In January, the Chrome browser removed third-party cookies for 1% of users to facilitate testing of the Privacy Sandbox – and a new controversy was born.
This small change precipitated a major crisis among DSPs, which began seeing IDs – what appeared to be third-party cookies on Chrome – used to propagate what should have been an empty field, aka “ID bridging.”
Vendors and publishers hotly disputed the practice of filling the OpenRTB buyer ID field with new IDs when cookie data wasn’t available.
Publishers and their vendors pointed out that ID bridging had been happening for a year or more already in Safari. They also frankly need the revenue. From the buyer perspective, though, publishers claiming the tactic greatly aids monetization only reinforces how often advertisers pay for misrepresented IDs.
“This was easily the most contentious working group conversation I have ever had,” Hillary Slattery, the IAB Tech Lab’s senior director of product management for programmatic, told AdExchanger, referencing debates about ID bridging that raged within the Tech Lab.
And that’s saying something, she added. Slattery led the Privacy Sandbox Task Force as well as the video placement update last year, a bitterly contested change to how video units are classified.
The Tech Lab has pushed new protocols through the comment period, and which should go live later this year, that provide new fields with information to disclose bridged IDs and which vendors are using them in the supply chain.
But there’s another reason why ID bridging has become such a sore subject. It is the clearest example to date of the programmatic ecosystem reckoning with what constitutes “fraud.”
How it works
To back up, there is even some debate over what constitutes an ID bridge.
Basis VP of Product Ian Trider, who is also a listed author on many of the Tech Lab documents regarding ID bridging, said he defines it as when a publisher or publisher vendor looks to see, for its own purposes, whether it can identify or in some way classify a site visitor, even if the cookie ID field is null.
In effect, this involves using third-party cookies on Chrome, while they still exist, to recognize who a user is in a cookieless environment, like Safari. In some cases, an ID bridge leads to an alternative ID being offered in the bidstream to fill the empty third-party cookie field.
But whenever an ID is inserted into the buyer ID field, and it’s not the native browser cookie ID, “as far as I’m concerned it’s a spoofed ID,” Trider said.
“You can’t just say, ‘It’s related’ – that’s not how the ID field works.”
The F word
Trider’s point of view is emblematic of the fact that ID bridging has also become the most recent example of the industry struggling with how to characterize what is and isn’t fraud.
From the buy-side perspective, all ID bridging as it is commonly applied might be called fraud and should fall under the MRC definitions for sophisticated invalid traffic. The supply side is knowingly misleading advertisers with a fake bill of goods by inserting IDs where they don’t belong.
There is a history of similar programmatic misuse.
Years ago, mobile publishers and exchanges began inserting generic or random location data into the related OpenRTB field, because bids with location data attached were worth more. And remember bid caching? The practice, which still occurs today, involves SSPs preserving an advertiser’s high bid for one impression and then simply serving them a different, new impression at that price.
Of course, there’s a difference between using malware and a network of bot-populated sites to rip off advertisers and morally ambiguous behavior that encourages buyers to open their wallets a little wider.
But advertisers are wary of being duped in ways that skirt the line, because they’ve been duped before.
Buy-side platforms are overtired of this BS, said one DSP exec who was involved in the ID bridging debates at the Tech Lab and asked to speak anonymously because his company doesn’t speak on the record on this topic.
Publishers, however, consider ID bridging a legit tool in the yield and monetization toolkit.
“Publishers have spoken very positively about the ability for these [ID bridging solutions] to boost their monetization,” said Andrew Eifler, chief product officer (and the new co-CEO) at SSP TripleLift.
Publishers are barely scraping by right now, and programmatic tech typically favors the buy side. That’s where the money comes from, after all. A pillar use case for programmatic, for example, is to enable advertisers to reach valuable readers – ESPN or Wall Street Journal visitors, say – on some smaller, much cheaper site instead.
Publishers, an often-disenfranchised lot, are therefore given wide latitude by demand-side tech and advertisers to take advantage of the system in whatever ways they can, said the same anonymous DSP source.
But this can create a tough tug of war over what does and doesn’t constitute fraud and where the question of intent matters a great deal.
In the case of ID bridging, an SSP might be legitimately trying its best to identify a user. (As opposed to targeting an IP address, which might tag anyone who works at the same business or who happened to be on the same coffee shop Wi-Fi.)
That SSP could make a valid case that campaign performance improves with the alternative IDs inserted.
But many buyers aren’t buying that argument, largely because of how IDs work.
Inserting new IDs could actually mess with campaign performance if conversions are being attributed to the wrong ID. An advertiser might end up retargeting a user it believes might make a purchase, when in fact it’s an unrelated person whose ID was incorrectly bridged into the ID field.
And even if the seller or SSP isn’t cynically taking advantage of ID bridging, it skews an advertiser’s reach and frequency capping – for advertisers, it’s hard not to see ID bridging as a workaround to frequency capping.
Fixing the bridge
How will this ID bridging stalemate end?
The new OpenRTB specs will help. They’re through the public comment period and nearing the finish line for Q4.
The new specs don’t disable ID bridging, but do give advertisers the ability to see where it’s happening. The specs contain three new fields that show which company created the bridged ID, which vendor inserted the ID and which made the match. (It can be, but isn’t always, the same vendor for all three.)
“What gets lost in the ID bridging conversation is that these ID bridges are not necessarily bad for buyers, because they give them more transparency and more choice,” TripleLift’s Eifler said of the new protocols.
If a vendor or publisher has its own first-party data set that an advertiser trusts to fill an empty ID field with a valid target, they can benefit from the new ID bridging arrangement, Slattery said. The idea is to give advertisers the tools to decide which partners or methodologies they trust.
Many publishers, meanwhile, will experience a real revenue loss when the new OpenRTB specs are released and ID bridging becomes less easy to do in the shadows. Yet the new fields still provide publishers with ways to insert their own IDs.
It’s DSPs that remain most ticked off by the arrangement.
ID bridging creates a perverse incentive to place IDs that generate more value, said another DSP source who requested anonymity on a topic his company wouldn’t discuss outside the working group. Publishers or SSPs can still just insert IDs that they know to be worth more without having done the difficult work of creating a justifiable match.
This was a point of intense debate on the GitHub repo for the new OpenRTB specs until just last week, when Slattery marked the public comment feedback boards as complete.
“Everybody had really big feelings about this for their own very legitimate business interests,” Slattery said.
But after months of tough back-and-forth negotiations, “I’m proud of where this ended up,” she said.
“The way that I always try to go into compromises like these are that if one side ends up openly weeping and one side is laughing, that’s not a good compromise,” she added. “The fact that both sides ended up shedding one single, solitary tear is a really good sign.”
