Digital Identity: Why is it difficult to get right?

With Akamai’s recent acquisition of Janrain underlining the importance of identity management and data privacy to enterprise clients, Teavaro’s Nico Pizzolato takes a look at why digital identity is this year’s hot topic…

Nico Pizzolato TeavaroDigital identity is much like cookery, or patience; while many proclaim its mastery, few have truly achieved it. That doesn’t stop those who fail trying, but we should be wary of their claims. Seamless customer identification across channels and devices is the marketers’ soufflé – if it hasn’t collapsed, it’s probably more down to luck than skill.

The dilemma begins close to home. Through different channels, online and offline, brands build up numerous identifiers for each single customer. In time, if the organisation has a wide customer-base, silos arise. The customer will look like a different person in each channel, represented by an email ID, a device ID, a customer login, a first-party cookie. The effort to link these different identifiers to a single profile is titanic, but what is at stake is the effective engagement of existing customers and, for advertisers, the accelerated acquisition of new ones. At Teavaro, we have recognised the importance of getting digital identity right. By designing customised architectures that integrate different data points and centralise the customer profile, siloed data is agnosticised, and more readily used to provide, for example, holistic customer experiences across devices and channels. A true 360° customer view that isn’t limited to a client’s own digital properties.

Brands are aware that matching the company’s internal identifiers with external ones has become a more torturous process. For most of its existence, we have associated programmatic advertising with the process of the ID synching of third-party cookies via DMPs and DSPs. This involved sifting through thousands of ID strings, rather than the few that derive from internal processes. It is a method that relies on the assumption of the undisturbed tenancy of a crowd of third-party cookies stored in users’ browsers. 2018 has evicted these identity squatters.

Regulation inspired by data privacy by design principles, such as the GDPR, requires not only handling internal data and consent in a more secure and transparent way, but vetting all associated data processors and controllers for compliance. Regulation has only exposed the obvious truth that ID synch was happening because of the faint awareness that the customer base had of it. This is no more. In response to increased concerns of the general public, most browsers, bar Google Chrome, have moved towards either enhancing users control of third-party cookies or banning them by default, in an effort to clamp down on the ‘tracking’ that has been the bread-and-butter of digital advertising.

These measures have proved popular with the public. Since it introduced Tracking Protection in autumn 2017, Firefox has seen a surge of user adoption. Opera and Internet Explorer are enabling more users to do the same. But Apple’s Safari leads the pack: its inbuilt Intelligent Tracking Prevention version 2 (or ITP2) blocks all third-party cookies (as we explain in detail in a previous article), guarding its users against the prying eyes of marketers and putting near-insuperable hurdles to those companies who rely on external means to connect their disparate user identifiers, for the purpose of personalising their advertising campaigns and offers or to retarget users.

All this leaves companies who adhere to the ‘old ways’ with a dwindling user base, as cookies disappear in the wider ecosystem, and the means to connect the identifiers they hold are reduced by these widely imposed restrictions. Indeed, the changes to Safari can itself impact roughly 30% of a brand’s user base, wiping significant value from accumulated data assets in a short period of time.

The only solution has been to take matters into one’s own hand: to tackle the disconnect of siloed identities and unite first-party data to improve working with the wider ecosystem. Privacy management has become essential for marketers to deliver personalised campaigns and still honour customers’ privacy. Because of customers’ large footprint on the web and the different touchpoints (e-commerce, social media, customer login, etc.), each data point might be associated to different permissions and have a different life-span. When, as is often the case, customers permissions are handled by channels, that prevents a unified view of the customer. Furthermore, while once we thought of name, date of birth and address and little more as personal information, that has changed. Regulation has now increased the number of identifiers that can be construed as PII, such as device ID or location, and thus are to be handled with stringent consent requirements. This gets even more complex if the company is operating in multiple jurisdictions, even as there are signs – with the forthcoming California Privacy Act and legislation in Japan – that the big markets are slowly converging towards a coherent view of what identifiers deserve protection.

Creating personalised campaigns while safeguarding one’s own data is often an elusive goal for brands. Mired in the effort to transform vast amounts of customer data into an asset, brands recur to partner vendors to build identity graphs that end up serving up that value to others rather than harnessing it themselves. But without a unified view, deciphering the customer’s path to conversion is problematic. Incorrect or impossible attribution, double counting conversions, inability to activate data and multiple views of the same user are the vexing problems of digital marketing ROI. These lead to gaps in customer intelligence and in poor engagement.

Thus, for marketers, getting to tie a number of identifiers to a single user is still difficult, but it is vital. This challenge, in fact, has become an existential one for the whole ecosystem as client confidence is shaken about the return of their advertising investment.

In Teavaro’s view, getting digital identity right becomes an endeavour at the crossroads between legal compliance, identity solutions, and marketing strategy. Marketers should be transparent about what data are collecting and for which purpose, and strategic in weaving them together in a system that can be dynamically accessed by any other system in the organisation. Stitching a string of personal identifiers with customers behaviour tracked over time is a diligent, humble toil that leads to personalised campaigns that build trust and create engagement. For instance, first-party data owners might need to work with smaller, more select, engaged audiences through a registration-led strategy or shared ID with other stakeholders. To create value from data one has first to have a holistic view of its owner. Through our work and products, we foster marketers who are conversant with privacy as an effective campaign needs to be legally compliant but led by a strategic marketing vision.