automation

'Football Highlights',

A practical, seller-focused blueprint for mobile monetization without MAIDs. Build privacy-safe identity, audiences, and measurement that buyers trust.

'Football Highlights',

Post-ATT Identity for Sellers: Monetizing Mobile Without MAIDs

Apple’s App Tracking Transparency policy put a hard stop to legacy mobile audience addressability based on device identifiers. At the same time, Android’s Privacy Sandbox is reshaping signals and measurement on the other half of the market. Sellers who relied on MAIDs for performance and frequency are now discovering that identity is not a single switch - it is a stack. This thought piece lays out a seller-centric blueprint for monetizing mobile inventory without MAIDs. It synthesizes what we see across Red Volcano’s ecosystem of SSPs, app publishers, intermediaries, and CTV operators: what works, what is myth, and what to build next. It is intentionally practical, and it leans on a few principles that consistently separate resilient revenue teams from those still waiting for a silver bullet.

TL;DR for busy sellers

  • Make identity a portfolio: combine authenticated users, IDFV, on-device cohorts, and Seller Defined Audiences. Avoid single-point dependencies.
  • Lead with transparency and compliance: use app-ads.txt, sellers.json, Global Privacy Platform (GPP), and documented segment taxonomies. Buyers reward predictability.
  • Package outcomes, not only impressions: PMPs with SDA cohorts, contextual guarantees, and clear SKAN-modeled reporting win over vague “quality” pitches.
  • Instrument your data layer: first-party events, consent states, segment TTLs, and OpenRTB mapping are the difference between theory and spend.
  • Prove lift early: fast experiments with control groups and pre-post baselines beat “trust me” narratives. Build a small library of repeatable case studies.

1) What changed: From device IDs to signal portfolios

MAIDs were convenient. They enabled deterministic frequency, audience extension, and last-click-style attribution. ATT did not destroy demand for outcomes - it removed a high-friction identifier that carried privacy risk. On iOS, IDFA is gated behind opt-in; most apps cannot rely on it at scale. On Android, Privacy Sandbox is tightening cross-app signals, and GAID is vanishing from core workflows. Sellers must now construct monetization from signals they own and can lawfully use. That sounds dire; it does not have to be. Mobile sellers still control two powerful assets:

  • Context: session-level intent, app category and sub-context, screen semantics, geo (coarse), language, device capabilities, network conditions, and temporal patterns.
  • First-party relationships: logins, subscriptions, loyalty, declared preferences, and on-device behavior - within consent and platform rules.

The new game is choreographing these assets into privacy-safe audiences and measurement that buyers can consume through standard pipes. For scope, we focus on in-app mobile, but many patterns translate to CTV and emerging surfaces. References for context:

  • Apple, App Tracking Transparency and User Privacy & Data Use (developer.apple.com)
  • IAB Tech Lab, Seller Defined Audiences and Global Privacy Platform (iabtechlab.com)
  • Google, Privacy Sandbox on Android (developer.android.com)

    2) Principles that keep you out of trouble and in the plan

    Before diving into mechanics, align stakeholders on principles. They protect you from policy reversals and unlock repeatable revenue.

    • Privacy-by-design: collect what you need, minimize retention, TTL everything, and isolate per-jurisdiction processing. Do not assemble fingerprinting cocktails.
    • Transparency as a feature: document taxonomies and segment logic, expose deal lineage (supply chain object, sellers.json), and maintain a public signal sheet.
    • Interoperability over invention: map to IAB taxonomies, GPP, OpenRTB 2.6, and Prebid FPD. Custom is fine inside the house, but export in standards.
    • Value exchange first: authentication, declared preferences, and richer engagement follow when users understand the benefit. Buyers pay up for permissioned signals.
    • Evidence beats anecdotes: whenever you launch an audience or optimization, define the counterfactual and measure lift - even if small - with SKAN or modeled outcomes.

    3) The seller identity stack without MAIDs

    Think of identity as layers. If one erodes, others carry load. Here is a resilient stack ranked by trust and commercial utility.

