Standards & Protocols Deep dive

Video & Mobile Ad Delivery Standards.

The execution layer for video, CTV, and mobile advertising: VAST, SSAI, SIMID, MRAID, OM SDK, device attestation — and the identifier and attribution frameworks that bound what any of it can prove.

This is a deep dive inside the six-layer standards system, not a seventh pillar. The transaction rails make impressions tradable and the trust layer keeps measurement honest — this page covers the gap between them: video and mobile standards are where workflow ambition meets execution reality. An agent may plan the buy in seconds; the ad still has to render in a player, run inside an app, pass measurement, respect platform rules, and survive verification.

Read the guide See Core AdTech Standards See Measurement & Media Quality
Video and mobile ad delivery standards — three execution environments, ringed by the standards that make ads render, measure, and verify. THE VIDEO + MOBILE DELIVERY MAP DELIVERY + CREATIVE RAILS EXECUTION ENVIRONMENTS MEASUREMENT + PLATFORM VAST 4.3 (December 2022) — the XML template ad servers use to hand video ads and tracking instructions to players. The VAST CTV Addendum 2024 retrofits UniversalAdId recognition and Open Measurement into VAST 2.0–3.x via backward-compatible extensions. VAST SSAI — Server-Side Ad Insertion: ads stitched into the stream before it reaches the device. Not a standalone IAB spec — VAST 4.x carries built-in SSAI support, and the SSAI VAST Macros Guidance (v1.0, November 2020) defines macros for sharing user-agent, environment, and content details with verification partners. SSAI SIMID 1.2 — the interactive layer, delivered separately from the media asset, both via VAST 4.x. Part of the official VPAID replacement: per IAB Tech Lab, VPAID is deprecated and is being replaced by OMID for measurement and SIMID for interactivity. SIMID MRAID 3.0 (FINAL, June 2018) — the common API between rich media ads and in-app environments: expand, resize, orientation, full-screen interstitials. 3.0 added viewability measurement support, audibility, and a standardized close. It does not solve measurement by itself. MRAID Web — the video player consumes the VAST response; SIMID supplies interactivity as a separate asset; web video measurement runs through the OM Web Video SDK where integrated. WEB / VIDEO PLAYER VAST tags · SIMID layers web video measurement Mobile in-app — MRAID 3.0 is the common API between rich media ads and the app; OM SDK collects viewability and verification signals; platform attribution rules govern what measurement is possible. MOBILE APP / SDK MRAID rich media in-app OM SDK measurement taps CTV — ads often arrive stitched into the stream via Server-Side Ad Insertion; the VAST CTV Addendum 2024 retrofits CTV-critical features into older VAST versions; OM SDK runs on AndroidTV, tvOS, Samsung, and LG where supported; device attestation is emerging. CTV / STREAMING APP SSAI-stitched streams CTV Addendum · attestation OM SDK (OMID API 1.6 per the latest official documentation) — one integration for third-party viewability and verification signals across mobile apps, web video, and CTV where supported: AndroidTV, tvOS, plus Samsung and LG via the HTML5/Web Video SDK. It collects measurement data; it does not solve attribution. OM SDK / OMID Attribution and measurement frameworks, not delivery standards. SKAdNetwork version 4 (up to three conversion windows from iOS 16.1) and AdAttributionKit (iOS 17.4+, interoperable with SKAdNetwork, no ATT authorization required for its operation). They do not solve all iOS measurement. SKAN / AdAttributionKit Android Advertising ID — user-resettable, and zeroed out on opt-out since the late-2021 Google Play services update. Play policy forbids connecting it to personally-identifiable information or persistent device identifiers. Never assume a stable, available identifier. AAID Device Attestation in OM SDK — launched by IAB Tech Lab in October 2025 to combat device spoofing, built on the IETF Privacy Pass protocol. Official platform lists differ between the launch announcement and later Tech Lab posts — validate current coverage. Not a complete fraud solution. device attestation What still has to happen after the plan: the ad must render in a player, support interaction, be measured, pass verification, attribute outcomes under platform rules, and leave an audit trail. OUTPUTS render · interact · measure · verify · attribute · audit The governance rail under everything: user consent, platform policy, privacy law, device integrity, and fraud controls. None of the delivery standards above exempt a campaign from these. GOVERNANCE RAIL consent · platform policy · privacy · device integrity · fraud controls
The agentic plan on top; the delivery, measurement, and platform-rule layers it must pass through to become a verified impression.

