Skip to main content
You discovered a new feature🥳… This page is a work in progress.
WebKit

What is Intelligent Tracking Prevention?

Intelligent Tracking Prevention is a feature of WebKit (the browser engine that powers Safari on macOS, and all mobile browsers on iOS and iPadOS), which protects users’ privacy by placing technical restrictions on tracking methods websites can use.
ITP aims at “blocking practices that are harmful to users because they infringe on a user’s privacy without giving users the ability to identify, understand, consent to, or control them.”
WebKit’s Tracking Prevention Policy

What does ITP block?

This section outlines the restrictions that impact marketing teams, and how OneView achieves compliance with them. For the full list of restrictions, please check WebKit’s technical documentation.
RestrictionImpact
Third-Party Cookies: Full Third-Party Cookie BlockingAll third-party HTTP cookies are blocked by default.
Referers: Downgraded Third-Party ReferrersAll third-party referrers are downgraded to their origins (e.g., https://www.social.example/feed?clickID=123456 becomes https://www.social.example/).
Click ID redaction: Detection of Cross-Site Tracking Via Link DecorationRegular cookies are capped to 24 hours when a third-party link decoration (e.g. gclid, fbclid, msclkid, etc…) is detected. In Private Browsing mode, the decorator is blocked altogether.
Restricted cookie lifetime: 7-Day Cap on All Script-Writeable StorageAll regular cookies are deleted after 7 days of no user interaction.
Tracking subdomains CNAME and Third-Party IP Address Cloaking DefenseAll first-party HTTP Cookies set by your subdomains (e.g. api.domain.example) are capped to 7 days, unless its IP address is basically the same of your website.
The difference lies only on who (which domain) is setting the cookie:
Cookie TypeFirst-partyThird-party
HTTP cookiesWhen set by the same domain as the one you’re currently visiting, via Set-Cookie header.When by a different domain as the one you’re currently visiting, via Set-Cookie header.
Regular cookiesWhen set by javascript code running on your website, via document.cookie command.
The key difference lies in how the cookie is set and written:
  • Regular cookies (also called script-writeable or JavaScript cookies) are set and modified using JavaScript in the browser via document.cookie command.
  • HTTP cookies (also called server-side cookies) are set by your a web server using the Set-Cookie HTTP header in the server’s response, for which the browser automatically sets the corresponding cookie.

Apple® ITP Compliance

Intelligent Tracking Prevention (ITP) is WebKit (Safari) technology that:
  • blocks all third-party cookies
  • restricts first-party cookies to a 7-day lifetime, unless they are set by the webserver
This means that tracking data for Safari users gets reset every 7 days, breaking attribution for longer customer journeys. Hosting your tracking server on a subdomain (e.g. data.example.com) is not enough to comply with Apple® ITP. This technique is called CNAME Cloaking and is explicitly targeted by ITP. OneView achieves full ITP compliance when using a or setup. With these configurations, you have full control over the OneView master cookie, ensuring client_id persistence beyond the 7-day ITP limit.
Check out the implementation guides.

Apple® LTP Compliance

OneView ensures full attribution accuracy across Safari, Brave, Firefox, and other privacy-focused browsers, even when Click IDs are missing. No actions required.
Link Tracking Protection (LTP) is a WebKit (Safari) technology that automatically detects and removes link decorators from URLs, including:
  • gclid (Google Ads)
  • fbclid (Meta/Facebook)
  • msclkid (Microsoft Ads)
  • ttclid (TikTok)
This breaks every traditional form of pixel-based tracking (either client or proxy server-side), because it removes the key identifier required by those pixels / server tags. OneView achieves full LTP compliance by providing UTM-based attribution fallback, and Enhanced Conversions for all supported integrations
OneView solves LTP compliance through two complementary methods that work even when the browser or a plugin strips all tracking parameters:
1

UTM-First Attribution

OneView uses a UTM-first attribution model that remains fully functional across Safari, Brave, Firefox, and all high-privacy scenarios. Instead of relying on platform-specific click IDs, OneView attributes conversions using UTM parameters that are LTP-compliant.
Integration UTM Fallback Configuration

Configure custom UTM fallback values for each integration in OneView

You can customize the utm_source fallback value for each Media Partner, ensuring accurate attribution even when click IDs are removed.
2

Enhanced Conversions Recovery

When consent is granted and the Media Partner supports it, OneView automatically sends Enhanced Conversions via each platform’s Conversion API. This allows ad networks to recover attribution data using:
  • First-party customer data (hashed emails, phone numbers)
  • Browser and device information
  • Conversion event details and timing
This dual approach ensures maximum attribution coverage across all privacy scenarios.
See which platforms support this dual attribution approach in our integrations overview.

Apple® AFP Compliance

OneView is not affected by Apple® Advanced Fingerprinting Protection.
Advanced Fingerprinting Protection (AFP) is a WebKit (Safari) technology that standardizes device information to reduce the uniqueness of browser fingerprinting. This prevents the generation of unique user identities based on device configurations such as screen resolution, fonts, and GPU specifications, making it harder to track users across sessions without cookies. OneView does not rely on browser fingerprinting for user identification, making AFP compliance a non-issue. Instead, OneView uses:
  • a single master cookie on the frontend, to store the anonymous client_id
  • identity resolution using your Identity graph, built on consenting users
Which both operate independently of browser fingerprinting techniques.

ITP Compliance with OneView