Everything you need to know
about Apple’s IDFA and
SKAD

What Is IDFA?

The term ‘IDFA’ refers to ‘identifier for advertisers’. IDFAs are unique random device identifiers for iOS devices, first introduced in 2012, with Apple assigning a different one to each user’s device.

IDFAs are used by advertisers for tracking data, enabling them to deliver customized advertising. With this random device identifier, a specific user can be tracked and identified – albeit, without any personal information being revealed.

A simple way of understanding the concept of IDFAs, is as an Apple equivalent to cookie tracking for mobile games, except that it is assigned to specific devices instead of browsers.

The IDFA for a given device can be invaluable in a number of ways – for example, for discovering instances of a user triggering particular in-app events.

The IDFA can also help pinpoint the given user’s moments of interaction with mobile game advertising campaigns. This presumes that IDFA tracking is offered by the given channel, and the advertiser tracks users who interact with the ad in question.

IDFAs have long been extremely useful for determining, for the purposes of payment and attribution, instances of specific users clicking on an advert.

What factors make IDFA so significant?

Advertisers loved the ability that IDFAs give them to accurately track users of iOS devices. A particular iOS device being assigned a single IDFA means that if a given advertiser can track a specific IDFA within a campaign, they will be able to know more about what makes that user distinctive, and whether it was an advertising campaign that led them to install the game.

The fact that every iPhone shipped by Apple comes with its own unique IDFA, which will stay the same unless the given device user manually resets it, means a specific IDFA is likely to last for a much longer time than browser cookies.

However, Apple has shifted its emphasis in recent years, placing a much greater focus on user privacy. So, it should be no great surprise that Apple has introduced privacy-oriented changes over the last few years. These have included, with the release of iOS 10 in 2016, iOS users being given the option to enable a feature called ‘limit ad tracking’, or LAT.

When users activated LAT, their user information would appear blank – or to be more specific, measurement providers would be shown a string of meaningless zeroes. It would therefore no longer be possible for users to be tracked using their IDFA, which meant that they would also no longer be shown targeted ads.

From ‘limit ad tracking’ to App Tracking Transparency (ATT)

While the introduction of LAT might have seemed like bad news for advertisers, worse was to come. One source of respite for advertisers was that LAT had been an opt-in feature, rather than an opt-out one. So, iOS users who did not take advantage of the option would still have their IDFAs visible, and would therefore still be potentially subject to personalized advertising.

This would change with the arrival of iOS 14.5 in 2021. It marked Apple’s introduction of a new privacy framework known as App Tracking Transparency, or ATT, which gave users a prompt requiring them to explicitly allow tracking, in order for their IDFA to be shared.

This, as you might expect, was a profoundly unwelcome development for much of the mobile game advertising industry. While advertisers can still access information on the likes of CPIs and numbers of installs, the change prevented them from accessing user-level information, as can be crucial for understanding whether a given user is a relevant, likely-to-pay user, as well as for retargeting purposes.

There was, however, something else about iOS 14.5 that potentially helped soften the blow of the IDFA changes for many mobile game marketers. This was the ability that Apple gave advertisers to get data on postbacks, or mobile app install validations, directly from the Apple StoreKit Ad Network, or SKAdNetwork, instead of having to go through a registered ad network.

This change meant that SKAdNetwork (otherwise often referred to as SKAD or SKAN) could let advertisers know directly in the event of one of their ads leading to a user converting or installing their mobile game.

What is SKAD?

SKAdNetwork is Apple’s API-based, privacy-focused framework for attribution and measurement in relation to advertising campaigns run on iOS. It allows for the attribution of impressions and clicks to ad installs on iOS apps, enabling advertisers to access conversion data, but not any user-level or device-level data.

SKAN has gained in prominence in Apple’s ecosystem over time; when first introduced in May 2018, it was an optional API that made mobile app install attribution possible, at the same time as preserving privacy. But even back then, there was much speculation as to what the emergence of SKAN meant for the future of mobile attribution on iOS.

Sure enough, there have been many further evolutions in SKAN since then. The aforementioned iOS 14.5 saw SKAdNetwork receive hefty updates, with the release of SKAN 3 being significant given that SKAN had not previously been functionally useful for mobile attribution.

SKAN 4 was subsequently released in 2022, greatly bolstering SKAN’s capability. Enhancements here included privacy thresholds becoming crowd anonymity (thereby seemingly helping to reduce null values in install postbacks), and campaign IDs becoming source identifiers (allowing for greater insight into the most effective campaigns).

Apple’s Worldwide Developers Conference (WWDC) 2023, meanwhile, saw the unveiling of SKAN 5, which will allow for re-engagements to be attributed.

Is SKAdNetwork worth getting excited about for advertisers?

Let’s share the bad news first: even amid the continued evolutions of SKAdNetwork (or SKAN, or SKAD), as far as many advertisers are concerned, this privacy-oriented framework represents a limited and less-than-satisfactory substitute to the now largely killed IDFA.

Although SKAN does have the ability to attribute mobile app installs to an ad campaign, the absence of any user-level or device-level data greatly restricts its usefulness with regard to processes such as the tracking of user behavior and the measurement of retention and lifetime values.

Nonetheless, given SKAN’s status as the only attribution solution that the Apple ecosystem offers in the case of devices that don’t continue to make their IDFA visible, it is one that you will need to know about when looking to optimize your mobile game’s growth prospects.

