iOS 14 - What the IDFA privacy update means

Recent News of the the IDFA opt in Privacy policy from Apple being postponed by Apple has not only caused app marketers to breathe a sigh of relief but bought both developers and attribution partners some valuable time to establish what the new normal for mobile attribution is.

What you need to know:

At the WWDC in June, as expected Apple announced a new update – iOS 14. With this update, for marketers and developers the biggest announcement was a change in IDFA tracking and an update that would require every app to get explicit permission from the user before tracking them or accessing their device's advertising identifier, which is used for advertising purposes and monitoring the impact of your advertising on your apps performance through MMPs.

The below is a mock-up of the prompt;

This month, Apple have announced that they will be postponing the privacy changes, with apps being required to obtain permission to track users by early 2021. They also announced new information for developers about the changes Apple will be requiring around an app's privacy practices. These being every app's product page will be required to include information on the data it is collecting, linked to or tracked, as well as the app's privacy practices.

What is an IDFA and what do you need it for:

The Identifier for Advertisers also known as an IDFA is a unique device identifier, which is provided by Apple on a user's individual device. The IDFA is used by Apple for tracking user's activity and app history but also by marketers and advertisers who use the IDFA to track data on user behaviour and in app events so that you can understand the performance of your marketing and delivered can deliver customised advertising across channels such as Apple Search Ads, Snap, Facebook and DSPs, to can deliver customised advertising. It is important to know that the IDFA is used for tracking and identifying a user, but it does not contain any personal information.

Essentially the IDFA is a unique ID that is used by advertisers to track unique users on their device to attribute them to an install. The IDFA itself is just a unique number and Apple doesn't use it for anything else other than providing to advertisers. It's the advertiser SDKs that then use that and the MMPs who pick up the data and combine it together to find out which advertiser got the download. The in-app event tracking is all done by the MMP and stored against the IDFA (rather than the IDFA storing that data).

What is the impact on MMPs?

At AppsFlyer, 'privacy by design' has always been our driving philosophy. Over the years, we've spearheaded ground-breaking privacy and security initiatives that are unparalleled in our competitive landscape. We believe that our commitment to providing attribution solutions that enable a privacy-centric approach is reflected in our product, by our actions, and by the company we keep.

We also believe that privacy is a critical part of the next technological wave and that innovators who are implementing privacy as an integral part of the product life cycle hold the key to success.

The unravelling of IDFA didn't come as a surprise. We have spent the past two years developing our core products, taking this industry change into consideration. We have been exploring several solutions simultaneously to ensure that we are ready to provide our customers with an attribution solution that puts the end-user's privacy first - even if the IDFA will become obsolete.

Two of our published solutions are;

In Summary what are the key things Apps Need to do in order to comply with the updated privacy policy?

This one very much depends on the app itself and whether they are using an MMP or their own in-house solution or even what they're using IDFA for and if they actually need it at all. But essentially, the following applies:

If an existing app…

  • Who Doesn't use an MMP or get the IDFA: Nothing, no action required
  • Who Uses an MMP: Update your SDK the MMPs will now be supporting Apple SKAdNetwork (which most didn't before) and optionally ask for AppTrackingTransparency (those that don't ask will just have all uses appear as LAT On)
  • Uses IDFA for any other use: Ask for permission with the AppTrackingTransparency framework

It's important to remember not to require users to provide access to IDFA for the app to work as this goes against guidelines.

Good Articles to read:

Would you like a cookie?

We would like to set some cookies on your device to enable our performance monitoring and marketing.