Mobile

Post-Click
Tracking
FAQs

F
A
Q
s

Contents
1. Defnitions & Scope
2. Understanding user journeys on mobile
3. What are the technologies available for tracking user journeys on
mobile?
4. What else do I need to know about post-click tracking on mobile?
Introduction
This mobile post-click tracking FAQ document aims to make it easier to
understand the way we can track a user journey after they click on an ad on a
mobile device. This booklet is aimed at people who both buy and sell mobile
advertising and need to understand how to track it, but are not necessarily
technical experts.
As a result of the output of the IAB UKs Mobile Ad Tech Working Group, this
booklet addresses the frequently asked questions in this feld. It is worth noting
that technology changes very quickly, and although this information was correct
at the time of printing some developments and changes in mobile post-click
tracking may occur. If you would like more information about this subject or
anything in this booklet please contact mobile@iabuk.net.
1
Defnitions & Scope
What is Mobile Post-Click Tracking?
Broadly speaking mobile post-click tracking refers to the technology that follows
the journey of a user after clicking on an ad on a mobile device. Most often, this
technology is used to measure the effectiveness of an ad on a mobile device, for
example if a user clicked on an ad promoting a mobile app, post-click tracking
is used to understand if the app was then actually downloaded by the user
that saw that ad. Post-click tracking can be useful for measuring many different
types of mobile advertising, for example if an ad on a mobile device prompted
someone to go on to visit a website, download an app, or request further
information.
What does the user journey on a mobile phone mean and why is it so
important?
When someone sees and clicks on an ad, there are a number of types of user
journey that someone might follow on a mobile phone. For example, a user
might see an ad on a browser, click, then go to the app store, or alternatively,
a user might see an ad in an app, click, and then go to a browser - to name a
couple. Later in this document the full list of user journeys will be explored and
explained. The reason the user journey is so important is because each one
requires a slightly different technology to track it, which causes some confusion
in the market and is what this document seeks to clarify.
Can you help me understand if my mobile ad sent someone in store?
This document seeks to only explain further how to measure the user journey on
the mobile device and does not cover how to track someone who sees an ad on
their mobile and then makes a purchase in store.
Why is post click tracking a particular barrier for mobile compared to online?
On desktop computer, cookie technology has traditionally enabled advertisers
to follow the user journey. A cookie is dropped on the browser of every user
that sees the ad impression, and will then be able to track the user after they
click to see if they go on to convert (i.e. makes the purchase/download/visit
etc.) On mobile, however, there are challenges with using this technology due
to the variety of operating systems, the app/browser landscape and the unique
technical attributes of mobile.
2
Understanding user journeys on mobile
Before we can understand the technical differences in the way you measure user
journeys on mobile, it is important to list out the six main iterations of the user
journey when they see and click on an ad on a mobile phone and their subsets.
This is best understood when looking at the table on the next page, and using
the following explanations to get a full understanding of the journeys.
The different user journeys on mobile
To read this chart, start reading from the column on the left, and then follow with
the row on the top. E.g Journey 1.i is where the user starts on a mobile website
via a browser that accepts tracking cookies, clicks, and then goes to another
website via a browser that accepts tracking cookies.
Key
1. Mobile Site to Mobile Site
2. Mobile Site to App Store
3. Mobile Site to Mobile App
4. Mobile App to Mobile Site
5. Mobile App to App Store
6. Mobile App to Mobile App
3
Further explanations of the user journeys
1. Mobile Site to Mobile Site
A user starts on a mobile website, clicks and then goes to another mobile
website. In terms of tracking technology however, it matters if the browser they
are using to visit the site will accept tracking cookies from a 3
rd
party. A user most
often will use the same browser, however it is also possible for one user to have
multiple browsers on their device that might deal with cookies in different ways
(as in journeys 1.ii and 1.iii).
Then
goes
User
starts
Mobile
browser
does NOT
accept
tracking
cookie
Mobile
browser
does NOT
accept
tracking
cookie
Android
App
Android
App
Store
Apple App
Store
Android
App
iOS
App
iOS
App
Mobile
browser
accepts
cookie
tracking
Journey 1.i Journey 2.i Journey 2.ii Journey 3.i Journey 3.ii
Journey 3.iv Journey 3.iii
Journey 6.i
Journey 6.ii
Journey 2.iv Journey 2.iii Journey 1.iii
Journey 4.i
Journey 4.iii Journey 4.iv
Journey 4.ii
Journey 5.i
Journey 5.ii
Journey 1.iv
Journey 1.ii
Mobile
browser
accepts
cookie
tracking
4
A cookie is a text fle that is stored on your browser by a websites server, and
each cookie is unique to your web browser. It will contain some anonymous
information and can only be read by the server that set the cookie. 1
st
party
cookies are set by the website you are visiting and they can only be read by
that site. Other cookies, tracking cookies or 3
rd
party cookies, are set by other
websites or technology providers, and therefore the domain is different from
the visited website. Most mobile web browsers accept frst party cookies, but
some mobile browsers do not accept 3
rd
party cookies. To understand more
about Mobile Cookies pleocumen Cookies (http://www.iab.net/media/fle/
IABDigitalSimplifedMobileCookies.pdf)
at
A cookie is a text fle that is stored on your browser by a websites server, and
each cookie is unique to your web browser. It will contain some anonymous
information and can only be read by the server that set the cookie. 1
st
party
cookies are set by the website you are visiting and they can only be read by
that site. Other cookies, tracking cookies or 3
rd
party cookies, are set by other
websites or technology providers, and therefore the domain is different from the
visited website. Most mobile web browsers accept frst party cookies, but some
mobile browsers do not accept 3
rd
party cookies. To understand more about
Mobile Cookies please refer to the IAB US document Understanding Mobile
Cookies.
