What is Prebid’s SharedID: A Comprehensive Guide
Prebid SharedID is a solution that provides a privacy-friendly, reliable way to recognize users without relying on third-party cookies. User identification is essential for delivering relevant ads, tracking campaign performance, and maximizing revenue.
However, with third-party cookies on their way out, publishers face new challenges in keeping ad operations efficient and compliant.
In this article, we’ll explain how Prebid SharedID works, its technical foundation, and the benefits it brings to publishers and advertisers alike!
The Identity Challenge
Identifying users across websites is important for delivering personalized ads, measuring campaign effectiveness, and optimizing ad spend. This identification has traditionally relied on third-party cookies.
However, growing privacy concerns and stricter regulations are leading to the deprecation of third-party cookies. This presents a significant identity challenge for advertisers and publishers. Without third-party cookies, tracking users across the web is harder, making it difficult to serve targeted ads and accurately measure campaign performance.
This has led to exploring alternative solutions, such as using first-party data collected directly from users, adopting privacy-centric identification systems like Prebid’s SharedID, and focusing on contextual advertising.
The current state of digital advertising and third-party cookie deprecation impact
Traditionally, third-party cookies have been the primary tool for tracking users across different websites. These cookies allow advertisers to collect data on user interests and browsing habits, enabling them to serve targeted ads that are more likely to engage users.
However, due to growing privacy concerns and regulatory pressures, major web browsers are phasing out third-party cookies.
- Safari and Firefox have already blocked third-party cookies by default.
- Google Chrome will no longer phase out third-party cookies, but they’re trying a new approach that gives users more control over their web browsing privacy.
Prebid SharedID offers a viable alternative that balances the needs of advertisers and publishers with user privacy expectations.
SharedID Overview
SharedID is a privacy-centric user identification solution developed by Prebid.org, an open-source organization focused on creating transparent and efficient tools for digital advertising. The primary purpose of SharedID is to provide a standardized, transparent way to identify users across websites without relying on third-party cookies.
SharedID uses first-party cookies set by the publisher’s domain to assign a unique identifier to each user. This approach respects user privacy by allowing opt-outs and compliance with regulations like the GDPR and the CCPA.
By using a common user ID that is accessible to all participants in the ad ecosystem, SharedID facilitates better ad targeting and measurement while minimizing data fragmentation.
Definition and purpose
SharedID aims to help publishers and advertisers continue delivering relevant ads and content in a way that respects user privacy. It enhances collaboration within the advertising industry by providing an open-source, free-to-use solution that reduces dependence on proprietary identifiers.
There are 3 key features of SharedID:
- User privacy. SharedID is designed with user privacy in mind. It provides mechanisms for users to opt-out of tracking, ensuring compliance with global privacy regulations like the GDPR and the CCPA.
- Standardization. SharedID reduces fragmentation caused by multiple proprietary identifiers by offering a common user ID. This standardization simplifies the process for publishers and advertisers to recognize and target audiences effectively.
- Transparency and open source. As an open-source initiative, SharedID promotes transparency in how user data is handled and shared. This openness fosters trust among publishers, advertisers, and users.
How SharedID works within the Prebid ecosystem?
Here are 7 steps that explain how sharedID works:
- Page loads Prebid.js. When the webpage loads, it activates the Prebid.js package, which includes the SharedID module for user identification.
- User ID module setup. The publisher configures Prebid.js to use one or more user ID modules by calling `pbjs.setConfig({usersync})`. This configuration determines which types of IDs are available and which bidders can access them.
- First-party cookie check. If the setup permits, the SharedID module retrieves or sets a first-party cookie on the user’s browser to assign them a unique identifier.
- Running the auction. When a header bidding auction starts, Prebid.js triggers all enabled ID modules to include their user IDs in the bid requests.
- Sending IDs to bidders. The bid adapters send these user IDs and other privacy-related information (e.g., GDPR and CCPA consents) to the bidders’ endpoints for ad targeting.
- Bidder uses SharedID. Bidders use the SharedID to target ads, control ad frequency, or manage sequential ad delivery.