    3.1 Authenticated identity (deterministic, consented)

    If your app has login or subscription, this is your foundation. Hashed emails or phone numbers, kept within policy, enable activation via interoperable IDs (for example, UID2 in certain ecosystems) and clean-room matches. Deterministic identity earns top CPMs, but only if you respect consent signals and provide portable documentation to buyers.

    • Pros: deterministic, permissioned, high buyer trust, supports frequency and closed-loop measurement in matchable surfaces.
    • Cons: limited scale, UX and value exchange required, legal overhead.

    References:

  • IAB Tech Lab, Data Transparency Standard and Seller Defined Audiences
  • The Trade Desk UID2 (for awareness of cross-ecosystem options)

    3.2 IDFV and on-device identity (same-vendor scope)

    On iOS, IDFV lets a vendor coordinate frequency and personalization across its own apps. It is not cross-vendor tracking, but it is valuable for session quality and respectful engagement. Treat it as a performance oil, not a cross-app audience currency.

    • Pros: stable within your app portfolio, platform-compliant, low friction.
    • Cons: limited scope, cannot be used for cross-app tracking or data brokering.

    Reference:

  • Apple Developer Documentation, Identifier for Vendor

    3.3 Seller Defined Audiences (SDA) and first-party cohorts

    SDA packages first-party signals as cohorts buyers can transact against via open pipes. The point is not to mimic MAIDs; it is to make context and behavior legible and repeatable. Good SDA programs are transparent, conservative, and iteratively tuned.

    • Pros: scalable, privacy-preserving, standard-compliant, works in PMPs and the open exchange.
    • Cons: requires taxonomy governance, QA, and measurement to avoid “segment inflation.”

    Reference:

  • IAB Tech Lab, Seller Defined Audiences

    3.4 Contextual intelligence

    Context is not just app category. It includes screen-level semantics, dwell time, scroll depth, language, network quality, time of day, and lightweight attention signals. When you enrich content and session context consistently, bidders do more with it.

    • Pros: large scale, compliant by design, robust across OS policies.
    • Cons: needs disciplined feature engineering and content labeling to avoid buyer skepticism.

    References:

  • IAB Tech Lab, Content Taxonomy
  • Prebid, First-Party Data and ortb2 config

    3.5 Clean rooms and deal-based activation

    Authenticated subsets can be activated through buyer clean rooms for high-value deals, especially with retailers and financial services. This is not a spray-and-pray tactic. It is a surgical monetization path for premium surfaces.

    • Pros: premium CPMs, privacy controls, co-measurement possibilities.
    • Cons: setup overhead, requires legal and security buy-in, limited scale.

    References:

  • IAB Tech Lab, Guidance on data clean room interoperability

    3.6 SKAdNetwork and modeled outcomes

    You will not restore campaign logs to MAID-level granularity. You can still provide probabilistic comfort through SKAN postbacks, incrementality tests, and baseline models. Buyers do not need perfection; they need stable, explainable evidence.

    • Pros: OS-blessed, increasingly understood by growth buyers, supports lift narratives.
    • Cons: delayed, aggregated, needs thoughtful CV schema and privacy thresholds.

    Reference:

  • Apple Developer Documentation, SKAdNetwork

    4) Building the data layer: what to collect, how to map, how to ship

    The hardest gap we see is not theory - it is plumbing. Here is a practical blueprint for a seller data layer that exports clean signals to SSPs and exchanges via OpenRTB and Prebid.

    4.1 Event model and storage

    At minimum, instrument:

    • Session events: start, foreground/background, approximate duration, key screens viewed.
    • Engagement: scroll depth or interaction flags, content consumption markers.
    • Commerce: soft and hard conversions, subscriptions, in-app purchase events.
    • Consent: ATT status, GPP string and sections, per-region storage rules, audit trail.
    • Identity: login state, first-party ID, IDFV, and any interoperable identifiers (only if user consented).

