Adobe Experience Platform

NitinCT · 8/5/24

Hello Experts,

Lot of third party server side needs a field called Event ID. What value should be assigned to this field?

Second question, Also mostly all third party tags ask for any of these 3 fields to be provided with Value, Email ID, IP or Mobile Advertising ID. Is there any way we could avoid that?

Thanks

Nitin

Anil_Umachigi · 8/5/24

@NitinCT

UUIDv4 is a great library to generate that event ID, do not forget to pass it to both client side and server side ( media tags like facebook use these to deduplicate events) Read more around UUIDv4 below

https://www.geeksforgeeks.org/how-to-create-a-guid-uuid-in-javascript/

The more PII (hashed) you provide to vendors better the match rate which helps the marketing campaigns and some cases reporting ( google enhanced conversion)

For some of the vendors it is mandatory while some vendors are ok with IP address/user agent, so essentially it is not a blanket answer and it depends on each vendor.

We reached out to each vendor and got the must have and good to have properties for our use cases, reach out to marketing team/vendor to get that confirmation

Anil

View solution in original post

Anil_Umachigi · 8/5/24

@NitinCT

UUIDv4 is a great library to generate that event ID, do not forget to pass it to both client side and server side ( media tags like facebook use these to deduplicate events) Read more around UUIDv4 below

https://www.geeksforgeeks.org/how-to-create-a-guid-uuid-in-javascript/

The more PII (hashed) you provide to vendors better the match rate which helps the marketing campaigns and some cases reporting ( google enhanced conversion)

For some of the vendors it is mandatory while some vendors are ok with IP address/user agent, so essentially it is not a blanket answer and it depends on each vendor.

We reached out to each vendor and got the must have and good to have properties for our use cases, reach out to marketing team/vendor to get that confirmation

Anil

bjoern__koth · 8/7/24

@Anil_Umachigi what still surprised me a lot is that the conversion API endpoints in many cases do not support the same setup that you typically have on the client side.
Example: implementing the Twitter/X tag on the browser works fine, and you can send anything to the regular web endpoint, no matter if the user is logged in or anonymous.
Now upon business request, we should implement the same calls server-side and failed miserably.

reason for this was that X requires hashed PII which is not needed on client side. Alternatively, you should pass in the Twitter click ID. Now, you will not have this click ID unless the user came from a click on a Twitter ad.

Also, PII would only work for logged in users. In the end, after talking to Twitter and explaining them that this is stupid if you can provide an event ID that is identical for client- and served-side, they just nodded and said the will pass this on to the developers. We eventually dropped the server-side integration altogether.

Fair enough, one can argue that a Conversion API is merely meant to capture conversions and not background noise like page views.

But shall the shift away from client-side ever happen if the vendor side doesn't even cover the full feature set

Cheers from Switzerland!

Anil_Umachigi · 8/7/24

@bjoern__koth Totally share your views, what you had with twitter we experienced with Google, the enhanced conversion requires hashed email ( or phone) while this is not available all times, we were told nothing can be substituted for this.

The potential value should be weighed in from all vendors before one attempts to go this way.. my 2 cents.

Anil

bjoern__koth · 8/8/24

@Anil_Umachigi thx for sharing / confirming

Cheers from Switzerland!

talenttitan · 11/6/24

The Event ID field in third-party tags is typically used to uniquely identify each event or action that a user takes. This value should be unique for each event to ensure accurate tracking and attribution by the third-party system.

Common Options for Event ID

Auto-Generated Unique Identifiers: Use a UUID (Universally Unique Identifier) for each event. This can be generated on the server-side for each specific user action, ensuring uniqueness.
Timestamp-Based IDs: Use a combination of a timestamp with other unique identifiers, such as a session ID or user ID, which creates a unique ID for each event.
Custom Hashing or Encoding: If you have specific internal identifiers, you can hash them (using MD5 or SHA-256, for example) along with a timestamp or other unique fields to create a unique identifier for the event.

Providing Email ID, IP, or Mobile Advertising ID: Can We Avoid It?

For third-party tags that require at least one of these identifiers, you might be able to consider the following:

Data Pseudonymization: Some systems accept pseudonymized or hashed versions of these identifiers, such as a hashed email or IP address. Hashing the email (e.g., with SHA-256) can protect the actual email value while still providing a unique identifier that third-party systems can match.
Using Proxy Identifiers: If possible, you could use a unique, anonymous identifier for the user instead of directly passing an email or mobile advertising ID. This might include using a customer ID generated internally, though this depends on the requirements of the third-party platform.
Explicitly Opt-Out Fields: Some third-party services allow you to mark certain fields as "not applicable" or "opt-out," especially if data privacy and user consent regulations like GDPR and CCPA are relevant to your business.
IP Address Omission: If the third party absolutely requires an IP address but you prefer not to provide it directly, consider using the generalized geolocation or other anonymized location data (like a city-level geolocation) that can satisfy some geolocation-based requirements without directly identifying the user.

Always review the privacy policies and data handling practices of any third-party service to ensure that the data passed aligns with user privacy standards and legal requirements

Source: https://talenttitan.com/candidates/interview-preparation/all-skills/

talenttitan · 11/6/24

. What Value Should Be Assigned to the Event ID?

The Event ID field is generally used to uniquely identify each user event and prevent duplicate tracking. Here are some common strategies for generating an Event ID:

UUID (Universally Unique Identifier): Generate a UUID (such as UUIDv4) for each event. This guarantees a unique identifier without requiring any personal information.
Timestamp with Unique Identifiers: Combine a timestamp with a session ID, user ID, or other unique property to generate a unique value for each event. For example, using userID + timestamp ensures that each event ID is unique.
Hashing: If your event has an internal identifier (e.g., eventName + timestamp), hashing it with MD5 or SHA-256 can help create a unique, non-reversible event ID.

These approaches ensure uniqueness and help with event tracking and debugging.

2. Providing Value for Email ID, IP, or Mobile Advertising ID: Can We Avoid It?

Third-party tags often request one of these fields to link user events with a specific user identity or profile. If you’re concerned about data privacy, here are a few ways to minimize direct sharing of these identifiers:

Hashing (Pseudonymization):
- Hashing emails (e.g., using SHA-256) before sending them can allow matching while protecting the original email.
- Many third-party systems accept hashed email addresses as a substitute, allowing pseudonymization that preserves user privacy.
Session-Based Identifiers:
- Use a temporary session ID or customer ID generated by your system instead of passing a direct user identifier. This allows the third-party system to recognize the user’s session while not linking to personal identifiers directly.
Geo-based Anonymization:
- Instead of providing a direct IP address, consider using anonymized geolocation data, such as city or country-level data. This can satisfy location-based requirements without revealing specific IP addresses.
Explore Vendor Options:
- Some third-party vendors allow for “opt-out” configurations or accept less specific identifiers in line with GDPR, CCPA, and other privacy frameworks. Consult with vendors to find out if they support privacy-friendly configurations or optional anonymization settings.

Each approach balances user privacy with the data needs of the third-party service. Always review your third-party vendors' privacy policies to ensure they align with your data protection standards and regulatory requirements

Source: https://talenttitan.com/candidates/interview-preparation/all-skills/