User starts on a mobile website via a browser that accepts tracking cookies, and
then goes to mobile website on the same/another a browser that also accepts
tracking cookies.
i. User starts on a mobile website via a browser that accepts tracking
cookies, and then goes to mobile website on a different browser which
that does NOT accept tracking cookies.
ii. User starts on a mobile website via a browser that does NOT accept
tracking cookies, and then goes to mobile website on a different
browser that DOES accept tracking cookies.
iii. User starts on a mobile website via a browser that does NOT accepts
tracking cookies, and then goes to mobile website on the same/another
browser that does NOT accept tracking cookies.
2. Mobile Site to App Store
This journey starts on a mobile website, and then the user clicks and goes to the
app store. The main differences here are between operating systems, where we
will look at iOS and Android.
i. User starts using mobile website on Android via a browser that
accepts tracking cookies, and then goes to Google Play store.
ii. User starts using mobile website on iOS via a browser that accepts
tracking cookies, and then goes to Apple App Store.
iii. User starts on mobile website on Android via a browser that does
NOT accept tracking cookies, and then goes to Google Play store.
5
iv. User starts on mobile website on iOS via a browser that does NOT
accept tracking cookies, and then goes to Apple App store.
3. Mobile Site to Mobile App
This journey starts on a mobile site, and then the user clicks and goes to an app.
The main differences here are both between the operating system and if the
browser that accepts tracking cookies or not.
i. User starts using mobile website on Android via a browser that
accepts tracking cookies, and then goes to an app.
ii. User starts using mobile website on iOS via a browser that accepts
tracking cookies, and then goes to an app.
iii. User starts using mobile website on Android via a browser that
does NOT accept tracking cookies, and then goes to an app.
iv. User starts using mobile website on iOS via a browser that does
NOT accept tracking cookies, and then goes to an app.
4. Mobile App to Mobile Site
This journey starts on a mobile app, and then the user clicks and goes to a
mobile website. The main differences here are both between the operating
system and if the browser that accepts tracking cookies or not.
i. User starts on Android mobile app, and then goes to a site via a
browser that accepts tracking cookies.
ii. User starts on Android mobile app, and then goes to a site via a
browser that does NOT accept tracking cookies.
iii. User starts on iOS mobile app, and goes to a site via a browser that
accepts tracking cookies.
iv. User starts on iOS mobile app, and goes to a site via a browser that
does NOT accept tracking cookies.
6
5. Mobile App to App Store
This journey starts on a mobile app, and then the user clicks and goes to their
app store. The main differences here are between operating systems, where we
will look at iOS and Android.
v. User starts on Android mobile app, and then goes to Android App
Store.
vi. User starts on iOS mobile app, and then goes to Apple App Store.
6. Mobile App to Mobile App
This journey starts on a mobile app, and then the user clicks and goes to
another app. The main differences here are between operating systems, where
we will look at iOS and Android. This is a less commonly found journey currently.
i. User starts on Android mobile app, and then goes to another app.
ii. User starts on iOS mobile app, and then goes to another app.
What are the technologies available for tracking user
journeys on mobile?
With a clear understanding of the different possible user journeys on a mobile
device, it is now important to understand the different technologies available for
tracking user journeys.
The table below provides a summary of the different types of measurement
technology available to advertisers specifc to each user journey.
Cookie
A cookie is a small text fle deployed to a browser by a visited website or
advertisement that can contain information such as login settings, user
preferences, geographic, and demographic information. Cookies allow
advertisers, where possible, to identify occurrences on a unique browser and
understand the user journeys that take place on that browser.
7
Device ID
Both Android and iOS operating systems offer advertisers a software identifer
that is unique to that handset. This means in certain situations, particularly in the
app environment, advertisers have access to a unique device code that allows
them to track a journey from click to conversion on that particular device. The
current Android version is called Advertising ID and the current iOS version is
called IDFA.