- The ad server selects the best ad. Finally, all bids go to the publisher’s ad server, which selects the best ad to display on the webpage based on the bids received.
Source: Prebid
Technical Foundation
UserID module
The Prebid UserID Module is the core system responsible for generating, storing, and managing user IDs within Prebid’s header bidding framework.
It provides a standardized way to identify users, helping to synchronize user data across multiple DSPs and data partners. SharedID is one of the user ID solutions within this module.
SharedID cookie generation
SharedID creates a unique user identifier stored as a first-party cookie on the publisher’s domain. This identifier is created when users visit a website implementing the Prebid UserID Module with SharedID enabled.
PubCommon ID integration
SharedID integrates Publisher Common ID (PubID), a first-party ID stored on the publisher’s domain. This combined approach provides a robust, scaled identifier that Prebid manages across participating publishers.
Server endpoint for cookie reliability
Prebid recommends setting the SharedID cookie through a server endpoint for enhanced reliability. This avoids client-side cookie limitations, particularly with browsers like Safari that restrict first-party cookies set via `document.cookie`
.
First-party vs third-party cookie considerations
SharedID primarily uses a first-party cookie stored directly on the publisher’s domain.
This allows it to avoid the restrictions on third-party cookies. Since first-party cookies are seen as less invasive and are essential for basic site functionality, they align better with privacy regulations. With first-party cookies, SharedID can maintain user identification across visits to the same publisher’s site, improving match rates and ad targeting without relying on external domains.
Originally, SharedID also included a third-party cookie to help track users across multiple websites, allowing for cross-site identification. However, as browsers increasingly restrict third-party cookies, this part of SharedID’s functionality is becoming less reliable.
In cases where third-party cookies are still permitted (such as in older browsers or specific settings), the third-party component can provide additional cross-site tracking capabilities.
Implementation Guide
There are several ways to integrate SharedID on your site. The table below gives an overview of the available options, and the following sections offer detailed instructions for each integration method.
Implementation | Description | Cookie lifetime | Technical difficulty | Revenue uplift |
3rd party cookies only | No first-party cookie solution. | Some blocked | None | Low |
User ID submodule | Including User Id Module in your Prebid.js installation. | 365 days | Basic | Good |
PubCID script | Adding the legacy PubCID script, not maintained by Prebid.org. | 365 days | High | Varies |
SharedID first-party endpoint | Writing a first-party cookie from your web server code. | 365 days | Intermediate | Best |
How is SharedID generated?
The SharedID is generated by creating a unique ID for each user visiting a publisher’s website that has implemented the Prebid UserID Module with the SharedID system.
This ID is stored as a first-party cookie on the publisher’s domain. If the SharedID cookie doesn’t already exist in the user’s browser, the SharedID module creates a new unique ID and sets it in a first-party cookie.
This ID remains associated with the user for future visits, enabling consistent tracking across sessions and making it easier for advertisers to recognize the user (within the constraints of privacy regulations) when they visit other sites that also use SharedID.
To enhance reliability, Prebid recommends setting this cookie through a server endpoint rather than relying on client-side methods, especially for browsers like Safari that limit cookies set via `document.cookie`
.
Storage and management mechanisms
We’ve already discussed that Prebid SharedID uses a first-party cookie stored on the publisher’s own domain. This avoids issues with third-party cookies and makes it easier to track users across their visits to the site. The cookie typically stores a unique identifier that helps recognize returning users.
The SharedID cookie has an expiration date (usually 30 days), after which it will be refreshed if the user visits again. Publishers can adjust this expiration based on their needs.
For better reliability, especially on browsers like Safari that restrict some cookie usage, publishers can use a server-side setup to set the cookie. This approach keeps the ID consistent and avoids client-side restrictions.
Publishers need to give users clear information about how SharedID is used and provide an option to opt-out. This can be managed by setting an “opt-out”
cookie if users choose not to be tracked.
Integration with Prebid.js
Now, let’s see how to set up the SharedID module in Prebid.js (version 5 and later) using a client-side cookie:
- Define the ID module. The
"sharedId"
module is specified, allowing you to generate and manage a SharedID for users. For backward compatibility, it can also be called"pubCommonId"
.