    Apply TTLs to derived segments. If “sports enthusiast” has 30-day half-life, enforce it. Buyers respect shelf lives. Example SQL snippet for building a 30-day recency-based cohort:

    -- Build a seller-defined audience: "Sports_Active_30d"
-- Criteria: viewed >= 3 sports content sessions in last 30 days with >= 60 seconds dwell
CREATE MATERIALIZED VIEW sda_sports_active_30d AS
SELECT
user_fp_id,
COUNTIF(content_topic = 'sports' AND dwell_seconds >= 60) AS sports_sessions_30d,
MAX(event_ts) AS last_activity_ts
FROM analytics.session_events
WHERE event_ts >= CURRENT_DATE - INTERVAL '30' DAY
GROUP BY 1
HAVING sports_sessions_30d >= 3;
-- Enforce TTL: expire after 45 days
CREATE POLICY ttl_sda_sports_active_30d
ON sda_sports_active_30d
USING (last_activity_ts >= CURRENT_DATE - INTERVAL '45' DAY);

    4.2 OpenRTB mapping

    Map your signals into standard OpenRTB fields. Keep custom fields under ext, and document them. OpenRTB 2.6-style mobile request snippet with SDA, GPP, and transparency objects:

    {
"id": "req-123",
"tmax": 250,
"app": {
"bundle": "com.publisher.app",
"name": "Publisher App",
"cat": ["IAB1", "IAB1-6"],
"publisher": {"id": "pub-789", "name": "Publisher Inc"},
"storeurl": "https://apps.apple.com/app/id1234567890",
"content": {
"title": "Football Highlights",
"userrating": "4",
"language": "en",
"cat": ["IAB17-18"],
"keywords": "nfl,highlights,playoffs"
}
},
"device": {
"ua": "Mozilla/5.0 ...",
"ip": "192.0.2.1",
"os": "iOS",
"osv": "17.5",
"devicetype": 4,
"language": "en",
"connectiontype": 2,
"ifa": "",
"didsha1": "",
"didsmd5": "",
"lmt": 1
},
"user": {
"id": "fp-abc123",
"buyeruid": "",
"data": [
{
"name": "publisher.com",
"segment": [
{"id": "SDA_Sports_Active_30d", "ext": {"ttl": 45}},
{"id": "SDA_Purchase_Intent_Subscriptions"}
],
"ext": {
"segtax": 600
}
}
]
},
"source": {
"tid": "trans-456"
},
"regs": {
"coppa": 0,
"gpp": "DBABRg~CPXxRPAPXxRPAAfKAAENAAAAAIAAA...",
"gpp_sid": [2, 7, 9]
},
"ext": {
"schain": {
"complete": 1,
"nodes": [
{"asi": "ssp.example.com", "sid": "12345", "hp": 1}
],
"ver": "1.0"
}
},
"imp": [
{
"id": "1",
"instl": 0,
"secure": 1,
"banner": {"w": 320, "h": 50, "pos": 1},
"bidfloor": 0.5,
"pmp": {
"private_auction": 0,
"deals": [
{"id": "PMP_SDA_Sports_Active_30d", "at": 2, "bidfloor": 3.5}
]
}
}
]
}

    Notes:

  • user.data.name identifies the data provider.
  • ext.segtax references your taxonomy mapping. Align with IAB Tech Lab documentation for SDA and audience taxonomies.
  • regs.gpp and regs.gpp_sid carry consent signals across jurisdictions.
  • schain and sellers.json consistency reduce bid shading and unlock demand path analytics. References:
  • IAB Tech Lab, OpenRTB 2.6
  • IAB Tech Lab, Global Privacy Platform
  • IAB Tech Lab, sellers.json and supply chain object

    4.3 Prebid first-party data for in-app

    If you use Prebid Mobile or Prebid Server, inject first-party data via ortb2. This improves adapter compatibility. Example Prebid.js-style configuration (conceptually similar for mobile in-app via Prebid Server):

    pbjs.setConfig({
ortb2: {
site: {
cat: ['IAB17-18'],
content: {
language: 'en',
keywords: 'nfl,highlights,playoffs'
}
},
user: {
data: [
{
name: 'publisher.com',
ext: { segtax: 600 },
segment: [
{ id: 'SDA_Sports_Active_30d' },
{ id: 'SDA_Purchase_Intent_Subscriptions' }
]
}
]
},
regs: {
gpp: 'DBABRg~CPXxRPAPXxRPAAfKAAENAAAAAIAAA...',
gpp_sid: [2,7,9]
}
}
});

