Browsers’ policies updates. Should we forget about cookie-based tracking?


New member
Jan 3, 2018
Google’s cookie crackdown: are marketers ready to give up ad trackers? –

The third-party browser tracking cookie is dead. What’s next? –

How Apple’s ITP Update Will Affect Your Innovation Ambitions – The

Starting this May, marketing and business media truly began to bury cookie-based advertising and tracking, foreshadowing the radical transformations in the industry. We were all impressed by terrifying titles about Apple’s recent Intelligent Tracking Policy and its updates. But are all these threats for digital marketing real? Or just some clickbait tricks which make a mountain out of molehills? Let’s figure this out. In the article:

  • the real meaning of ITP for the affiliate marketing industry,
  • the possible ways to counter the restrictions,
  • the role of an ad tracker in the upcoming changes.

– Okay, RedTrack. Tell me more about ITP and its key points

Intelligent Tracking Prevention (ITP) is Safari’s anti-tracking feature that was first introduced in Apple 2017. The main purpose was to prevent cross-site tracking and shorten the life of cookies to 24 hours. Overall, despite the little buzz around it, the actual number of companies affected was not so critical. The majority has already used analytical and tracking instruments that relied mainly on first-party cookies.

Another wave of restrictions happened with the roll-out of iOS 12 and macOS Mojave in the fall of 2018. It brought users:

  • The removal of the 24-hour grace period and the third-party cookies’ actual shutdown.
  • “Protection against tracker collusion” release that recognizes all redirects used for tracking purposes. It prevents cookies from being dropped or read on a users’ browser during redirects through tracking domains before they get on the advertiser’s site.
  • “Origin-Only Referrer” release that cuts off and removes any information after the root domain. For example, starts looking like

Despite all the restrictions, companies still had a variety of solutions to track users’ activity with cross-site tracking via link decoration based on first-party cookies.

Cross-site tracking — is a method that allows companies collect browsing data across multiple websites. The scheme is simple: when someone clicks a link from one website to another, the first website passes the special ID in the destination URL to the second website. The second one stores it within a first-party cookie and passes back to the first website to record users actions.
And then Apple took up first-party cookies. ITP 2.1 warned everyone that it would delete first-party cookies seven days after their installation on a browser. In two months, ITP 2.2 simply cut their lifespan to one day. This forced companies to refer to different kinds of workarounds to store users’ information within non-cookie-based web storage mechanisms. Did Apple like it? Apparently, not at all. ITP 2.3 released this October aimed to eliminate those workarounds but re-extends the window to 7 days so long as companies use non-cookie-based web storage to hide the identifier.


So, if Safari sees that a company classified as a cross-site tracker has decorated the link, it deletes all the non-cookie-based website data for it from the user’s browser after seven days in which he used Safari but didnt visit the site since clicking that link.

Seems like we are in trouble, arent we?

– Wait, I’m a little lost. Please, explain the difference between cookies types and how do they actually work?

Sure, let’s talk about cookies. There are basically three types of them: first, second, and third (ugh…yes, that’s easy :)). We will not dwell on the second type of cookies as it’s just a name for the first-party cookies transferred from one company to another via some kind of partnership agreement. In this case, we are more interested in the first-and -the third-party cookies:

  • First-party cookies are cookies created directly by the website domain a user is visiting. They are usually generated by a publisher with JavaScript code.

How does it work in practice? When a user visits a website for the first time and he sees a pop up (most often at the bottom of the page), explaining that to continue using the website, he needs to agree to the use of cookies. At the time the user accessed the page, the first-party cookie is generated. It collects all possible website settings e.g. the language, the cookie’s expiration time, the information entered by the user (log-in data, personal data sent via web forms, entries in search masks).

  • Third-party cookies, in their turn, are loaded by third-party servers on publishers’ websites. They record the users’ behavior and path on the internet in order to create their profile and display personalized ads on the basis of their preferences.

How does it work in practice? Let’s look at an example of an ad-retargeting service. Website owners put a 1×1 transparent pixel on their site. This pixel sends a request to the ad-retargeting server when the page loads and the server, in its turn, returns the requested information. Such an exchange allows them to assign a cookie to the users and retarget them later with the products or services they’ve viewed, interacted with previously or relevant new ones.


– Got that. Now, please, explain how ITP will actually affect affiliate marketing?

ITP 2.0 has brought about challenges for all digital marketing channels. Now there are very few affiliates left who rely on third-party cookies while tracking users’ behavior. They are fully blocked on Safari, which makes affiliate companies unable to accurately identify the sales that affiliates have delivered for their clients.

As a result, companies cant determine their best-performing marketing channels, affiliates are getting paid less as the sales are not linked back to their activity. Basically, it becomes almost impossible to make solid digital marketing strategies and plan marketing investments to meet business objectives.

You’ll probably say that Safari is not the only browser in the world. And you’re absolutely right.

The Usage share of web browsers​

Browser StatCounter NetMarketShare Wikimedia

Chrome 64.92% 64.62% 45.4%
Safari 15.97% 17.62% 24.9%

The fact is that this kind of threat is coming not only from Apple. The whole data-privacy landscape is continuing to change. And this will certainly cause the emergence of new developments and sophisticated security features are expected across more browsers and platforms soon.

“We need to think about all the data-collection mechanisms that take place across the ecosystem. We are making a number of upcoming changes to Chrome to enable these features, starting with modifying how cookies work so that developers need to explicitly specify which cookies are allowed to work across websites — and could be used to track users” — Google

Chrome is now aggressive against “fingerprinting”. They consider it as a harder-to-detect method of user tracking that overthrows cookie controls. So, they are more focused on “reducing the ways in which browsers can be passively fingerprinted so that we can detect and intervene against active fingerprinting efforts as they happen.”

Fortunately, affiliate companies are mindful of this and already started to implement solutions designed with respect to consumers and privacy laws. As to ad trackers, the most secure and reliable solution for tracking today is S2S postback URL. By the way, RedTrack was one of the first ad trackers which started massively implementing this method and made deep API-based integrations with affiliate marketing companies. The latest one was with CJ Affiliate.

– Okay, tell me how RedTrack can help me track my website users’ activity?

There are basically two methods you can now track your users: pixel tracking (cookie-based) and S2S postback tracking. The main difference between the two of them is that the first one uses cookies, while the second one has non-cookie based mechanisms behind. Is it worth repeating again, which one of them has the future?:)

S2S postback tracking, or server to server tracking, is captured and stored at the client-server, so you can easily understand the entire customer journey and develop specialized attribution/compensation models that reward contributing upstream partners in addition to the converting partner. It allows you to save the identifier (or user ID) directly to the advertiser’s, RedTrack’s and Affiliate Network’s servers.

So, clicking on the link, in a split second a user is transferred through their tracking domains and leaves the information about himself to all of them. After the transfer to the landing page, the user gets the ID in his URL. Neither Safari, no Google Chrome wont block any information about users in this way. When the conversion is made, Affiliate Network fires a postback, RedTrack gets the signal and initial user identifier and verifies conversion.

Screen Shot 2019-12-10 at 9.56.49 AM.png


Active member
Nov 18, 2019
Marketers will never give up Ad Trackers. It is the sole source of locating and gaining a customer. It is also a good way of finding prospective clients.
All I can is no Innovative ambitions would be affected by what Apple does.
Latest threads

Referral contests

Referral link for :


Popular tags

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.