The agent may plan the buy, but the ad still has to render, measure, verify, and comply.

Fast read

What it is
A deep-dive guide to the standards that actually deliver video, CTV, and mobile ads — and to the measurement and identifier frameworks that decide whether that delivery can be trusted.
What it covers
VAST 4.3 and the CTV Addendum 2024, SSAI, SIMID, VPAID’s deprecation, MRAID 3.0, OM SDK and OMID, device attestation, IDFA and ATT, SKAdNetwork, AdAttributionKit, and the Android identifier set.
What it is not
Not a seventh standards pillar — a deep dive inside the six-layer system. Not a claim that any SDK, identifier, or framework solves measurement, attribution, or fraud on its own.
Why it matters
Agentic buying can plan a video or mobile campaign in seconds. Whether the ad renders in a player, runs inside an app, and survives verification depends on this layer.
Best for
AdTech, MarTech, media, mobile, CTV, agency, publisher, and brand leaders building or evaluating video and mobile execution in agentic workflows.
Best next read
Core AdTech Standards, Measurement & Media Quality, and the Mobile App Growth playbook.
Orientation

Where this layer fits.

The six-layer standards system already covers the transaction rails (Core AdTech), the permission rules (Privacy & Consent), and the trust layer (Measurement & Media Quality). Video and mobile delivery cuts across all three: it consumes VAST from the transaction layer, obeys identifier rules from the platform layer, and feeds the measurement rail that verification depends on. This page is the close-up of that intersection — the standards an execution path actually touches between a plan and a verified impression.

Where video and mobile delivery sits — between the rails that buy the impression and the rules and measurement that decide whether it counts. VIDEO + MOBILE IN THE STANDARDS STACK Agentic workflow — the agent may plan the buy, but the ad still has to render in a player, run inside an app, pass measurement, respect platform rules, and survive verification. AGENTIC WORKFLOW / MEDIA PLAN the agent plans the buy; execution still runs below Core transaction rails — OpenRTB carries the bid, the Deals API syncs deal terms, AdCOM provides the shared object model. The buy happens here; delivery happens below. CORE TRANSACTION RAILS OpenRTB · Deals API · AdCOM Delivery and SDK rails — the layer this deep-dive covers: VAST hands the ad to the player, SSAI (Server-Side Ad Insertion) stitches it into the stream, SIMID adds interactivity, MRAID runs rich media in-app, and OM SDK / OMID collects measurement signals. DELIVERY / SDK RAILS VAST · SSAI · SIMID · MRAID · OM SDK / OMID Platform and attribution rules — SKAdNetwork and AdAttributionKit are attribution frameworks, not delivery standards; App Tracking Transparency gates the IDFA; the Android Advertising ID is user-resettable; and Google retired the Attribution Reporting API (Chrome and Android) in October 2025 — it is being phased out with no published end dates. PLATFORM / ATTRIBUTION RULES SKAN · AdAttributionKit · ATT · AAID · Attribution Reporting (retiring) Measurement and quality — viewability and invalid-traffic guidelines, independent verification, OM SDK device attestation where supported, and brand safety controls. MEASUREMENT / QUALITY viewability · IVT · verification · device attestation · brand safety The goal: video and mobile execution you can trust — rendered, interactive where intended, measured, verified, attributed under platform rules, and auditable. OUTPUT Trusted video and mobile execution.
A deep-dive layer map: video and mobile delivery standards positioned across the transaction, platform-rule, and measurement layers of the six-layer system.
Why it exists

Why this layer exists.

Every standard on this page exists because a plan that is correct in the bidstream can still fail on the device. Six realities created this layer.

  • 01

    A plan is not a render

    Workflow protocols can assemble a video buy in seconds. The ad still has to arrive as a VAST tag that a specific player, on a specific device, actually parses and plays.

  • 02

    Players are not browsers

    Video players and CTV environments are constrained runtimes. Executable creative that assumed browser freedoms is why VPAID is deprecated — and why its successors split interactivity from measurement.

  • 03

    Apps are not the web

    In-app rich media needs its own contract between the ad and the host app. That contract is MRAID — a delivery-layer API, not a measurement solution.

  • 04

    Server-side changes the picture

    SSAI stitches ads into the content stream on the server. That can improve playback — and it moves the ad away from the client signals verification was built on.

