The Impact of ITP On eCommerce Businesses
ITP, which stands for Intelligent Tracking Prevention, was introduced by Apple to stop unwanted websites from tracking users on Safari browsers. Since March 2020, all storage of first and third party cookies has been limited to seven days.
Prior to the Safari ITP 2.3 release, analytics providers and ad platforms had moved to first party storage (through the use of local storage or cookies) to counteract ITP’s limitations on third-party cookies. The reason for this was because the storage of a visitor’s unique identifier was required to track a user’s journey using tools like Google Analytics.
The unique identifier is created the first time a visitor arrives on your website. Thereafter, it’s used for every successive page view or visit to accurately identify the individual user and their activity. That’s how Google Analytics can differentiate between new visitors and returning visitors. However, with the seven-day storage limit nullifying standard expiry dates set up on the platform, a visitor who returns after seven days is now categorised as a new visitor.
This presents obvious problems when evaluating analytics. A range of cookie-based metrics including unique visitors and time to buy can no longer be trusted in the slightest. To make matters worse more browsers other than Safari, are beginning to implement anti-tracking measures similar to ITP.
Since version 12.1 of Safari, the browser removes local storage and cookies used by analytics and ad platforms to establish returning visitors. Even though this is a huge win for privacy, it’s a big loss for marketers who no longer have the ability to link spend to purchases that take place when a visitor returns after seven days. Here’s a breakdown of significant ITP changes:
- March 2019 – ITP 2.1 rolls out in Safari, effectively deleting cookies after seven days.
- May 2019 – The release of ITP 2.2 in Safari 12.2, which deletes cookies from a cross-domain link after one day.
- September 2019 – ITP 2.3 comes out in Safari 13.0 and deletes any local storage bypass after seven days.
ITP impacts your digital marketing, and therefore, business as a whole due to the restriction on first party cookies on your website. Since advertising and analytics platforms rely on these cookies for tracking and reporting, the implementation of ITP means that insights from marketing data can no longer be fully trusted.
ITP affects web analytics in a variety of ways as detailed further below.
Customer Journeys & Measurements
Reducing the lifespan of cookies to just seven days significantly impacts the quality of data on individual users. Website visitors who visit your site frequently — within a seven-day window — are correctly attributed as returning users, which helps you map out your customer journey correctly. If there is more than seven days between visits for the same users, however, these returning visitors are incorrectly classed as new users.
Inaccurately attributing user data has far-reaching implications. It essentially means that analytics platforms report a higher number of new users and a lower number of returning users. Consequently, this also hinders your market segmentation and greatly reduces your retargeting audiences.
Attribution & Reporting
To pass data between websites, analytics tools generally add more information to regular URLs (for example UTM or click IDs) in a technique termed URL decoration. With the introduction of ITP, this can be flagged, which limits all relevant cookies to just one day. This literally gives you a window of 24 hours to correctly attribute conversions.
To drive this point home, the conversion window without URL decoration is seven days but prior to the introduction of ITP, it was between 90 days and two years (with or without URL decoration). There are two types of URL decoration – link decoration and referrer decoration. You can differentiate the two by identifying whether the link from the originating webpage or to the destination page is decorated.
In some cases, for example, referrer decoration, ITP could get rid of all the extra information on URLs. When the information about a specific source, medium or campaign are removed, there’s no way to attribute a conversion to any channel, which renders your reporting ineffective.
There is now a requirement for marketers that rely on robust data for ads and retargeting to switch to first party methods because more browsers like Google have followed Safari’s lead in limiting tracking.
Third-party cookies are now blocked by default, which affects anything that needs storage access. This includes retargeting, cookie matching, user profiling, ad-frequency management, and view-through attribution modelling.
Storage Access API
Even major players like Google and Facebook are affected as well. Services with cross-site embedded content, which includes embedded video and social logins, can only drop third-party cookies when they access the Storage Access API for Safari.
Storage Access API is grant when:
- A user consents
- The user interacts with the third-part site in a first party context within 30 days of using Safari
The advent of ITP and the seven-day window means marketers must get creative with finding new ways of bringing potential customers back to websites faster. It’s important to incorporate touchpoints that increase the frequency of website visits, thus resetting the seven-day limit each time.
In addition to this, marketers also need to monitor any further updates to ITP and similar systems to correctly determine the impact on analytics. A good way to approach this is to track data pre and post-update to identify whether there are changes to the user intelligence being gathered.
Personalised experiences have become increasingly important in modern times. A big part of that requires running tests to learn as much as possible about customer preferences so that you can optimise your website.