Then
goes
User
starts
Mobile
browser
does NOT
accept
tracking
cookie
Mobile
browser
does NOT
accept
tracking
cookie
Android App
Android App
Store
Apple App
Store
Android
App
iOS
App
iOS
App
Mobile
browser
accepts
cookie
tracking
Cookie
Browser IDs
Pixel Tracking
Server
to server
integration
3rd Party
Mobile
Measurement
Company
Probabilistic
ID
3rd Party
Mobile
Measurement
Company
Probabilistic
ID
Publisher/
developer
specifc
data
Publisher/
developer
specifc
data
Publisher/
developer
specifc
data
Publisher/
developer
specifc
data
If user already
has app
Advertiser ID
If not opens
either app
store/site, see
journeys 4.i
or 5.i
If user already
has app, IDFA
If not opens
either app
store/site, see
journeys 4.iii
or 5.ii
3rd Party
Mobile
Measurement
Company
Probabilistic
ID
3rd Party
Mobile
Measurement
Company
Probabilistic
ID
Browser IDs
Pixel
Tracking
Server
to server
integration
Probabilistic
ID
Cookie
Pixel Tracking
Probabilistic
ID
Cookie
Pixel Tracking
Probabilistic
ID
Cookie
Pixel Tracking
Probabilistic
ID
Cookie
Pixel Tracking
Probabilistic
ID
Advertiser ID
3rd Party
Mobile
Measurement
Company
IDFA
3rd Party
Mobile
Measurement
Company
Browser IDs
Pixel Tracking
Server
to server
integration
Probabilistic
ID
Browser IDs
Pixel Tracking
Server
to server
integration
Mobile
browser
accepts
cookie
tracking
8
o Advertising ID
Androids Advertising ID is a software identifer unique to each Android
device, which replaced the Android ID in the KitKat OS update of October
2013. The Advertising ID is a string of numbers and letters that is unique
to each device but does not contain any user specifc information.
Furthermore, the Advertising ID is not permanently tied to a device, but
can be reset or limited by the user at any time.
o IDFA
Apples IDentifer For Advertisers (IDFA, or occasionally IFA) is the most
recent device identifer that was released with iOS6 in September 2012,
replacing the UDID. The IDFA is a piece of code unique to each mobile
device, but does not contain any user specifc information. Furthermore,
the IDFA is not permanently tied to a device, but can be reset or limited
by the user at any time.
Browser IDs
There are a couple of unique identifers available to advertisers when a user is
using a browser on their mobile phone - but this exclude app usage for the most
part. Firstly, the IP address and secondly the User Agent String.
9
o IP address
An Internet Protocol (IP) address is a numerical code that is assigned to
a device that is connecting to a network that uses the Internet Protocol.
Internet service providers assign IP addresses in blocks, so an IP
address gives an indication of geographical area as well as give each
computer connected in that area a unique code. There are however
occasions where a large number of users will be associated with one
address, for example a large organisation. Furthermore, in mobile there
are challenges with this, as IP addresses can change as the user moves
around and uses different cell towers.

o User Agent String
The User Agent String is a list of keywords that describes the profle of
that browser, creating a code based on all the settings of that browsing
experience that an advertiser can use as part of identifying unique
users. For example, a user agent string will be able to tell us the browser
type, the system it is running on. The user agent string on a mobile
device will have a slightly different set of information from online as
some things for example fonts and plugins arent available, but other
information such as screensize may be included in the header.
10
Pixel Tracking
A tracking pixel traditionally refers to a 1x1 pixel that can be requested by an
ad-unit or server in order to increment a counter on another server. This pixel can
be inserted in ad creative or on webpages without being seen, and will make a
server call allowing advertisers to track the user journey.
3
rd
party Mobile Measurement Company
Some technology companies have created mobile measurement products to
help advertisers track user journeys on devices better. These technologies are
particularly useful to fll the gaps where for example a device or browser ID
may not work, and also by providing a trusted 3
rd
party angle. By paying a fee
to these companies, advertisers can use these solutions to understand a user
journey. Each company has developed proprietary technology to make this work,
creating a range of methodologies, and these are what cause differentiation
between these companies. Examples of companies that provide 3
rd
party Mobile
Measurement include AD-X (Criteo), HasOffers, or Kochava.
Probabilistic ID
Probabilistic ID technologies anonymously create a profle of a user, or a
probabilistic ID, based on the aggregation of a range of data available about
their device such as device type, browser version, language settings, or time
zone. This unique profle is created when the user undertakes an action (such
as clicking on an ad) and then when a conversion happens (for example the
download of an app). The tracking technology can then match the profles to
determine they are likely to be the same device, and therefore user. Examples of
companies that provide this technology include Adtruth, or Tapad.