    Reference:

  • Prebid, First Party Data and ortb2 configuration

    4.4 SKAdNetwork conversion schema hygiene

    You will not unlock postbacks without a plan. Keep conversion values legible and tied to clear funnel events. Example Swift-like pseudocode for a simple SKAN conversion model:

    enum ConversionValue: Int {
case install = 1
case registration = 3
case subscriptionTrial = 12
case purchaseTier1 = 20
case purchaseTier2 = 30
}
func updateConversionValue(event: AppEvent) {
switch event {
case .appInstall:
SKAdNetwork.updatePostbackConversionValue(ConversionValue.install.rawValue)
case .registration:
SKAdNetwork.updatePostbackConversionValue(ConversionValue.registration.rawValue)
case .trialStarted:
SKAdNetwork.updatePostbackConversionValue(ConversionValue.subscriptionTrial.rawValue)
case .purchase(let amount):
let cv = amount < 10 ? ConversionValue.purchaseTier1 : ConversionValue.purchaseTier2
SKAdNetwork.updatePostbackConversionValue(cv.rawValue)
}
}

    Keep the model small and interpretable. Share a one-pager with buyers describing:

    • What each conversion value means: install, register, trial, purchase tiers.
    • Expected postback windows: and how you attribute to deals.
    • How you validate lift: control regions, holdouts, or pre-post comparisons.

    Reference:

  • Apple Developer Documentation, SKAdNetwork conversion values

    5) Packaging for buyers: turn signals into sellable products

    Buyers need reliable products, not raw data. Convert your stack into packages they can plan and measure.

    5.1 SDA-based PMPs

    Pick three to five SDA cohorts with the strongest evidence and coverage. Avoid overfitting or hyper-niche segments that confuse planning. Standardize a short spec for each cohort:

    • Definition: clear criteria with TTLs and refresh cadence.
    • Coverage: daily active users, geographic skews, top app sections.
    • Benchmarks: baseline CTR, viewability, SKAN-modeled post-install rate.
    • Brand safety: taxonomy exclusions and content guardrails.
    • Pricing: floor guidance and deal types (open, preferred, guaranteed).

    5.2 Contextual guarantees

    Some buyers want certainty on placement rather than audience. Offer curated packages with documented context and quality:

    • Sports highlights premium: high viewability placements in sports video sections, optimized for attention metrics.
    • Utility moments: weather, transit, finance updates with day-parting controls.
    • Ad-light experiences: low ad density for high dwell-time screens.

    Make viewability and attention metrics verifiable. Buyers value concordance with independent measurement where possible.

    5.3 Clean-room activations

    For high-value buyers with deterministic identity, propose project-based clean-room matches on a small portion of inventory:

    • Scope tightly: agree on a single KPI and a single audience intersection.
    • Co-measure: share SKAN-modeled outcomes and holdouts transparently.
    • Sunset dates: align to a defined campaign window to reduce data creep.

    5.4 Measurement packaging

    Measurement is part of the product. Provide a short menu:

    • Awareness: viewability, attention proxy, and on-site engagement.
    • Consideration: scroll depth, repeat sessions, video completion rates.
    • Performance: SKAN conversion tiers, modeled ROAS ranges with caveats.

    6) Proving value: experimentation playbook

    Do not wait for perfect telemetry. Ship small and prove lift.

    • Define a counterfactual: for each audience or package, hold out 10 to 20 percent as a control. If that is not feasible, use pre-post baselines on matched inventory.
    • Use SKAN conservatively: aggregate results by conversion tiers, not by bid request. Share confidence intervals, not false precision.
    • Run four-week sprints: measure weekly to catch directional signals, but decide on four-week aggregates to reduce noise.
    • Document and templatize: create one-pagers that make your next pitch faster.

    7) Compliance, platform policy, and trust

    Trust is a feature. Protect it.