- Set the cookie name and type. The ID is stored in a first-party cookie named
"_sharedID"
. This cookie is set on the publisher’s domain.
- Expiration. The cookie has an expiration of 30 days, meaning it will stay in the user’s browser for 30 days before it needs to be renewed.
Additionally to the previously mentioned steps, you can set up the SharedID module in Prebid.js using a first-party server endpoint for more reliable cookie handling:
- Set Pixel URL. The
"pixelUrl"
parameter points to a server endpoint (in this case,"/wp-json/pubcid/v1/extend/"
). This URL triggers a request to your server to set or update the SharedID cookie.
Source: Prebid
Using a server-based setup is more reliable for certain browsers that restrict client-side cookies (like Safari). This helps you set up SharedID in a way that enhances compatibility and consistency across different browsers by relying on a server-side endpoint.
How is the SharedID represented in OpenRTB?
Here’s a breakdown on how the SharedID is represented in a real-time bidding request:
- The
"source"
value for SharedID in the OpenRTB request is set as"pubcid.org"
. This value identifies where the ID originates from.
Initially, Prebid used «sharedid.org,» but «pubcid.org» became the default because buyers adopted it more widely, making it more recognizable.
- The
"uids"
field contains a list of user IDs. Each user ID object has an"id"
(the unique identifier for the user) and an"atype"
that defines the type of identifier.
- The
"atype": 1
indicates the type of ID, often used to specify that this is an individual user identifier.
This allows advertisers to recognize and target users effectively by referencing a standardized source (pubcid.org). Using this recognized source improves compatibility and trust, as buyers are familiar with it.
User opt-out mechanisms
Prebid suggests that publishers inform users about how their IDs are used, especially for ad targeting, frequency capping, and features like sequential ads.
If a publisher’s legal team decides that an additional opt-out option is necessary–beyond standard mechanisms like GDPR and CCPA–the responsibility falls on the publisher to create and manage this opt-out process for first-party cookies.
For publishers who choose to build this opt-out process, the flow might look like this:
Offer an opt-out option–the publisher allows users to disable ad targeting.
Handle the user’s choice–if a user opts out, the page can take one of two actions:
- Set a
`_pbjs_id_optout`
first-party cookie to signal that the user does not want targeted ads.
- Skip calling
`pbjs.setConfig`
to initialize the user ID modules, effectively disabling tracking and ID generation for that session.
Privacy & Compliance
GDPR compliance
The General Data Protection Regulation (GDPR), enacted in the European Union, requires publishers to obtain clear user consent before collecting, processing, or sharing personal data.
SharedID requires publishers to integrate a user consent mechanism on their website, allowing users to opt in or out of having their data used for ad targeting. This consent management system ensures that users have control over their data and know exactly how it will be used.
Additionally, GDPR mandates transparency in data processing. Publishers using SharedID are encouraged to disclose how they use user identifiers, what data is collected, and how it’s shared with ad partners.
CCPA requirements
The California Consumer Privacy Act (CCPA) sets privacy standards for California residents, focusing on data access, transparency, and opt-out rights. CCPA requires that users be able to opt out of the “sale” of their personal information.
Publishers can implement an opt-out option using SharedID, either by setting a specific cookie or by disabling the SharedID module if a user chooses to opt out.
Similar to GDPR, CCPA also favors minimal data collection and requires publishers to disclose how user data is used and shared.
Data retention policies
Data retention policies define how long user data is stored and when it should be deleted.
With SharedID, publishers typically store user identifiers in first-party cookies with a set expiration (e.g., 30 days). If a user opts out or requests data deletion, publishers must remove the data to stay compliant with privacy regulations, keeping retention periods minimal and secure.
6 Benefits for Publishers
1. Enhanced user recognition across sites
Prebid’s SharedID enables publishers to assign a consistent identifier to users across different websites. This uniformity allows for better tracking of user interactions, leading to more personalized content and ad experiences.