Server-to-server integration
Depending on the mobile ad server, macros can be appended onto the
destination URL in order to track post-click actions. Macros are strings of text
that the ad server replaces with other strings of text according to a set of rules.
The advertiser would require ensuring an URL (like a pixel) is pinged back to the
mobile ad-server in order to record the actions following a click.
11
For this reason, thinking about a users privacy should be on your mind at the
(http://hico.org.uk/for_organisations/data_
protection/the_guide) and , (http://ico.org.uk/for_organisations/privacy_and_
electronic_communications
nd how do I help them manage their privacy? Who is in control of the data? Do I
make sure that this is the minimum data necessary for the task and do I keep it
only as long as I need? How do I keep the data secure? Answering these types
of questions lays the groundwork for respecting a users privacy.
The ultimate goal should be to create an environment in which users enjoy
confdence and trust in the services they access via their mobile devices.
Providing transparency and giving users control over their data are tools with
which to achieve that. Users generally want to know more than what type of
data you use. Tell them you use it and whom you share it with. Remember
your audience and use plain English as much as possible when you describe
the purpose of the data you process. And think about the context in which
you present this information. Making this available the moment it is relevant
to the user is often the most effective way. EU sel http://www.iabuk.net/
EUselfreg symboli the AdChoices icon, http://www.iabuk.net/icon and trust Seal,
http://www.edaa.eu/certifcation-process/trust-sea . Whilst technology-neutral,
the self-regulatory initiative was primarily designed for a desktop world and
Publisher / developer specifc data
It is sometimes possible to work directly with the owners of websites or apps,
i.e. publishers or app developers, to feedback information about how users
interacted with the ads that appeared on their properties. This requires a direct
relationship between the advertiser/agency and the publisher/developer and
will produce data specifc to that publisher/developer.
What else do I need to know about post click tracking on
mobile?
How do tracking technologies work in the programmatic environment?
Cookies and probabilistic IDs will both work in a programmatic environment.
Device IDs (i.e. IDFA and Advertiser ID) are also often accessible via the ad
exchanges (in the initial bid request), allowing buyers to map back a device ID to
the impression and click event in their mobile demand side platform (DSP) once
the ad is delivered. In other words, if the user clicks on an ad and then installs an
app for example, mobile demand side platforms will match device ID recorded
at the click event with the one of the device that installed the app to their server.
There is however a challenge, as many supply side platforms use different
methodologies to hash these device IDs. Hashing protects the device ID to
keep it private, but the discrepancy in the way SSPs hash complicates unique
user identifcation and understanding of user behaviour post-click. Its also worth
noting as mentioned above, using device IDs for programmatic buys will only
work for ads delivered in mobile apps.
What are some current best practises for privacy in post click tracking?
The fact that for most people mobile devices are often the most personal devices
they own puts increasing importance on meeting their privacy expectations.
For this reason, thinking about a users privacy should be on your mind at the
beginning of any campaign or project and not come as a second thought. Start
by familiarising yourself with the legal requirements laid down by the Data
Protection Act, and the Privacy and Electronic Communications Regulations.
12
For this reason, thinking about a users privac http://po.st/UGCVhL
http://po.st/TfnWhF http://
www.edaa.eu/certifcation-process/trust-seal the self-regulatory initiative was primarily
designed for a desktop world and work is underway to adapt them for the mob mobile
environment, something that is progressing in the US and Euro
Common to them all is a series of some basic questions that you should ask
yourself: What data do I collect? How do I gain consent from the user and how
do I help them manage their privacy? Who is in control of the data? Do I make
sure that this is the minimum data necessary for the task and do I keep it only
as long as I need? How do I keep the data secure? Answering these types of
questions lays the groundwork for respecting a users privacy.
The ultimate goal should be to create an environment in which users enjoy
confdence and trust in the services they access via their mobile devices.
Providing transparency and giving users control over their data are tools with
which to achieve that. Users generally want to know more than what type of
data you use. Tell them why you use it and whom you share it with. Remember
your audience and use plain English as much as possible when you describe
the purpose of the data you process. And think about the context in which you
present this information. Making this available the moment it is relevant to the
user is often the most effective way.
These principles build the foundation of the EU self-regulatory programme,
for behavioural advertising, symbolised by the AdChoices icon, and the EDAA
Trust Seal. Whilst technology-neutral, the self-regulatory initiative was primarily
designed for a desktop world and work is underway to adapt them for the
mobile environment, something that is progressing in the US and Europe.
13
With thanks to..
Thank you to our Mobile Ad Tech Working Group for their contributions to this
document, in particular:
Any questions?
If you have any further questions on this document, please contact the mobile
team at the IAB mobile@iabuk.net
14
Follow us: @iabuk
Email: info@iabuk.net
Visit us: www.iabuk.net
Call us: 020 7050 6969
2013-2014