Skip to main content

An introduction to iOS 14.5 and its impact for mobile developers

AppSecTest's Julian Evans explains how to comply with Apple's latest update

The Academy explored the impact of the release of iOS 14.5 for mobile game developers through a series of guest articles from experts, which you can find gathered on this page.

Mobile game developers love building great games.

They also want to make sure they are acquiring new players and optimising their games to monetise, so they can spend their time and money on improving player retention, tracking player behaviours and resources data, such as comparing the percentage resources used versus player level.

With this in mind, discussions around privacy have started to appear more and more in the mainstream media. Just last year, Apple launched new App Store privacy labels so users can see what data is collected by iOS apps.

Publishers and developers are realising that not only by meeting the demands of global data privacy regulations, but by exceeding them, they will have significant market opportunity to differentiate themselves from their competitors.

Now, developers will also need to factor in impacts and actions they will need to take to maintain best practice with the latest iOS 14.5 release, in particular with third party marketing partners who distribute and maintain Software Developer Kits (SDKs) libraries.

The iOS 14.5 update

We saw this coming months ago at AppSecTest. Identifying data collection in mobile apps is our bread and butter, so we set out to help the games industry better understand privacy practices and the changes coming. It's all about providing your player community with transparency.

The iOS 14.5 update introduces two significant changes that will impact mobile game developers and their marketing partners:

  • App Tracking Transparency (ATT) policy*, which requires developers to use an in-game pop-up notification that asks for permission from the player to gather data that can be used to track users across third-party sites and apps.
  • SDAdNetwork (SKAN)*, a new privacy-friendly framework, is Apple's way to attribute impressions and clicks to iOS app installs. This only applies to IOS devices using the iOS 14.5 update.

(*IMPORTANT: Devices running on iOS 14.4 or older are unaffected)

It's important that mobile game developers focus on complying with the requirements, to avoid violating Apple's Developer Program License Agreement and be removed from the App Store. So, what's the impact on developers? There are many, but here are some you should focus on.

Developer impact

Game developers, especially the small-to-medium studios, will need to work one-to-one with their third-party marketing partners to minimise the iOS 14.5 impact. So, developers should be made aware of the following marketing impacts to their user acquisition and monetisation:

  • The top impact will be low opt-in rates from players in allowing the developers and advertisers to collect the iOS IDFA. This will also include audience extension where mobile games that target and track beyond their content and e-commerce will impact the scale and ability to optimise the dataset.
  • SDAdNetwork (SKAN) post backs will not contain user-level data, including the IDFA, and will not be real-time. This means you will be collecting less user, device, and network data to track and optimise on.

The top impact will be low opt-in rates from players in allowing the developers and advertisers to collect the iOS IDFA

  • iOS mobile games will be required to use Apple's App Tracking Transparency Framework) to support devices running iOS 14.5. It's worth noting that the IDFA will have a value of all zeros -- so you will not be able to track your players.
  • Expect to see data delays of 24-48 hours (minimum) which will have an impact on real-time optimisation.
  • You will not be able to verify whether the event conversion took place and in the way you are used to.
  • Deep linking is not supported by SKAN and only considers the act of downloading as attributable.
  • Apple does not allow you to collect device and usage data with the intent of discovering a user using fingerprinting. This is a violation of the Apple Developer Program License Agreement.
  • Apple does not allow algorithmically converted device and usage data to create unique identifiers (this doesn't have to be the iOS Advertiser IDFA).

Developer actions

As developers, you will want to have a high-level of understanding when it comes to what actions you can take to maintain and increase these, given the iOS 14.5 release. Here are some actions you might want to think about:

  • Review third-party SDK documents and code for collection of data such as device location, system update, battery status or mobile device hardware and network information. If unsure you should contact the SDK marketing partner.
  • Check with your SDK marketing partner as to whether they algorithmically convert device and usage data to create unique identifiers -- they shouldn't.
  • You will need to grant permission to collect the email address, username, network diagnostic information in your mobile game App Store Privacy Information section.

Use language that is clear, transparent and explains why you and your partners need to track players

  • Use an in-game pop-up notification that asks for permission from the player to gather data that can be used to track users (through Apple's ATT) across third-party sites and games.
  • Use language in an in-game pop-up notification for granting permission to tracking players that is clear, transparent and explains why you and your partners need to track players.
  • It's important to note that using a pop-up notification only applies when game developers either sell data to third parties for targeting ads, or they buy third-party data and aggregate with their own to target ads.
  • Work closely with your marketing partners to make sure your games are SKAN compatible and passing back conversion values.
  • Make sure with your marketing partner, that the spending budget between pre-ATT and post-ATT is efficient. Also, make sure to review bids to achieve your goals.
  • Update to the latest version of Google Analytics for Firebase, which supports measuring ad performance on the SDAdNetwork.
  • Keep in regular contact with your advertising marketing partners, as you may see some performance fluctuations with regards display, video and other campaigns.

Following the actions outlined above, you will not run the risk of having your mobile game removed from the App Store.

Developers will be able to build and improve user trust by embracing these privacy practices which, if your mobile game is great to play, will provide continued user acquisition, retention and monetisation growth.

Julian Evans is CEO of AppSecTest, UK-based developer of ASAnalyzer, a solution that helps publishers manage mobile game data quality, identify new privacy controls and drive better user interactions. Founded by Julian Evans, Matthew Johnston (COO), Adam Jennings (CTO) and Jake Kiermasz (Solutions Architect) in May 2018, AppSecTest is now a Keywords Ventures company.

Related topics