By maintaining a stable user ID, publishers can accurately attribute user actions, enhancing the overall user experience and engagement.
2. Improved bid rates and fill rates
With SharedID, publishers can provide advertisers with a reliable user identifier, increasing the likelihood of targeted and relevant ads. Such a precision encourages advertisers to place higher bids.
Additionally, the improved targeting leads to higher fill rates, as more ad impressions are successfully matched with suitable ads.
3. Privacy compliance advantages
As we’ve already discussed before, SharedID is designed with privacy at its core, aligning with regulations like the GDPR and the CCPA.
By using first-party cookies and offering user opt-out mechanisms, SharedID helps publishers respect user privacy preferences and comply with legal requirements, reducing the risk of penalties and building user trust.
4. Publisher revenue impacts
The combination of higher bid rates and fill rates directly contributes to increased revenue for publishers. Publishers can command higher prices for their ad space by delivering more relevant ads.
Moreover, the enhanced user experience can lead to longer site visits and more page views.
5. Advertiser targeting capabilities
SharedID’s consistent and reliable user identifier allows advertisers to deliver ads that are more relevant to users’ interests and behaviors.
For publishers, this translates into attracting advertisers willing to pay premium rates for access to well-defined audience segments.
6. Comparison with other identity solutions
Unlike some proprietary identity solutions, SharedID is an open-source initiative managed by Prebid.org, promoting transparency and community collaboration. Its focus on privacy compliance and first-party data usage sets it apart from third-party cookie-based identifiers, which are increasingly restricted by browsers and regulations.
Integration with Other Solutions
Relationship with other Prebid modules
Prebid SharedID works seamlessly with other modules in the Prebid ecosystem, such as the UserID Module, which supports various identification systems for programmatic advertising.
SharedID can be combined with multiple ID solutions within Prebid.js, enabling publishers to use it alongside other user ID modules. This gives publishers the ability to customize their user ID setup to meet their specific needs.
Compatibility with alternative IDs
SharedID is compatible with other identity solutions like Unified ID 2.0, ID5, and LiveRamp, allowing publishers to implement multiple IDs in tandem. This compatibility ensures that even if one ID fails or faces restrictions on certain browsers, others can still function, improving overall user match rates.
By supporting multiple IDs, SharedID provides publishers with a more resilient approach to user identification in a changing digital landscape.
Note: SharedID will not replace third-party cookies on the publisher’s domain. It’s recommended to use multiple ID solutions and evaluate their effectiveness on a case-by-case basis to determine which performs best for your specific needs.
Integration with major SSPs and DSPs
SharedID integrates smoothly with major SSPs and DSPs that participate in Prebid’s header bidding framework. SharedID improves data consistency and match rates across the ad ecosystem by sharing a standardized user ID with these platforms.
This integration helps advertisers and publishers maintain more effective targeting and measurement, as SSPs and DSPs can recognize the SharedID and optimize their bidding strategies based on it.
Publisher ad server considerations: Advertiser Perspective
For publishers using SharedID, ad server setup must support first-party cookies and be compatible with Prebid.js configurations.
SharedID data needs to be appropriately integrated into the publisher’s ad server for consistent user identification and ad targeting across campaigns. Publishers may need to configure their ad server to prioritize SharedID within header bidding auctions, ensuring that demand partners receive the user IDs for effective bidding and targeting.
From an advertiser’s perspective, SharedID offers greater transparency and reliability.
Because SharedID is an open-source solution, advertisers can trust that it is developed with industry standards and privacy compliance in mind, unlike proprietary solutions that may prioritize company profits.
Conclusion
Prebid SharedID enables reliable tracking and ad targeting while staying privacy-compliant by using a first-party identifier stored on the publisher’s domain. As part of an open-source initiative by Prebid, SharedID comes with transparency and strong community support. This makes it a cost-effective, flexible, and privacy-focused choice for publishers.
SharedID implementation enhances ad performance by improving match rates, boosting bid rates, and supporting more relevant ad delivery. With a straightforward setup in Prebid.js, publishers can integrate SharedID and other user IDs to find the best strategy for their audience.