused tools like Apple’s iCloud Private Relay and Microsoft’s similar features are chipping away at IP tracking. While it’s unlikely to disappear entirely, its role in advertising will diminish over time.
Device IDs
What Are They?
Device IDs are alphanumeric identifiers assigned by operating systems to devices like smartphones, tablets, and smart TVs. Examples include Apple’s IDFA and Android’s GAID.
How Do Device IDs Work?
Native apps can access these IDs to track user activity within apps and across devices. For example, a DSP can use an IDFA to serve targeted ads on a user’s iPhone and measure conversions on the same device.
Common Platform IDs:
• iOS and tvOS (iPhones, iPads, Apple TVs): IDFA (Identifier for Advertisers)
• Android (Phones, Tablets): GAID (Google Advertising ID)
• Amazon Fire OS (Fire TV, Fire Tablets): AFAI (Amazon Fire Advertising ID)
• Roku (Streaming Devices, Smart TVs): RIDA (Roku Identifier for Advertisers)
• Samsung (Smart TVs, Mobile Devices): TIFA (Tizen Identifier for Advertisers)
Pros:
• Persistent across app sessions.
• Cross-device capability (to some extent).
• Gives users some control: Device IDs can often be reset manually.
Cons:
• Apple’s ATT (App Tracking Transparency) framework has drastically reduced IDFA availability on iOS.
• Limited to specific platforms: Each operating system has its own device ID format.
Future Outlook:
Device IDs remain essential for platforms like Android and CTV, but Apple’s restrictions highlight their fragility. Their role will persist, especially in ecosystems that benefit from advertising growth.
Deterministic Identifiers (Hashed Emails)
What Are They?
These identifiers are based on PII, like email addresses or phone numbers, that are hashed (encrypted) to create privacy-compliant identity signals.
How Do They Work?
When users register on a website, their email is hashed into an encrypted value. This hash can be matched across platforms, enabling cross-device and cross-site tracking. Solutions like Unified ID 2.0 and LiveRamp’s RampID standardize this process.
Pros:
• Privacy-centric: Users can opt-out or reset their identifiers.
• Cross-device tracking: Ties together ad exposures and conversions across devices.
• Durable: Less likely to be blocked or phased out compared to cookies or IP addresses.
Cons:
• Friction: Requires user registration, which smaller publishers might struggle to achieve.
• Vulnerable to burner emails: Users can bypass tracking with temporary email services.
Future Outlook:
Hashed identifiers are poised for growth as cookies decline. They’re especially valuable for platforms requiring logins, like streaming services. However, adoption will hinge on industry-wide collaboration and standardization.
Probabilistic Identifiers
What Are They?
These identifiers use multiple signals—like IP address, user agent, and browser configuration—to create a probabilistic match for a user.
How Do They Work?
By combining non-unique data points, probabilistic identifiers build a “fingerprint” of a user. While less precise than deterministic methods, they’re useful when other identifiers are unavailable.
Pros:
• Always available: Doesn’t rely on user opt-ins.
• Works across devices and platforms.
Cons:
• Privacy concerns: Users can’t opt out of fingerprinting.
• Less accurate: Can result in false positives or missed matches.
Future Outlook:
Probabilistic methods will remain a fallback option but face increasing scrutiny from regulators and privacy advocates.
The Future of Identity in Advertising
No single identity signal will dominate. The ecosystem will continue to rely on a mix of methods, each serving specific use cases. As privacy regulations tighten and consumer awareness grows, advertisers and publishers must adapt by diversifying their strategies and prioritizing privacy-compliant solutions. While some signals like cookies may fade, others like deterministic identifiers are gaining traction. The key is to stay flexible and prepared for an identity landscape that will only grow more complex—and more critical to get right.
