Adobe Target

By @chrismdavis & @surebee 

Introduction

With the deprecation of third-party cookies upon us (Google is promising they will be unsupported in Chrome beginning later in 2024), it is a great opportunity to discuss what this means for Target. In addition to this, we'll also give an overview of what cookies Target uses, and how they can be examined by you, the high-tech marketer, with your head full of dreams and eyes full of stars.

Cookies Set by Experience Cloud Identity (ECID) Service

Here is a handy quick reference for the various cookies the ECID Service sets and whether or not they are used by Target.

Cookies Set By Target

Here is a handy quick reference for the various cookies that Adobe Target sets.

Breakdowns of Each Cookie

Now let's take a look at what each cookie's values should look like & how you can validate their values before putting this all together with the implications of third-party cookie deprecation.

Where to View Cookies In Your Browser

You can view Target cookies set on your machine by opening your browser's developer console on a page running Target and navigating to Application > Cookies (dropdown menu) > yourdomain.com(AMCV, AMCVS, mbox, and at_check, potentially along with: mboxEdgeCluster, customerclientcode!mboxPC, and customerclientcode!mboxSession depending on your implementation) or clientcode.demdex.net (demdex):

First-party cookies, filtered to cookies containing mbox in the name

Demdex cookie used by Target

ECID Service Cookies

Target Cookies

Target Without Third-Party Cookies

Now that we have a good understanding of which cookies Target uses & why, lets talk about what happens when we lose third-party cookies and what alternatives we have.

What Is Impacted

Target relies on third-party cookies for the following functionality:

• Use of Experience Cloud segments (segments shared from Analytics & Audience Manager) that cross domains in Target activities will no longer be possible, as the demdex cookie is used as part of a seed to generate the same ECID across multiple domains under the same IMS Org.
• Cross-domain session & profile sharing relies on third-party cookies for carrying mboxPC & mboxSession from one domain to another. This functionality will also be impacted by the deprecation of third-party cookies. Profile sharing could still be achieved using a Customer ID as long as sessions are expired before crossing domains. (see section below).

What Can Be Done About This?

While these are not 1-for-1 replacements for the functionality lost by the deprecation of third-party cookies, there are a few things you can do to supplement data available to Target for targeting:

• Implementing a first-party Customer ID for Target requests so that multiple ECIDs for a visitor can be tied to one first-party ID.
  • You can read more about setting Customer IDs in Target here
  • Setting the same Customer ID across domains will enable sharing of the Target Visitor profile across domains so long as session on the original domain has expired, sessions cannot be shared across domains & it is important to never have concurrent session for the same Visitor Profile.
  • You can pass an mbox session as a URL parameter, make sure you have a solid understanding of how Target sessions work (see info about mbox cookie for high-level details), and then talk to your Account Representative about this.
• Enrichment of the Target Visitor Profile (which is pseudonymous) is another course of action that could be considered; by passing information into Target as page or profile parameters, you can make it easier to Target individuals on subsequest visits where they may or may not have a first-party identifier present in their session. You can add extra context to Target calls through page & profile parameters, as well as through server-run profile scripts, read more about these here:
  • Page Parameters - for sending information about the current request
  • Profile Parameters - for sending information that should be appended to the Target Visitor Profile
  • Profile Scripts - for the ability to work with page & profile parameters in a more programmatic way (scripts very closely resemble JS, but are written in Rhino, a backend JS engine written in Java)

Apple Specific Considerations

Apple has taken several measures to restrict cookie lifetime and prevent cross site tracking using their Intelligent Tracking Prevention (ITP) technology. Below are the considerations pertaining to Target cookies and how they might impact your implementation.

First and Third-Party Cookie Support and Lifetime

What is CNAME in relation to Target implementations?

When implemented, Canonical Name (CNAME) support with Adobe Target, calls are made to a domain owned by the customer (target.example.com) rather than a domain owned by Adobe (clientcode.tt.omtrdc.net). CNAME allows you to handle ad-blocking issues on your site.

CNAME and relevance to ITP

With ITP 2.3 (dated 2020), Apple released a CNAME-cloaking defence feature. As a result, all first-party cookies set using CNAME cloaking will be set to expire in 7 days. Prior to ITP 2.3, CNAME was used as a method to circumvent the 7-day cookie lifetime restriction.

How is my Target implementation impacted for Safari Visitors due to ITP tracking changes?

Conclusion

We hope this guide helped you to better understand the cookies used by at.js Target implementations. If you are still unsure of any information covered in this guide, you can browse documentation on Experience League, check out the Experience League Forums, or contact your Account Representative.