App monetisation despite Apple’s iOS14 privacy features: how app operators secure their ad revenue
Table of contents
Have app operators seen better days? It’s no news that anyone who runs an app and wants to collect data for marketing purposes needs the consent of their users to do so. In addition to this challenge, a recently surfaced issue is causing unrest in the app business: Apple’s new privacy features in the iOS14 update. With this, app operators are now forced to actively ask their users for their consent in order to use or pass on the IDFA (Apples’ own Advertising ID, the “Identification for Advertisers”). What was authorised previously by factory settings (and could only be prevented via the settings menu) can now only be activated via an opt-in.
What does this mean? The user must now be asked directly whether his or her app/website activities may be tracked by means of IDFA in order for app operators to be able to display targeted personalised advertising. Although this may sound like the best news for data protection, it will be a nuisance for many users – and poses a whole new challenge for the app industry. But why, actually?
Would you like to be tracked by your app? Probably not!
Imagine this: a user downloads a new app and before he or she even opens it and the first question asked via a pop-up is: Do you want to be tracked by this app? Few would say yes and with a single click they would decide against sharing their personal data (or, more precisely, against using their IDFA).
What this response – and the accompanying loss of data – means for the business model used by a large part of the app industry is clear. When it comes to app tracking for marketing purposes, nothing is possible without the user’s consent.
“Consent is gold” is the latest saying among online marketers. If consent is worth this much, is it possible to obtain it in an appealing way? How do you convince app users to give their consent to the use of their personal data for marketing purposes?
This is where the trade-off comes in: added value, services and goodies in exchange for, you got it, consent.
Whether users give their consent is dependent on various factors. In general, the more relevant the content or service, the more willing users are to opt-in. So the question remains: How can I offer my users added value? And what public image does my company have in general with regard to data protection?
But let’s be honest. Even the most in-demand app from trusted providers will have to expect a significant drop in the opt-in rate due to the new iOS14 privacy features. There are hardly
any empirical values on this so far, and an optimistic view on this assumes an opt-in rate in the range of 50-70%. But there’s also some that shows that opt-in rates of 10-20% are much more realistic.
Not exactly a promising outlook that will make app developers say hip hip hooray. But a small piece of comfort is that as challenging as it may seem, you’re not alone. The issue affects the entire industry. Therefore, those who act as quickly as possible in collecting app consent will not only increase their opt-in rate (and thus their ad revenue), but will also gain a competitive advantage in the industry.
GOOD TO KNOW
At a glance: Apple Consent is only used to request user consent in regards to the IDFA and is not fully compliant with the pre-requisites set by the GDPR. It does not replace a Consent Management Platform (CMP). This means that in order to be legally compliant, the general consent for data use must be obtained in addition to the IDFA consent.
The problem: Before the app visitor can even use the app, the user would have been asked twice for his or her privacy preferences via a pop-up banner. So what can be done to prevent this scenario from ending in click-fatigue and fed-up opt-outs?
Best Practices for App Consent: how can I obtain consent as effectively as possible in order to optimise my opt-in rate?
Key to remember: when asking for consent, “when” and “how” have a decisive influence on the opt-in rate.
1. Order matters – show the CMP banner first.
If a user is prepared for what is to come, the more likely he or she is to give consent to the use of data. Most people expect a pop up when opening a new website. What we want to avoid is that users reject a pop-up if they find it unexpected and possibly annoying. Therefore, you should always display the CMP privacy banner first, because unlike the IDFA banner, you have the option of adapting it to your app in terms of text and appearance.
Our tip: Formulate the CMP banner text in a way that makes it clear to the user what purpose his or her consent serves, what advantages he or she has, e.g. through personalised advertising (vs. unfitting ads), and what the next pop-up (the IDFA banner) is all about.
2. Display the IDFA-Consent banner second.
Users have been warned, they know what’s coming next – making this the right time to show the IDFA banner. Just so you know, the IDFA banner cannot be customised or changed by the user and only offers two options: accept or reject.
But don’t worry: many Apple users already know this procedure, e.g. when they are asked within the app whether the app may access their camera or photos.
How can I ” optimise” my CMP in compliance with the GDPR in order to increase the opt-in rate?
Please keep in mind that the legal framework for data protection is very complex and subject to constant change. Our tip: be sure to consult a data protection expert with any questions you may have.
Option 1: “Optimise” the banner layout
There is no one size fits all for the ideal CMP banner layout where opinions differ when it comes to banner compliancy. The current legal framework still offers various loopholes and grey areas for optimising the opt-in rate. The TCF Privacy Banner allows user data to be collected by pre-ticking boxes on the legal basis of legitimate interest. For example, instead of offering the user an opt-out option for this entire category in the first layer via a toggle switch, this can of course also be “hidden” in the second layer only accessible via several drop-down variations.
But should banner strategies such as those with a difficult opt-out be used just because it is still permissible? From a marketing point of view, the move to collect as much data as possible for as long as possible may be understandable. Yet as GDPR regulations get stricter by the day, this type of thinking isn’t sustainable in the long run. Therefore, to be ahead of the game and prepared for any changes in policy, it is critical to ensure that one’s data strategy matches the current GDPR regulatory framework.
How such a strategy can look is very individual. It is definitely worthwhile to seek expert advice from professionals who have expertise in this area (such as the management consultancy Blackmint).
Option 2: Cross Device Consent Sharing
Quality CMP’s offer the possibility to share the privacy preferences of users across several devices (smartphone, tablet, notebook). In other words, as soon as a user is identified on a device for the first time (e.g. via a log-in), the privacy preferences that he or she has set via the CMP can be passed on. This means that with each subsequent app visit via the same device, the user will not be disturbed by a consent banner.
The logic behind this strategy is that those who rarely ask will rarely get a refusal. As long as the users are sufficiently informed about the practice of cross-device consent sharing, such a method is ultimately a sound privacy strategy for every actor involved.
Option 3: A/B Testing
Are your CMP and IDFA banners implemented and working as intended, but the opt-in rates are still low? No need to worry, as many CMPs offer the possibility to carry out A/B testing measures. Conducting A/B testing is quite simple and a higher opt-in rate might be as easy as adjusting the banner to the look and feel of the app. For example, how is the opt-in rate affected if the wording in the text box is altered?
The next step is to test banners with different variants against each other as you compare values and find the optimal CMP/IDFA banner combination. This is achieved gradually and easily by means of trial and error. Practice makes perfect!
One thing is clear: the topic of “consent” is here to stay in the digital industry. What once was solely found on websites, cookie banners are now taking hold of the entire mobile device sector. And this is by no means the end of the story. It is only a matter of time before all devices, from smart TVs to various other smart home devices (refrigerators, etc.), will ask for their users’ consent to use data. Why? Because data privacy is becoming a mandatory theme throughout the digital world and GDPR regulations demand this via hefty fines.
If you are a business owner, it is now time for you to consider: which areas of my business are affected by data privacy now and in the future?
Anyone who relies on a data-based business model will have no choice but to develop a comprehensive, future-proof data strategy at an early stage. Given fines of up to 4% of annual turnover for DSGVO violations it is important to appoint someone who is permanently responsible and who will stay on top of changes in the GDPR frameworks.
Admittedly, the topic of data protection can be seen as a hassle. That’s why we at Usercentrics seek to make the shift into GDPR compliance as easy for you as possible. Gain customer trust through transparency and secure a competitive advantage over your competitors using the right CMP.
Would you like to learn more about mobile app Consent Management and get to know our mobile app CMP solution?
You can find all information here.
YOU WANT TO LEARN MORE ABOUT OPT-IN OPTIMIZATION?