    7.1 Apple policies and fingerprinting avoidance

    Resist the urge to combine device and network signals in ways that approximate MAIDs. Apple’s policies prohibit fingerprinting. Use only sanctioned identifiers (IDFV, SKAN) and coarse signals for performance engineering, not identity reconstruction. Reference:

  • Apple, User Privacy and Data Use

    7.2 Consent and GPP

    Treat consent as a first-class dimension. Store the GPP string and jurisdiction IDs per event, and propagate them in every bid request. Build audit logs so you can prove compliant processing. Reference:

  • IAB Tech Lab, Global Privacy Platform

    7.3 Minimize data egress

    Move from raw log sharing to aggregated reporting and clean-room style exchanges when deterministic identity is involved. In open programmatic, keep the payload lean and documented.

    7.4 Transparency artifacts

    Maintain:

    • app-ads.txt: authorized sellers for your app bundle(s).
    • sellers.json: updated and consistent across intermediaries.
    • Supply chain object: present and correct in bid requests.
    • Signal sheet: public doc describing your fields, taxonomies, and refresh cadence.

    References:

  • IAB Tech Lab, app-ads.txt

  • IAB Tech Lab, sellers.json and supply chain object

    8) What good looks like: a maturity model

    You do not need everything on day one. Here is a practical progression.

    • Phase 1: Hygiene: consistent app-ads.txt, sellers.json, GPP, basic content taxonomy, and Prebid ortb2 enrichment.
    • Phase 2: SDA core: two to three audited SDA cohorts with weekly reporting and SKAN-aligned outcomes.
    • Phase 3: Packaging: PMPs with tiered floors, contextual guarantees, and case-study one-pagers.
    • Phase 4: Deterministic edge: selective clean-room deals for authenticated users, with clear legal and sunset controls.
    • Phase 5: Optimization flywheel: data science tunes cohorts, attention models, and day-parting based on validated lift.

    9) How Red Volcano helps sellers and SSPs operationalize this

    Red Volcano specializes in publisher discovery and data intelligence for the supply side. Post-ATT, we see three leverage points where our platform de-risks your roadmap.

    • Magma Web, inventory intelligence: map your app portfolio’s technology stack, SDKs, and category context; benchmark against peers; identify gaps in app-ads.txt and sellers.json coverage.
    • Technology stack tracking: understand which SDKs support SKAN, Prebid modules, and privacy-aware analytics. Reduce integration debt before you pitch PMPs.
    • Ads.txt and sellers.json monitoring: keep your transparency artifacts correct across all properties and intermediaries; detect leaks that erode CPMs.
    • Mobile app discovery with SDK intelligence: discover adjacent publishers for SDA supply alliances and curated marketplaces that improve scaled coverage.
    • CTV data platform: port the same SDA and contextual patterns from mobile to CTV, where MAIDs never existed in the first place.
    • Publisher sales outreach: package your SDA cohorts and contextual guarantees into outreach narratives that resonate with SSPs and DSP curation teams.

    We align with a privacy-by-design stance. Our focus is accelerating seller readiness without pushing into brittle workarounds.

    10) Advanced considerations and common traps

    10.1 On-device modeling that respects policy

    Edge models can classify sessions without exporting raw features. Keep models compact, update periodically, and measure their impact on bid rate and CPM. Document that you do not export model features that would constitute fingerprinting.

    10.2 Frequency management without MAIDs

    Use a layered approach:

    • Within-app frequency: enforce with first-party IDs and IDFV.
    • Deal-level caps: implement via PMP constraints and server-side counters.
    • Buyer collaboration: coordinate with DSPs on line-item capping within curated marketplaces.

    Do not promise cross-app frequency where you cannot deliver.

    10.3 Avoid segment sprawl

    It is tempting to ship dozens of segments. Resist. Every segment needs QA, TTL, case studies, and reporting. Start with three to five that map to real budget categories: sports, entertainment, finance, family, deal-seekers.

    10.4 Bid shading and floor strategy

    Post-ATT, some buyers shade bids more aggressively when they do not trust signals. Counter with:

    • Transparent floors: explain why a cohort commands a higher floor and show lift data.
    • Deal-based tests: let buyers try lower floors for one week in exchange for data-sharing that validates value.
    • SSP alignment: coordinate with SSP partners on pricing feedback loops and analytics.

