A Marketer’s Guide To User ID Targeting — Part 2: Understanding Android ID & The Future Of Mobile User IDs

Since I wrote the first article in this two-part series, a lot has come to light regarding the use of mobile user IDs — especially Android ID, of which the public knows little about compared to the far more publicized Apple UDID and IDFA. In closing out this user ID targeting series, we’ll dive into Android ID and discuss the future of user identification in the mobile industry.

Understanding Android ID

Android ID is a software identifier that changes every time an Android device is reset to its factory settings. It has emerged as the leading choice amongst publishers in utilizing Android user identification.

In order to properly leverage Android ID, publishers typically pass it in a SHA1 hashed form of the ID (a favored obfuscation technique), which allows for anonymity and greater privacy. This characteristic of the hashed Android ID makes it much more desirable than a hardware-based identifier, which typically raises privacy concerns.

Stacking Android ID Against IDFA

The broader industry, and particularly privacy advocates, tend to compare Apple’s initiative on IDFA with Android ID.

The key reason Android ID does not stack up to the privacy reputation that IDFA has achieved is the level of user control. Resetting an Android ID requires a factory reset, a drastic move for many users as it often requires a long process of moving files and resetting all preferences and formatting they have worked hard to customize on their device.

Any Google initiative to offer users the same level of control that Apple provides with IDFAs is still to come. Until then, the industry must leverage Android ID responsibly when used for ad targeting and beyond.

ID Use In Mobile Advertising

User identification on desktops has allowed marketers to identify and target audiences that have an explicit or implicit interest in their products and services. When a user visits a site and expresses interest in a product, they start seeing relevant, targeted ads elsewhere on the Web. Search retargeting is another great example of this activity. Mobile has the potential to not only enable such experiences, but also to allow for even better connections between the physical world and the online world.

Early mobile targeting success has found that the places we physically visit are a much better indicator of our interests than the websites we visit or the apps we use — this makes user location information a major differentiator in mobile.

For instance, if a user visited one or more luxury auto dealerships in the last week, then they could see ads from other luxury car sellers in their area. A key consideration in enabling such a targeted user experience is that users are notified about how their location data is being collected and used, and they have the option to opt out (or refine their settings to their preferences).

Acting Responsibly

Regardless of when technology-based alternatives appear in the market, stakeholders in the mobile marketing and technology industry cannot underplay the role of their own proactive initiatives. Industry participants need to make an ongoing investment in understanding privacy issues. For example, companies should be transparent about what data is collected, how they are collecting it, and what users can do to control some or all aspects of that data collection/usage.

Companies should review their privacy policies with these things in mind. Such a review process leads to a powerful summary of internal practices and helps improve them as a result of better self-awareness. For instance, if internal reviews find that data is being retained for a longer time than necessary, then the company can update their data retention practices.

Privacy Issues In Mobile Marketing

Once a company has provided suitable disclosure to users, the next challenge is remaining updated about evolving standards. Engaging with industry groups is a great way to keep pace with contemporary thinking. For example, the Digital Advertising Alliance (DAA) put together an Application of Self-Regulatory Principles to the Mobile Environment (pdf) after significant research involving various stakeholders. Industry participants can use this document to educate themselves and understand privacy issues related to mobile advertising, such as responsible use of cross-app data and precise location.

There are other organizations, such as the Mobile Marketing Association (MMA) and Interactive Advertising Bureau (IAB), that have subgroups focusing on privacy related issues. TrustE is also a well-known resource that can audit and provide recommendations for an improved privacy framework for apps, an ad network, or any other instance of mobile data usage. In summary, industry participants can leverage several resources for guidance if they need help with their privacy initiatives.

What Now?

To continue to leverage user IDs appropriately and responsibly, I have a number of recommendations for my industry peers. This list includes the ways we can best work with the technology already available and thoughts on what we should have coming our way as innovation progresses.

• Some Android experts believe there may be convergence of app and Web environments on the platform. This could result in changes for the Android ID as well. Will Android see a cookie avatar in the app world, or will the ID come to Chrome browser? We have to wait and watch. A single ID simplifies the way users would need to express their choices, and hence would be better for user privacy.

• Operating system providers such as Apple and Google should also consider completing auto resets of IDFA-type identifiers periodically. This is a rough equivalent to the expiration time of a cookie on desktops — a long-accepted practice.

• Continue to present meaningful and easy-to-use mechanisms for privacy preferences. The recently launched Apple iOS7 allows for better control over how Apple collects user activity data. Now, users can control which apps and System Services have access to precise location information. Users can also erase logs of frequently visited locations. The rest of the industry, including Google, can learn from this and follow Apple’s lead.

Apple allows users control of their Frequent Locations

Of course, there may be policy and execution challenges with these suggestions, but we should be confident about the industry’s ability to deal with such challenges considering the incredible pace of progress it has witnessed in general.

As the mobile industry continues to evolve, many interesting usage scenarios like the ones above will appear. And with this, the overall user identification environment will also evolve. But by maintaining a responsible outlook on the use of mobile user IDs, we as an industry will (a) save ourselves time and money further down the road, and (b) expand the trust of the public in all the technology that makes mobile such a unique space.