The ultimate guide to SKAdNetwork privacy thresholds

By Eran Friedman May 25, 2022

While privacy thresholds on conversion values are essential to making Apple’s SKAdNetwork mobile attribution framework actually privacy-safe, at the same time they are also one of the biggest challenges that prevent marketers from learning what’s working. Or, in other words, actually performing meaningful attribution that guides future decisions.

Which, clearly, makes the mobile growth job harder.

That said, the good news is that with the right data science and modeling tools, you can recapture much of the missing insight you need to optimize campaigns.

More on that later. First, in this ultimate guide to SKAdNetwork privacy thresholds, I want to share what we know so far about:

  • what they are
  • why they matter
  • how they work
  • what they impact
  • how they change ad network behavior
  • how to compensate for them

How SKAdNetwork privacy thresholds work

Apple built SKAN to ensure that while marketers get some information about the results of their mobile user acquisition campaigns, any device-level or personally identifiable data is fully permissioned. Unpermissioned data is aggregated: private by default because it’s not linked to any individual person or device.

Not only is the data that represents the results of app install marketing campaigns aggregated, some is censored. That’s simply because if marketers received aggregated data on small numbers of app installs, it wouldn’t be too hard, over time, to connect specific people and specific activities with specific ads and partners with a fairly high level of certainty.

This certainly increases privacy, but it also adds noise to the marketing impact signal that growth experts use to evaluate success and plan additional tactics.

When app marketers run SKAdNetwork-enabled campaigns on iOS, they get data from Apple’s devices on the results in an electronic package called a postback. The device sends postbacks to the ad networks that place ads that result in downloads as well as (optionally) to the developer of the app itself. MMPs like Singular get those postbacks either via reflection from the ad network or if advertisers designate Singular’s address as their collection point.

Here’s an example of a SKAN postback for an ad that worked, based on Apple’s documentation: it generated an app install, and whoever installed the app actually opened it and performed some action that the app developer has assigned a conversion value of “20.”

SKAN postback

You’ll notice that this comes from campaign-id #42. That’s important information: advertisers can now credit that campaign with the successful conversion and use it in their assessment of whether or not that ad campaign generated positive return on investment. 

You’ll also notice that the campaign delivered the ad in an app identified as “1234567891.” That data is in the “source-app-id” field, and it’s also important information: now marketers know that this publisher app aligned well enough with their target audience to find at least this one person who was interested enough by the ad and the advertiser app that it displayed, to click the ad and download the app.

Digging into SKAN postbacks

If the number of app installs per campaign ID falls below a number that Apple sets, there aren’t enough installs to camouflage the identities of all the new people showing up as users in your app. Even though you don’t have hard deterministic data on which click/ad/campaign delivered which user/conversion/purchase, you could make pretty good guesses.

So Apple censors the data, and here’s what that looks like:

SKAN postbacks

It’s important to note that even if you don’t pass the privacy thresholds, you still get an SKAdNetwork postback. However, two things will be missing:

  1. Source app ID
  2. Conversion value

That means you still get valuable deterministic data from SKAN for every single install. It’s less useful than with a conversion value and source ID attached, but it’s still important.

It’s also important to note that a conversion value of “0” doesn’t mean the data is censored. If Apple censors a conversion value, that field simply disappears from the SKAN postback as shown above, along with the source app ID. A conversion value of zero simply indicates a person who installed your app as part of a campaign that passed the privacy thresholds … but didn’t do too much after installing the app, and didn’t trigger an update to the conversion value according to whatever conversion logic you’ve set up. 

There’s other information in SKAdNetwork postbacks, including a flag on whether an app install is a redownload or a net new one and another for whether it’s a winning postback or losing postback, but more on that at another time.

Behind the scenes: how SKAdNetwork works

Behind the scenes several critical things happen that determine how and when SKAN postbacks get sent, and some of them impact privacy thresholds and conversion values.

Here’s the sequence:

  1. AdNetwork23 creates SKAN Campaign1 for App A
  2. AdNetwork23 creates an ad in Campaign1 for App A, and places it in app B
  3. Francine17 sees the ad while in app B, taps it, and installs app A
  4. As she does so, SKAdNetwork assess the number of installs currently happening from SKAN Campaign 1, and makes a decision
    1. There are enough installs: it will release the conversion value and source app ID
    2. There are too few installs: activate privacy thresholds
  5. SKAdNetwork follows the postback timer set up by App A’s marketers in the app
  6. When the timer runs out, SKAdNetwork sends up to 2 postbacks to up to 6 locations
    1. 1 ‘winner postback’ to winning ad network and, potentially, a designated server for the app publisher and/or MMP
    2. 1 ‘loser postback’ to as many as 5 other ad networks that showed ads that Francine17 saw, but did not lead to the actual app install
  7. Marketers collect their postbacks, generally via an MMP like Singular, and find out whether or not privacy thresholds have been implemented, censoring data.