  • 05

    Measurement needs a common rail

    Before OM SDK, every verification vendor needed its own integration in every app and player. A standard data rail is the precondition for independent verification at scale.

  • 06

    Identifiers are not delivery

    IDFA, AAID, and their attribution frameworks are platform-governed, permission-gated, and resettable. They constrain what delivery can prove — they are not delivery standards themselves.

Video delivery

Video delivery standards.

Three names carry most of the weight: VAST serves the ad, SIMID makes it interactive, and VPAID is the cautionary tale the other two were designed to retire.

  • The serving template

    VAST 4.3 + CTV Addendum 2024

    VAST is the XML schema that carries video ad media, tracking events, and metadata from ad servers to players. The current version is 4.3 (released December 2022), with CTV-focused changes. The VAST CTV Addendum 2024 (final, July 2024) then retrofits CTV-critical features into all VAST versions via backward-compatible extensions rather than a new version: UniversalAdId recognition back into VAST 2.0–3.x, ACIF support, Open Measurement, DSA ad-transparency icons, interactive video, and high-resolution creative. The watch-outs: the addendum is not “VAST 4.4,” tag generators and players both need updates to use it, and parser support varies — validate what each supply path actually implements.

  • The interactive layer

    SIMID 1.2

    The Secure Interactive Media Interface Definition is the official successor for video interactivity: IAB Tech Lab’s Digital Video working group describes “replacing VPAID with a set of more focused standards” — OMID for measurement and verification, SIMID for interactivity. SIMID separates the interactive layer from the media asset, both delivered via VAST 4.x, which is what lets interactivity coexist with SSAI and OTT delivery. The current version is 1.2 (spec marked December 2022; the official page notes a January 2024 update).

  • Deprecated — historical only

    VPAID

    The Video Player-Ad Interface Definition is officially deprecated. IAB Tech Lab’s own page — which now lives under its archived standards path — states that VPAID “has been deprecated and is being replaced by” OMID and SIMID. The last published version is 2.0. VPAID bundled interactivity and measurement into one executable unit that players had to trust — a model at odds with SSAI and constrained CTV runtimes; its successors split those jobs apart. Treat any VPAID dependency as technical debt, not as a capability.

StandardPrimary jobCurrent roleAgentic relevance
VAST 4.3Serve video ads: the XML schema carrying ad media, tracking, and metadata to playersCurrent version (released December 2022), with CTV-focused changesThe tag the agent’s plan must compile to — and the carrier of creative IDs and measurement hooks
VAST CTV Addendum 2024Retrofit CTV-critical features into VAST 2.0+ via backward-compatible extensionsFinal, July 2024 — an addendum, not a new VAST versionCreative IDs, Open Measurement, DSA icons, and interactive video across legacy and SSAI paths — where implemented
SIMID 1.2Interactive video creative, separated from the media asset and isolated from the playerCurrent (spec marked December 2022; official page updated January 2024)The sanctioned route to interactivity that still works with SSAI and OTT delivery
VPAID 2.0Legacy executable video creative combining interactivity and measurement in one unitOfficially deprecated — being replaced by OMID and SIMID per IAB Tech LabA dependency to remove, not a capability to plan around
Server-side delivery

SSAI and CTV execution.

Server-Side Ad Insertion is how much of CTV actually delivers ads — and a precision point worth getting right: SSAI is a delivery technique with official IAB guidance and VAST-level support features, not a standalone IAB specification. The questions it raises — verification, transparency, creative identity — are answerable, but only if they are asked before the spend.

  • 01

    What SSAI is

    Server-Side Ad Insertion stitches ads into the content stream before it reaches the device, so OTT and CTV playback can stay continuous. The trade: the ad call no longer happens where client-side measurement expects it.

  • 02

    What officially exists

    There is no standalone IAB SSAI specification. The official artifact is the SSAI VAST Macros Guidance v1.0 (November 2020) — guidance, not a spec — a curated subset of VAST macros for sharing user-agent, environment, and content details with verification partners and buyers. VAST 4.x adds built-in SSAI-support features on top.

  • 03

    Creative identity survives the stitch

    The UniversalAdId element of VAST 4.x carries a unique creative identifier, with Ad-ID as the registry for US markets. The CTV Addendum 2024 retrofits UniversalAdId recognition into VAST 2.0–3.x — and explicitly names SSAI vendors among the parties expected to implement its extensions.