    10.5 Attention metrics: useful, not universal

    Attention can differentiate when implemented responsibly. Choose one or two proxies you can defend (viewability plus scroll depth, or video quartiles plus dwell). Do not rebrand vanity signals as science. Keep it explainable.

    11) Putting it together: a 90-day execution plan

    If you are starting today, here is a pragmatic timeline.

    Days 0 to 30: Hygiene and groundwork

    • Inventory transparency: audit app-ads.txt, sellers.json, schain across your SSPs.
    • Data layer: implement event capture for session, engagement, consent; wire GPP propagation.
    • Taxonomy mapping: choose IAB Content Taxonomy and draft initial SDA definitions with TTLs.
    • Prebid/SSP enrichment: inject ortb2 user.data and content fields; test with a sandbox SSP endpoint.

    Deliverables: updated transparency artifacts, ortb2 payload samples, SDA definitions v1.

    Days 31 to 60: MVP packages and first tests

    • Launch two SDA cohorts: e.g., Sports_Active_30d and Deal_Seekers_14d.
    • Set up PMPs: with two SSPs; define floors and reporting cadence.
    • SKAN schema: lock a simple conversion mapping and publish a one-pager to buyers.
    • Run controlled tests: holdouts or pre-post with matched inventory; instrument dashboards.

    Deliverables: live PMPs, initial case-study snapshots, SKAN one-pager.

    Days 61 to 90: Scale and storytelling

    • Add a contextual guarantee: one curated placement package with attention metrics.
    • Refine segments: prune underperformers, tune TTLs and thresholds.
    • Publish case studies: 2 to 3 one-pagers with lift graphs and narratives buyers can circulate.
    • Explore clean-room pilot: one deterministic activation with a friendly buyer.

    Deliverables: three sellable products with documented performance, pilot clean-room brief.

    12) FAQ for commercial teams

    • Do buyers really spend without MAIDs?: Yes. They reallocate toward transparent, measurable packages. PMPs with SDA and clear reporting are winning line items across sports, finance, and utility categories.
    • Is UID2 or other interoperable IDs enough?: Helpful when you have login. They are not a panacea. Treat them as an ingredient, not the cake.
    • How do we handle Android?: Prepare for Privacy Sandbox. Focus on the same principles: first-party cohorts, contextual depth, and sanctioned measurement APIs.
    • What about probabilistic IDs?: Avoid. They carry policy and platform risk and erode buyer trust. Invest in cohorts and context.
    • How do we forecast without MAIDs?: Forecast cohorts and context, not user reach. Use historical DAU by cohort, content distribution, and viewability-adjusted impression pools.

    13) Conclusion: The new seller advantage

    Post-ATT identity is not an identity crisis; it is a forcing function. Sellers that lean into privacy-safe cohorts, transparent packaging, and pragmatic measurement are winning. They command better floors, enjoy steadier demand, and sleep better during policy cycles. Your advantage is not a secret data trick. It is excellence in signal hygiene, interoperability, and evidence. Start with a narrow set of SDA cohorts, enrich context responsibly, package outcomes buyers can measure, and iterate with real experiments. That beats waiting for MAIDs to come back - they will not. Red Volcano is here to help you benchmark, discover partners, track the right SDKs, and package your inventory into products that perform. If you align the organization behind this stack, your revenue mix will be more durable than anything you had in the MAID era.

    References and further reading

  • Apple Developer Documentation - App Tracking Transparency and User Privacy & Data Use: https://developer.apple.com/app-store/user-privacy-and-data-use
  • Apple Developer Documentation - SKAdNetwork: https://developer.apple.com/documentation/storekit/skadnetwork
  • IAB Tech Lab - Seller Defined Audiences: https://iabtechlab.com/seller-defined-audiences
  • IAB Tech Lab - Global Privacy Platform: https://iabtechlab.com/standards/global-privacy-platform
  • IAB Tech Lab - OpenRTB 2.6: https://iabtechlab.com/standards/openrtb
  • Prebid - First Party Data and ortb2: https://docs.prebid.org/features/firstPartyData.html
  • Google - Privacy Sandbox on Android: https://developer.android.com/design-for-safety/privacy-sandbox These links offer technical baselines and policy guidance you can cite in buyer conversations and internal architecture reviews.