Last updated: April 12, 2022 Redefining customer identity for the cookie-less future

Redefining customer identity for the cookie-less future


“Right person, right message, right time” has been the challenge and opportunity in data-driven marketing for decades. We’ve long viewed customer identity as the basic requirement for success in this equation, but the way we think about identity is changing dramatically.

The days of using third-party cookies to target consumers are fading fast. Today, consumers are in control as privacy changes take hold, leading to a sea change in the way we manage customer data.

“Permission-based marketing” has evolved from concept to reality. What brought us here and how can companies move forward?

Customer identity: Remember DMPs?

In 2012, data management platforms were red hot. Back then, data management for customer experience mainly focused on figuring out who people were, based on their online identities, which revolved mainly around third-party cookies.

Marketers and advertisers collected millions – sometimes billions – of cookie IDs. They needed a scalable way to unify them into a single profile and use those IDs for advertising in online display campaigns.

It was a simpler time. What were we talking about back then?
  1. Capturing online IDs through tags and SDKs
  2. Creating cross-device graphs to match people with their multiple online IDs – mostly cookies, but also hashed e-mail addresses, mobile ad IDs, and even unique device IDs from an Xbox or PlayStation
  3. “Onboarding,” the process of associating an email address with a pseudonymous ID
  4. User matching, or how one company’s set of IDs could be matched to another’s. For example, how many IDs could a big CPG company match to a platform like Yahoo! for user-leveling targeting
  5. Marketplaces of online data, where you could buy “auto intenders” or “vacation travelers,” mostly comprised of addressable third-party cookies for data enrichment and targeting

All of these aspects of data management – pseudonymous, or “unknown” — are still important, and were why the DMP category grew so big and attracted so much investment. By 2014, almost every big DMP player had been acquired.

The problems DMP addressed were hard and still exist today.

Privacy’s in, cookies are out

People live a big portion of their lives online, so it will always be critical to have infrastructure to capture, unify, and activate data in the pseudonymous identity space. So, what’s changed?

  • Privacy laws: GDPR, CCPA and other privacy legislation has severely restricted companies’ ability to capture use data. This is a great thing. Back in the early 2000s “permission-based marketing” seemed like more business concept than reality. But now we live in a world where you actually need the consent of consumers to use their data, and we’re starting to put some real laws into place to enforce consent.
  • Browser changes: Apple has led the way here by changing their privacy rules to disallow the sharing of third-party cookies in Safari, among other things, including strict rules around capturing mobile event data. Google is begrudgingly doing the same with Chrome. It’s going to be impossible to target using third-party identifiers, and the era of broad-scale cookie-based targeting is coming to a close. This has led us to the next change.
  • Walled gardens: Apple, Google, Meta, Amazon, Walmart and others are creating closed systems of customer identity, rather than open marketplaces of consumers. Their data stays behind their walls. This has given rise to “clean room” technology — basically, a way of doing federated queries between systems where data can be shared without moving. Everyone with any amount of valuable user data not only can build a business around a walled garden, but the new rules practically require them to build one.

CDP vs. DMP: Flipping the script on customer identity

DMPs have given way to customer data platforms as privacy protections have taken hold. CDPs help brands manage both known and unknown data at scale in a world where first-party data is king.

Unlike DMPs, which managed only a pseudonymous identity, and worked mainly with one ID type (cookies), CDPs promise a more holistic approach to identity by capturing and unifying a broad spectrum of user data, from cookies to email addresses, postal addresses, and all kinds of IDs that are important to a business.

Not surprisingly, capabilities for managing customer identity have become most important CDP feature.

If you look at the big features DMPs covered 15 years ago, you’ll notice a commonality. Whether you’re talking about cross-device graphs, data onboarding, or online data marketplaces – every one of those services delivered identity from a top-down perspective.

In other words, enterprises bought user-level data from companies that packaged it, managed it, and sold it. This always seemed a little creepy, and consumers were justifiably concerned with how their personal data was being used to fuel big advertising profits.

We’re now entering a time where the approach to identity has been flipped. Now it comes from the bottom-up: consumers must authenticate into systems, establish a relationship with brands they trust, and specifically state their preferences for communication.

A new era: CIAM and ECPM

All of the sudden, the relatively quiet categories of customer information and authentication management (CIAM) and enterprise consent and preference management (ECPM) have take center stage.

Always loved by the CIO, but never considered by the CMO, CIAM and ECPM have now become the strategic priorities for modern customer data management.

Basically, if the new world of customer identity revolves around authenticated, consented-into data, then all brands need a system to capture user data and manage consent and preferences at scale. That system sits at the very heart to data management.

This capability has become a not only a legal requirement, but a basic requirement for customer experience delivery.

In 1999, marketing guru Seth Godin’s “Permission Marketing” book argued that “reaching out only to those individuals who have signaled an interest in learning more about a product… enables companies to develop long-term relationships with customers, create trust, build brand awareness — and greatly improve the chances of making a sale.”

All that’s changed since then is that permission marketing isn’t a differentiator or philosophy. It’s the rule.

Win customer trust with the right data privacy strategy.
Get started 

Share this:
Chris O'Hara

Subscribe to our newsletter for the most up-to-date e-commerce insights.

Search by Topic beginning with