Zeotap CDP
Zeotap is a Customer Intelligence Platform (CIP) that helps companies better understand their customers and predict behaviors, to invest in more meaningful experiences. We enable brands to build on a nucleus of first-party data to win new customers and grow their loyal base. Our independent but integrated modules include customer data unification, identity resolution, enrichment, analytics/modelling (including in data clean rooms), and activation to 100+ partners in the marketing ecosystem. Recognized by Gartner as a “Cool Vendor” (2020) and by AdExchanger as the “Best Data-Enabling Technology” (2019), our platform meets the highest enterprise data privacy and security standards, including GDPR, ISO 27001and CSA STAR. We serve the world’s top brands, agencies and publishers across a dozen countries in Europe, North and Latin America, and APAC.ID+ Initiative
Zeotap is also the founding member of ID+, a global universal ID solution. The ID+ solution is identifier-agnostic and empowers the marketing ecosystem ––brands, publishers, and vendors alike–– with a privacy-compliant mechanism to overcome identity resolution challenges arising from third-party cookie/identifier restrictions and increasingly stringent regulations across the world.Publisher Onboarding
The Publisher Onboarding process comprises of the following steps:On signing up for ID+, the Zeotap Product Operations Manager (POM) onboards the publisher to the Zeotap Unity Platform, and provides access to the ID+ product. This generates the partner ID to use the ID+ services.
Snippet
The following is a ID+ JavaScript (JS) snippet that must be placed within the <head> and </head> of the website:Code
Initialisation
The snippet mentioned above includes the initialisation call. In the call, the <PARTNER_ID> must be replaced with the actual partner ID shared for the individual publisher. Absence of the same or an incorrect value results in the failure to identify the correct publisher and no/incorrect IDP cookie.zeotap.init(options)
This method is called to initialise the ID+ script. The options related to ID+ are listed in the table below.
Table 1: Options related to ID+
| Name | Type | Default | Required | Description |
|---|---|---|---|---|
[partnerId] | string | null | Yes | The partner ID associated with the organisation for ID+. This is sent in the call made to the ID+ API for fetching the ID+ value of the user. |
[allowIDP] | string | true | Yes | If this option is set to false, then IDP related activities do not occur. |
[partner_dom] | string | null | Yes | This is the Domain of the page from where the Zeotap endpoint is being called. For example, if the URL is https://www.nytimes.com, then ‘nytimes.com’ should be passed. |
Consent
The user’s consent related to the creation of the ID+ universal ID must be communicated before any ID+ actions occur. The following options can be set as per the consent collection method on the website. Table 2: Options to be set as per consent collection method.| Name | Type | Default | Required | Description |
|---|---|---|---|---|
[optOut] | boolean | false | No | Signal whether the SDK is allowed to act. If this option is set to true, then the SDK related actions are ceased. This option is used as a fallback when user consent is not specified in the other options. Not a mandatory option to be set, if useConsent is true. |
[useConsent] | boolean | false | Yes | If this option is set to true, then the SDK waits to receive a consent signal from the consent resolution mechanism (GDPR or custom) and uses that consent to manage its actions. This consent resolution mechanism is determined by the checkForCMP option. |
[checkForCMP] | boolean | true | Yes | If this option is set to true, then it checks for GDPR consent resolution using the _cmp or _tcfapi variables in the global scope and the cmp.js script. If the variables are present then the CMP API or TCF v2 API is queried to check vendor consent for vendorid:301. If this option is set to false, then it checks for the consent signal to be set using the setConsent method. |
zpstorage_{base64encodedpartnerid}consentmyhost.zeotap.com
zeotap.setConsent(value, [expiry])
This method sets the custom consent value. The options related to the custom consent value are listed in the table below.