  • 04

    The verification question

    When the server requests and stitches the ad, the buyer must ask: which environment details reach verification partners, which macros are actually populated, and what independent measurement runs where supported on the device. Design those answers before the spend, not after.

SSAI on CTV — where the ad enters, where tracking fires, where trust is needed, and where verification can break. SSAI ON CTV — SERVER-SIDE AD INSERTION, END TO END Where VAST enters — the ad server's VAST response carries the media files, tracking URLs, and the UniversalAdId creative identifier. In SSAI, the stitcher — not the device — usually makes this request. VAST ENTERS HERE the VAST response: media files, tracking URLs, UniversalAdId Where device and app trust is needed — the device has to prove it is real hardware. OM SDK device attestation, launched October 2025, targets device spoofing; platform coverage differs across official sources — validate current status. Not a complete fraud solution. DEVICE / APP TRUST NEEDED OM SDK device attestation — prove real devices, where supported Ad server — answers the ad request with a VAST response: media files, tracking URLs, and the UniversalAdId creative identifier enter the pipeline here. AD SERVER VAST response SSAI stitcher — Server-Side Ad Insertion: the stitcher requests ads and splices them into the content stream before it reaches the device. Not a standalone IAB spec — VAST 4.x carries built-in SSAI support. SSAI STITCHER ads stitched in One stream — content and ads reach the device as a single feed; the ad transition can be invisible to the player without ad metadata. STREAM one feed CTV app and player — renders the stitched stream. The VAST CTV Addendum 2024 names SSAI vendors among the implementers that must recognize its extensions, including UniversalAdId in VAST 2.0–3.x. CTV APP / PLAYER renders the ad OM SDK / OMID — collects viewability and verification signals where supported. CTV coverage per official documentation: AndroidTV and tvOS native builds, with Samsung and LG via the HTML5/Web Video SDK. OM SDK / OMID independent checks Measurement and reporting — impression, quartile, and verification data land here. Ask which signals fired client-side versus server-side before trusting the numbers. MEASUREMENT reports + audit Where verification can break — when the stitcher fires tracking on the device's behalf, verification partners lose direct sight of the device. The SSAI VAST Macros Guidance (v1.0, November 2020) defines VAST macros for passing user-agent, environment, and content details to verification partners. TRACKING FIRES: SERVER-SIDE stitcher fires beacons on the device's behalf — verification can break: server-side opacity Where client-side tracking fires — the app and player fire impression and quartile beacons and OMID measurement events from the device itself, which is what independent verification prefers. TRACKING FIRES: CLIENT-SIDE app + player fire beacons and OMID events from the device itself
Client-side and server-side ad insertion compared: where the ad request happens, where the stitch happens, and where verification signals must be designed in.

The trade

SSAI can improve viewing experience, but it can also make verification and transparency harder if measurement is not designed upfront.

In-app execution

Mobile creative and rich media.

In-app advertising runs on a different contract than the web. The ad needs a standardized way to talk to the app that hosts it — and a clear-eyed view of what that contract does and does not cover.

  • In-app rich media

    MRAID 3.0

    The common API between rich media ads and the in-app environments they run in: expand, resize, device-feature access, orientation, and full-screen interstitials. The current version is 3.0 (final, June 2018), which added viewability measurement support, audibility, a standardized close control, and error handling — and is backwards compatible with earlier MRAID versions. The watch-out: MRAID gives the ad a contract with the app; it does not solve measurement or verification on its own.

  • Creative payloads

    HTML5 ad guidance

    IAB creative guidance covers how HTML5 ad payloads should be packaged and behave across environments — file structure, asset behavior, and host-environment expectations. Treat it as directional creative hygiene rather than a versioned delivery contract, and validate the current official guidance before locking specs into a workflow.

  • Not a standard

    The mobile SDK environment

    The app’s SDK stack — rendering, mediation, and measurement SDKs — is implementation, not standard. MRAID and OM SDK are the standardized interfaces into that environment; everything else varies by app, mediation chain, and platform. An agentic workflow should treat each in-app environment as conditionally capable, never uniformly capable.

