Go to the profile of Commission Factory
Aug 20, 2018 · 3 min read

Affiliate Marketing and Apples ITP 2.0

Advertisers, affiliates and networks are preparing for yet another set of privacy changes with Apple's Intelligent Tracking Prevention (ITP) 2.0




In what seems like history repeating and in yet another onslaught of many this year on the affiliate industry, Apple is set to release ITP 2.0 alongside iOS 12 and MacOS Mojave around September or October 2018. Whilst the change seems motivated and targeted towards the data behemoths that rely on third party tracking and profiling AKA Facebook and Google, many networks and technologies will be caught in the crosshairs if not prepared and will see a much stricter approach to cookie handling, redirects and passing of HTTP referrer information.

What was ITP 1.0?

Back in September of 2017 we released a post on what ITP 1.0 meant for the affiliate industry and we're happy to report that very little changed. The first iteration was to default the Safari browser to “Prevent Cross-Site Tracking” on all devices and to limit the ability of tracking service providers to read users cookies from an Advertiser’s website beyond the initial 24 hours.

When a user visits an Affiliate website and clicks on a link, that user’s browser redirects through a Commission Factory link and receives a first-party cookie before the user is directed to the Advertiser’s site. This allows us to track the conversion by firing the conversion tag when a user makes a purchase and will attempt to reach the CF cookie that was placed by the redirect through our tracking link.

The first-party cookies that previously lasted forever will now expire within 24 hours while deleting a site’s cookies entirely if the user doesn’t visit the site for 30 days.

ITP 2.0

With its primary goal of protecting user privacy, the ITP 2.0 update will see a much stricter approach to cookie handling, redirects and passing of HTTP referrer information. Some of the important changes to note are removal of the 24-hour tracking window, protection against tracker collusion and origin-only referrer.

The removal of the 24 hour window for reading cookies that was still allowed or possible with ITP 1.0 will now be removed and means that any cookies will no longer be able to be read in a third party context.

Protection against tracker collusion is new to ITP 2.0 and recognises when redirects are being utilised for tracking purposes only. This key for affiliate marketing where users are invisibly redirected through a tracking domain before reaching the intended advertisers website.

Origin-only referrer truncates referring URLs to the root domain only. For example if a user was directed to your site from mysite.com/jewellery, any information after the root domain will be removed.

What Happens Next?

Whilst the above can seem like a lot of doom and gloom for networks such as ourselves, tracking is what we do and without being able to accomplish this we would no longer have a business.

We have tested the new browser extensively and will be operating business as usual. Some Advertisers using an older version or legacy tracking setup will be affected by this update and we have been in touch to ensure our container tag and tracking has been updated appropriately. Whilst we are confident in our own technology, we actively encourage any advertisers who conditionally track with third parties such as DoubleClick to start the conversation with them as soon as possible to understand what effect ITP 2.0 will have on their particular setup.


Did you enjoy this article? Don’t forget to share.