Table 3: Parameters related to custom content value
| Parameter | Type | Default | Description |
|---|---|---|---|
| value | boolean | When set to true, the value is used to perform the ID+ activities. When set to false, the value is treated as No consent. | |
| [expiry] | number | 365 | Number of days the consent is valid for. |
Actions for ‘no consent’
When we receive an explicit No from any of the consent methods chosen, below are the corresponding actions from the SDK.- No call is made to the ID+ API even if the user logs in later
- Any existing IDP cookie is deleted
Actions when consent is ‘missing’
If the consent signal is not received but the user has logged in, for example a setConsent call is not made because the user has not made an explicit choice or the CMP API does not respond with the consent value, then the SDK operates in the Do-Not-Track mode. The following points simplify this process:- No call is made to the IDP API until consent is received, even if the user logs in
- Any existing IDP cookie remains as it is
Integrating the JavaScript through a Google Tag Manager Tag
The ID+ JavaScript (JS) snippet can also be integrated through a Google Tag Manager (GTM) Tag. The Zeotap IDP Tag is available as a custom template on GTM for easy integration. This is a JavaScript (JS) tag that is used to identify the user’s IDP cookie value based on a given email address or phone number. To know more about how the Zeotap IDP Tag and how to integrate it, refer to the ID+ Google Tag Manager Implementation guide.Passing Identifiers for ID+
For the ID+ retrieval to happen successfully, the user has to log in to the website at least once. When this happens, you can use the methods available in the library to pass the email address and/or mobile phone number that was used to log in or belongs to the logged-in user (in case the login ID is specific to the website).zeotap.setUserIdentities(properties, [isHashed])
This is the method to send userIdentities and drop an Identity Provider (IDP) cookie for the given Partner ID.
Table 4: Parameters to send user identities and IDP cookie
| Parameter | Type | Default | Description |
|---|---|---|---|
properties | Identities | The email address or mobile phone number can be passed here using the reserved keywords. For more information, see the Identities Objects table below. | |
[isHashed] | boolean | false | If this parameter is set to true, then the IDs are considered as hashed in sha256. If this parameter is set to false, then the email address is converted to lowercase and hashed in sha256. Mobile phone numbers have all the symbols removed before hashing the number to sha256. |
Identities Object
The Identities Objects can be set to pass the user’s deterministic identities. Table 5: Identity Objects| Name | Type | Description |
|---|---|---|
[email] | string | Email address of the user in x@y.com format. |
[cellno_cc] | string | Mobile phone number with the country code. |
zeotap.callMethod(functionName, ...functionParams)
This is the common interface to call the methods of the Zeotap object.
Table 6: Parameters for the common interface
| Parameter | Type | Description |
|---|---|---|
| functionName | string | Name of the method to be called. |
| functionParams | * | Parameters to be passed for the function mentioned in the first parameter. |
zeotap.callMethod('setUserIdentities',{..ids},true)
Making a setUserIdentities call
The setUserIdentities call should be made in the following scenarios:
- When a user logs in.
- At the start of a new session if the user is in the logged-in state.
- If a user is in the logged-in state but no IDP cookie is found.
Flow for ID+
ID+ cookie stamping
The ID+ cookie stamping process comprises of the following steps:The JS is initialised and the partner ID, IDP flag and the consent related options are considered before deciding on the ID+ actions.
If you have the permission to perform the ID+ activities, Zeotap waits for setUserIdentities to identify the user deterministically.
After checking for consent and performing hashing where required, a call is made to the ID+ API, with the user identities. The API resolves the user’s identities and responds with the ID+ value of the user and expiry
The JS then writes this value as a cookie named IDP. Note that this cookie is a first-party cookie against the Top Level Domain, Secure and Strict. The ID+ value returned has a certain expiry that is stored as a cookie called
idp_expiry.A. ID+ value is not found
When the ID+ value is not found for the user by the ID+ service for a corresponding email address or mobile phone number, the following events take place:- The ID+ API responds with 200 and no response body.
- The JS then deletes any existing IDP cookie value that is present.
B. The user logs out
When the user logs out, the following events take place:- If the user logs out, then the IDP cookie remains the same until the cookie expires.
- If there’s a new login from the device, the ID+ service needs to be refreshed based on the new information. The IDP cookie may change at this time depending on the login used.
C. No IDs are passed
Until IDs are passed using the setUserIdentities call, no call is made to the ID+ API. If there is an existing IDP cookie, then the same continues to exist until the cookie expires.Integrating with Prebid
Prebid is an open-source Header Bidder (HB) solution. Zeotap is integrated with Prebid to pick the stamped IDP cookie and send it to the SSP’s. After successfully implementing the JS on your website, the IDP cookie is stamped on the page. Next, it must be passed in the bid request. To let it flow to the downstream systems through Prebid, you have to include Zeotap ID+ in your Prebid Package.NoteEnsure that your bidder adapter can listen to Zeotap ID+. To know more about integrating your Prebid package, refer to the user ID module of the Prebid document here.