The main point here is that since the privacy threshold decision happens at download time, the actual conversion value doesn’t affect the censorship in any way. Only the number of downloads controls that decision.

In practice, what this means is that the first few installs of a campaign don’t have conversion values. The App Store seems to count the number of installs that happened in the last 24 hours or so, and once they pass a specific number, privacy thresholds are removed and SKAdNetwork starts including conversion values and source app IDs.

How many does it take?

SKAN postbacks censored data

There appears to be some degree of randomness here, but privacy thresholds seem to be in effect for the first 10-20 installs of a campaign, decreasing thereafter as you scale install volume. And when you’re getting 100 installs per day, you usually see 100% CVs. There’s a sliding scale here up to that point, however: if you only have 15 app installs, you probably won’t get any conversion value data. If you have perhaps 30 installs, you’ll get about 50% of your conversion values.

But there’s a very important point to remember: this is the number of installs per SKAN Campaign ID.

SKAN Campaign ID

Your ad network growth partners will divide your campaigns up into multiple SKAN campaigns so they can do their own creative/placement/targeting optimization to maximize learning and therefore campaign ROI. A single ad network campaign can be made up of multiple SKAN campaign IDs – different SKAN campaign IDs can encode different creatives or targeting.

Maximizing data from SKAN

There are some implications of how Apple runs privacy thresholds here. 

For instance, traffic “bursts” can cause missing conversion values at high volume too. For instance, a sudden burst of 100 installs once every 48 hours will see some installs with missing conversion values on every burst … despite the fact that you’re largely clear of the danger territory where users might be identified and privacy broken. But driving just 30 installs spread throughout the day will likely only result in missing conversion values at the beginning of the campaign.

Only Apple really knows what the limits are here. Given the nature of cloud-enabled and sharded services, a massive global burst in a brief period of time might result in a higher censorship rate if you overwhelm SKAdNetwork’s ability to increment install counts coherently across all geos.

The best option, therefore, is maintaining a relatively steady momentum across all SKAN campaign IDs.

You also want to consider your ad partner mix and activation for iOS in the light of SKAN privacy thresholds. Even if you’re driving thousands of installs a day, splitting them up between 40 ad partners, each of which can run up to 100 SKAN campaign IDs, could result in significant loss of data. If you’ve got a smaller budget, focus on a few ad partners at a time (which can also help with incrementality and cohort analysis). Of course, if you’re driving tens of thousands of installs per day per app you have much less to worry about.

Here’s what we’re seeing so far:

SKAN Campaign ID

For example, Google recommends consolidating to just 8 or less app install campaigns, saying that “this helps maintain optimal performance within SKAdnetwork’s campaign limitations.” Adding more will degrade performance, Google says. Facebook recommends a minimum of 88 app installs per campaign per day, and says you should consider increasing budgets or combining ad sets and campaigns to reach that level.

Snap is close to that at 75 installs per day, while Unity is a bit of an outlier at just 30.

All these affect the number of conversion values to expect for your planned budget per network.

So: how do you optimize iOS campaigns for privacy thresholds?

First, monitor your conversion value rate. 

If it’s dropping below 50%, that’s not great. You want to see a conversion value rate of 80%, ideally. The higher the better, because that’s the data that Singular uses to model missing data as well as D7 revenue cohorts, and the more we have to feed the models, the more accurate modeling you’ll get.

SKAN report

Consolidate campaigns where needed to meet the minimal recommended threshold for each network. Again, the more data your ad partners have, the better their optimization can be as well, which will only help improve campaign results as well as campaign measurement.

And finally, use modeling to fill out the gaps.

Singular just released SKAN Advanced Analytics, which restores your ability to run high-performance iOS user acquisition campaigns by modeling missing data due to SKAN privacy thresholds and randomized postback timing. Customers using the private beta reached an impressive 87% D7 revenue prediction accuracy, and SKAN Advanced Analytics gives you back cohort data as well, thanks to sophisticated data science.

Becoming a SKAN expert is just essential if you want to drive significant growth on iOS right now, and using our modeled insights is a massive improvement on typical SKAN results.

Next step: get the definitive SKAN guide

We’ve put together a simple, direct, and to-the-point guide on the solutions for SKAN’s reporting gaps.

Get it here to unlock the secrets to using SKAdNetwork successfully, and start growing on iOS again.

Stay up to date on the latest happenings in digital marketing

Simply send us your email and you’re in! We promise not to spam you.