A/B testing is the most trusted method of achieving this with a timeline of up to two weeks in general. This is a problem because the cookies that enable you to collect data about your tests only last up to seven days. It means after the cookies expire the results you receive from testing become skewed. What’s more, your preferred delivery of personalised content to enhance marketing efforts takes a serious hit since you can no longer accurately gauge user preferences.
The only way to overcome ITP is to run your A/B tests for less than seven days or make your tests visit or session-based.
ITP also impacts other areas including web functionality and affiliate marketing. In terms of web functionality, you’ll really feel the effects of ITP if you use script-writable cookies or any form of script-writable storage to save visitor data. Your site may continuously request cookie consent, reset language and currency preferences to the default options, and so on.
When it comes to affiliate marketing, ITP also poses significant issues. Users have a seven-day window to convert after clicking on a link to allow the correct reseller to receive the relevant attribution.
To maximise your digital marketing efforts, you need to take measures that help you overcome the challenges introduced by ITP. Here are a few effective solutions that will positively impact your marketing endeavours.
Cross-domain Local Storage
You can leverage Local Storage — a standard web technology that nearly all browsers have supported since 2019. It is a type of browser data store that handles data like cookies do. It’s also possible to implement cross-domain Local Storage for websites with multiple subdomains.
For example, if your Shopify store is hosted on https://yourshopifystore.co.uk, with a conversion funnel on https://purchase.yourshopifystore.co.uk, this presents an issue. When your visitor ID is stored on Local Storage, it’s reported as two different visitors for a complete purchase. One will be on yourshopifystore.co.uk and the other will be on purchase.yourshopifystore.co.uk. The data doesn’t transition from one domain to another with any consistency.
In terms of A/B testing, even more issues arise. For example, testing your navigation menus could result in one user being exposed to one menu variation on the main website and the other variation further down the funnel. It goes without saying that this has huge consequences on user experience and disrupts your overall testing results.
Complete cross-domain Local Storage is the solution to these challenges because it provides more accurate results even if you have just a few pages on a different website subdomain.
Solutions from A/B Testing
With more updates from Apple on ITP, Local Storage experiences the same limitations as first and third-party cookies. As such, testing tools that utilise Local Storage must progress to ensure users can benefit from accurate A/B testing and personalisation information.
ITP doesn’t place restrictions on cookies that are generated server-side for your website since they’re required to run it. To overcome this, some tools generate server-side snippets that enable cookie set up server-side. The problem is, it can impact performance based on the number of cookies and data stored within each one. The tools that haven’t proceeded beyond Local Storage collect unreliable Safari data, which is further worsened without a cross-domain approach.
Other solutions you can use include:
- Setting up server-side cookies by adding a DNS entry on your main domain.
- Altering your front facing web server (CDN) configuration to create and add the requisite cookie.
Synchronised Server-Side Cookies & Local Storage
An even better approach is creating a server-side snippet that synchronises with Local Storage automatically. This can be done by installing a server-side snippet, which synchronises with a VisitorCode cookie automatically between the frontend and backend. It will include the all-important visitorCode identifier. Since ITP doesn’t limit server-side cookies, this cookie will have a sufficiently long expiration date.
This snippet will generate the VisitorCode cookie server-side when there is no cookie found (i.e. it hasn’t been generated front-side) or retrieve the current value and recreate the cookie server-side to overcome ITP. Through this synchronisation, identifiers won’t be wiped away after seven days and there’ll be no impact on user experiences or overall performance since only one cookie is stored.
A Local Storage synchronisation mechanism will also be required if other data that’s needed to trigger real-time experiments without additional server calls is stored in the local Storage.
Once the visitorCode is obtained by reading the VisitorCode cookie on Safari, the solution will check if Local Storage is empty. If it is (meaning the last visit was over seven days ago), a Server Synchronisation Call (SSC) is performed to get the data that was available in the Local Storage from backend servers. When the call is through, data is restored in the identical state it would have been in if it wasn’t removed by ITP. As such, you can continue operations as normal.
As you can see, the introduction of Apple ITP has had far-reaching consequences. Other browsers have followed Safari’s lead, meaning these changes have a significant impact on the marketing function and your business as a whole. There are some methods to overcome the challenges posed by ITP that Shopify experts like Vsourz can help you implement.
As leading Shopify developers, we stay up to date with the evolution of Safari Intelligent Tracking Prevention, and other similar implementations. Our team promptly evaluates all new updates and delivers effective solutions quickly to ensure you can maximise your marketing efforts.