Would you like to learn more about the distinctions between IDFA and SKAN, including in relation to attribution, and the implications for marketers, directly from our mobile game growth specialists? If so, please feel free to consult our eBook.

How do IDFA and SKAD attribution differ?

There’s a lot that distinguishes IDFA attribution from its SKAD counterpart. The primary area of differentiation concerns the data on user behavior that advertisers are able to access, and what they can use that data to track.

With IDFA attribution, it’s possible for users to be linked to specific events. It is a solution for one-to-one matching, and provides a complete and predictable level of detail with regard to such campaign variables as audiences, creatives, and placements.
On the other hand, with SKAD (or SKAN), the attribution process doesn’t allow for a specific install to be matched to a specific user. Nor is it possible to know what impression or click led to the app being installed. What is possible with SKAdNetwork, is that an install can be connected to a group of impressions / clicks within a unique ID, with this ID constituting a ‘cluster’ of users or variables.
It’s worth emphasizing that with SKAdNetwork being Apple’s privacy-friendly solution for the attribution of impressions and clicks to iOS app installs, its limitations from an advertiser perspective are very much deliberate on Apple’s part.

The SKAN framework is essentially a ‘walled garden’, with the attribution process itself occurring within the App Store, followed by verification on Apple’s servers. It’s at this stage that any information that could reveal a user’s identity is removed, and only after this are ad networks given access to the data so that ad executives can look at it.

So, as you can see, there is a lot new for advertisers, marketers, and app publishers to get to grips with, as a consequence of the diminished value of IDFAs, and the attendant fast rise of SKAN.

The essentials of the IDFA attribution process

Let’s take a closer look at exactly how attribution works with IDFAs:

A user clicks on an ad that an ad network or DSP has served. A number of campaign variables are tracked by this ad, including the creative, placement, and audience.

When the impression or click occurs, the MMP records the IDFA data that is linked to the advertised app.
The user heads to the app store, followed by installation of the given app or mobile game.

An install postback is sent to the MMP in real time. The MMP  is able to match this with the IDFA data that has been recorded for the app, and attributes the conversion to the DSP or the ad network through which the ad was served.

The MMP sends on the install postback, complete with the IDFA and granular conversion data of the given user, to the ad network or DSP.

The essentials of the SKAdNetwork attribution process

Mobile game marketers, advertisers, and app publishers making use of SKAN or SKAD, meanwhile, will have to get accustomed to these steps:

• A user clicks on an ad that an ad network or DSP has served. This ad tracks an ID with as many as 100 values that the advertiser has previously specified. With this ID, any campaign datapoint – such as creative, campaign, or placement – is able to be coded.
• Once the ad has been clicked on, the user will be led to the app store, where they then install the app or mobile game.
• Installation triggers the beginning of a 24-hour timer. Within that 24-hour window, in the event of the user carrying out a further action that causes the SKAdNetwork Conversion Value to be updated (for example, making a purchase or registering an account on the app), the timer will reset and continue for a further 24 hours.
• Once 24 hours have passed without the Conversion Value on the app being updated, the DSP will receive a postback. This postback is typically sent at any point within 24 hours of the timer running out, rather than immediately.
• The MMP will receive the postback from the DSP. This postback will include the impression data, but no user-level or IDFA information.

How IDFA and SKAD postbacks differ

The major changes brought about by the shift in the Apple ecosystem from IDFAs to SKAdNetwork are also reflected in the content of the actual postbacks:

• An IDFA postback consists of the device ID, also known as the IDFA, along with the impression or click that caused the attribution (click or install) to be generated. It also includes such additional data from the device as the IP address, geolocation, version of the operating system the user is using, and so on.
• A SKAdNetwork postback,meanwhile, provides the SKAdNetwork Campaign ID, restricted to 100 variables. Provided that Apple’s hidden privacy thresholds are met, the Publisher App Name / Bundle ID will also be included, as can (optionally) the Conversion Value.

So, what does all of this mean for mobile advertisers and developers?

As we touched on earlier, the transition in emphasis from IDFAs to SKAN within the Apple ecosystem is a less than desirable one for many advertisers; there is simply only so much that SKAdNetwork attribution can offer.

Nonetheless, it’s important to appreciate the fluidity of the situation. Apple has continued to work on updates to SKAdNetwork, introducing useful features such as view-through support. There are still hopes that further updates will help expand the amount of detail advertisers can access through SKAD attribution – even if for now, it is still seen as a poor substitute to ID-based tracking.

In the meantime, by working with the right mobile game growth specialists, you can help ensure you make all the right moves to support your game’s prospects in the post-IDFA landscape.

The pressure is on for mobile developers and advertisers to uncover alternative ways to gather and understand user data, while publishers must also carefully consider the optimal strategies for users who refuse to ‘opt in’ to tracking.

The situation becomes more challenging with Apple’s upcoming Privacy Manifests, which will record what data is collected by an app or third-party SDK, and how it’s used. This will help ensure developers certify that any SDKs they use comply with Apple’s privacy rules, effectively putting an end to the practice of ‘fingerprinting’. By using fingerprinting, advertisers could use information such as device type and installed apps to present targeted ads, in turn circumventing IDFA opt-in rules.