The mobile rich media execution chain — app to SDK to MRAID creative to OM SDK to attribution, with consent propagating along every hop. MOBILE RICH MEDIA EXECUTION The host app — owns the user relationship, the OS permission surfaces (the ATT prompt on iOS, ad-personalization settings on Android), and the consent state every downstream party inherits. Mobile app host app environment The ad SDK renders the placement inside the app and is responsible for passing privacy state — consent strings, ATT status, opt-out flags — to every partner it calls. The first place consent propagation silently breaks. Ad SDK renders the placement MRAID 3.0 (IAB Tech Lab, final June 2018) — the common API between rich media ads and the in-app environment: expand, resize, orientation, viewability and audibility events, standardized close. A rendering contract — it does not solve measurement or attribution. MRAID creative rich media API — 3.0 OM SDK collects standardized measurement signals — on-screen geometry, obstruction, audibility — through the OMID 1.6 API for third-party verification, where supported. Signal access, not attribution, and not proof of outcome. OM SDK measurement signals MMP / attribution — a mobile measurement partner reconciles SDK events with platform attribution rails (SKAdNetwork and AdAttributionKit on iOS; Android’s Attribution Reporting API is being phased out per Google’s October 2025 update). Attribution frameworks are measurement rails, not delivery standards. Attribution MMP / platform rails Consent propagation — ATT status, the Android advertising ID opt-out, GPP and TC strings, and publisher consent must travel with every hop of the chain. Dropped at any link, every downstream step operates without the user's actual privacy state. CONSENT PROPAGATION privacy state rides every hop ATT status (iOS) AAID opt-out (Android) GPP / TC strings publisher consent dropped at any hop, every downstream step runs without consent Reporting — the end of the chain inherits every upstream gap: a dropped consent string, a broken render, an unverified impression, a missing postback. OUTPUT — REPORTING Reporting is only as good as every hop that fed it. a dropped consent signal, a broken render, or an unverified impression all surface here
The in-app execution stack: the creative talks to the app through MRAID, measurement flows out through OM SDK, and the SDK environment around both is implementation, not standard.
Proof, not promises

Measurement and verification.

Delivery without measurement is an invoice, not an impression. The measurement rail for this layer is Open Measurement — the SDK that carries the data, the OMID API that verification scripts speak, and, since late 2025, device attestation against spoofing. Each proves something specific; none proves everything.

  • The data rail

    OM SDK

    One integration that enables third-party ad measurement instead of one custom integration per verification vendor. On CTV, public documentation lists native SDKs for tvOS and Android TV (announced June 2022) and Samsung and LG support via the HTML5/Web Video SDK in the OM SDK 1.5 release line (May 2024). Roku and Vizio are not listed as OM SDK platforms — treat CTV coverage as partial, where supported.

  • The API

    OMID

    The Open Measurement Interface Definition — the API verification scripts use to receive measurement signals from OM SDK integrations. The current documented API version is OMID 1.6. OMID is also half of VPAID’s official replacement: OMID for measurement and verification, SIMID for interactivity.

  • Shipped Oct 2025

    Device attestation

    IAB Tech Lab launched Device Attestation support in OM SDK on October 23, 2025 to combat device spoofing, adopting the IETF Privacy Pass protocol, with published implementation guidance and a public GitHub repository. The launch press release says the capability is “currently supported on Apple devices and FireTV”; a 2026 Tech Lab blog describes the latest release as bringing it to Samsung, LG, AndroidTV, and tvOS — two official statements, attributed here to their sources. DoubleVerify, HUMAN, and Integral Ad Science were quoted supporting it at launch. Watch-outs: no OM SDK version number is stated for it, platform coverage is not universal, and attestation proves the device is authentic — it is not a complete fraud solution.

