Apple has officially announced SKAN 5.0! What’s changing? When will we get to see the new version?
You might have heard that Apple recently announced SKAdNetwork 5.0 at WWDC23. You might have also heard that the industry wasn’t expecting a 5.0 version so soon after the release of SKAN 4.0 but the upcoming updates tackle two of the most talked about topics in the mobile marketing industry:
However, there’s a lot of speculation regarding what is changing in this new SKAN version, and still not a lot of information on Apple’s end. That’s why we revisited all of Apple’s latest statements, videos, and documentation to make sure we stick to the facts.
In this post, you’ll learn about:
1️⃣ How will Apple support re-engagement in SKAN 5.0?
2️⃣ What are Apple’s privacy manifests?
3️⃣ What is a Required Reason API? How will it affect fingerprinting on SKAN?
4️⃣ When will SKAdNetwork 5.0 be released?
5️⃣ What are the next steps for marketers?
Let’s get started!
Apple has stated that, in SKAN 5, “In addition to measuring conversions after a user downloads your app, you'll also be able to measure conversions after a user opens your app by tapping on an ad” . It’s still unclear whether that means advertisers will get to run re-engagement campaigns independently from app discovery SKAN campaigns, or even see separate reports for re-engagement conversions.
What we can infer from Apple’s announcement is that re-engagement support will be focused on users who have installed a specific app.
In the current framework, advertisers are required to generate an install in order to measure any subsequent conversions. Apple could “support re-engagement” by allowing marketers to track in-app activity without users installing the app first—with no possibility to run re-engagement-only campaigns.
Apple’s privacy manifests are files that list and record the different types of data collected by apps or 3rd party SDKs, and specify how said data will be used.
There are two main goals behind this initiative:
An app’s privacy manifest file doesn’t need to feature the specific data collected by 3rd party SDKs the app leads to. Xcode, Apple's integrated development environment, combines all the privacy manifests across every third-party SDK that a developer is using to create a single report.
For Apple, fingerprinting is never allowed—but besides publicly standing against this practice, Apple had done little to disable or penalize it up until now. This upcoming SKAN version will be a turning point for advertisers who rely solely on fingerprinting.
As part of the enforcement of privacy manifests, Apple will require APIs that might be used for fingerprinting to clarify the reasons why they are collecting specific types of data. This new update, known as Required Reason APIs, will group APIs into different categories based on their purpose and the type of data they provide.
Apps must accurately describe their usage of these APIs, which will be restricted to the specific purposes outlined in the privacy manifest.
On top of privacy manifests and the Required Reasons API, Apple will also be introducing signatures for SDKs with the goal of securing that developers are using the “official” version of an SDK (and thus preventing them from using code that hasn’t been written by the developer they expect). To that end, whenever a developer adopts a new version of an SDK for their app, Apple will validate that the SDK was signed by the right developer.
Apple defines privacy-impacting SDKs as 3rd party SDKs with a “particularly high impact on user privacy”. Apps that include privacy-impacting SDKs will need to include a copy of the SDK in their privacy manifest. To confirm which SDKs are considered to be “privacy-impacting”, Apple will be releasing a list of said SDKs later in 2023.
Per Apple’s announcement, SKAN 5.0 will be released later this year, but the launch date is yet to be confirmed. Apple has, however, disclosed that some of the updates regarding privacy manifests will be enforced soon:
Starting in Fall 2023, App Store will check if new and updated apps include a library from a privacy-impacting SDK. If the privacy-impacting SDK does not include a signature and privacy manifest, Apple will send an informational email to the app developer. Apple will also send informational emails for apps that access Required Reason APIs without declaring approved reasons.
Starting in Spring 2024, these will be expected and become part of App Review. You'll need to address any issues before you can submit new and updated apps to the App Store.
Source: “Get started with privacy manifests,” Apple, 2023.
Despite the recent announcement of SKAN 5.0, the industry is still in the process of adapting to its predecessor, SKAN 4.0. Our advice for any app marketer looking to grow their mobile business on iOS is to make sure they’re fully leveraging all the latest changes introduced on SKAN 4.0, such as multiple postbacks and new types of conversion values.
➡️ Learn about the key updates you should keep in mind when switching to SKAN 4.0.
As for SKAN 5.0, there are no immediate action points for advertisers. We recommend waiting for Apple to release new documentation on SKAdNetwork 5.0 to better understand the impact these new updates will have on iOS campaigns.
Whether you’re looking to start testing SKAdNetwork from scratch or boost the performance of your existing SKAN campaigns, contact us to talk to one of our experts. To learn more about the latest trends and challenges in the privacy era, visit our ATT & SKAN knowledge hub.