Measurement layerWhat it provesWhat it does not prove
VAST tracking eventsThat the player fired delivery and quartile events for the tagThat a human saw the ad, or that the events came from an authentic environment
MRAID 3.0 viewability supportThat the in-app environment can expose exposure and audibility data to the adIndependent verification — MRAID is the ad-to-app contract, not a measurement service
OM SDKStandardized collection of geometry, viewability, and session data for third partiesA fraud or quality verdict — verification vendors judge with the data it carries
OMID verification scriptsThat vendor code can observe the measurement session where the integration runsCoverage on platforms without OM SDK support — absence of signal is not absence of ads
Device attestationThat the impression rendered on an authentic device, where supportedThat the ad was viewable, the context suitable, or that spoofing elsewhere is impossible
SSAI VAST macrosThat server-side delivery can share environment and content details with verifiersClient-side confirmation — populated macros are declarations, not independent observations
The proof ladder — what each video and mobile measurement control proves, and the outcome it does not prove. WHAT MEASUREMENT PROVES CONTROL PROVES DOES NOT PROVE OM SDK signal access — the Open Measurement SDK collects geometry, on-screen percentage, duration, and audibility signals through the OMID 1.6 API and hands them to verification vendors, where supported. It proves standardized signals were available — not that anyone watched. OM SDK access OMID 1.6 signal layer STANDARDIZED SIGNALS not proof anyone watched Viewability — MRC guidelines define a viewable impression as an opportunity to see: 50% of pixels for one continuous second of display, or two continuous seconds of video play. It does not prove attention, recall, or persuasion. Viewability MRC-defined thresholds OPPORTUNITY TO SEE not proof of attention Device attestation — launched in OM SDK on October 23, 2025, built on the IETF Privacy Pass protocol, letting apps and players prove impressions render on authentic devices. The launch release names Apple devices and FireTV; a 2026 Tech Lab blog names Samsung, LG, AndroidTV, and tvOS — attribute each list to its source. One rung of fraud defense, not a complete fraud solution. Attestation OM SDK, launched 2025 DEVICE AUTHENTICITY not a complete fraud answer IVT controls — MRC-defined filtration: general invalid traffic caught by routine list-based checks, sophisticated invalid traffic requiring advanced analytics and human intervention. Filtration proves screening happened; it cannot prove that everything remaining is human. IVT controls GIVT + SIVT filtration KNOWN INVALID FILTERED not proof traffic is human Brand safety — proves context was classified and screened against a policy. Safety is a floor, not an outcome: it does not prove the placement helped the brand. Brand safety context classification CONTEXT SCREENED not proof of brand outcome Attention — MRC published Attention Measurement Guidelines in November 2025, layered on top of viewability rather than replacing it. An engagement proxy — not proof of business outcome. Attention layered on viewability ENGAGEMENT PROXY not proof of business outcome Delivery proof is the bottom of the evidence ladder — incrementality, effectiveness, and outcome proof live in Research and Measurement Science. THE LADDER CONTINUES The evidence ladder continues in Research & Measurement Science.
The measurement trust chain: delivery events, OM SDK data collection, OMID verification access, and device attestation — each layer proving one specific thing.
Platform rules

Mobile identifiers and attribution.

These are not delivery standards — they are the platform-governed identifiers and attribution frameworks that delivery and measurement workflows depend on. None of them is stable, universal, or privacy-safe by default: every one is permission-gated, resettable, scoped, or being phased out. Treat each as a conditional input and validate current status before building on it.

  • Apple identifier

    IDFA + ATT

    The IDFA is gated by App Tracking Transparency: apps must declare a usage description and request authorization before accessing app-related data for tracking across apps and websites. The ATT framework is available from iOS and iPadOS 14.0. Never assume IDFA availability — it is a permission outcome, not a property of the device.

  • Apple attribution

    SKAdNetwork

    Apple’s privacy-preserving install-validation framework — an attribution and measurement framework, not a delivery standard. The current documented version is version 4: up to three conversion windows starting iOS 16.1, up to three postbacks, and a winning postback plus runner-ups. Two older methods are deprecated; the framework itself remains documented, and Apple recommends AdAttributionKit for new ad campaigns.

  • Apple attribution, newer

    AdAttributionKit

    Apple’s newer attribution framework, available from iOS 17.4, interoperable with SKAdNetwork. It supports install and re-engagement attribution in the App Store and alternative marketplaces, operates without ATT authorization, and sends cryptographically signed postbacks containing no user- or device-specific data. Neither framework makes all iOS measurement questions answerable — design within their constraints.

  • Android identifier

    AAID — Android Advertising ID

    The identifier Google’s documentation assigns to advertising use cases. It is user-resettable, and — since the late-2021 Google Play services update — opting out zeroes it: attempts to access it return a string of zeros. Play policy forbids connecting it to personally identifiable information or persistent device identifiers (including SSAID) without consent, and forbids bridging user resets.

  • Not SSAI

    SSAID — ANDROID_ID

    An Android device identifier concept — not an advertising delivery standard, and not to be confused with SSAI (Server-Side Ad Insertion). Per official documentation, on Android 8.0+ it is a 64-bit value scoped to the combination of app-signing key, user, and device, and can change on factory reset or signing-key change. The anti-ads guidance is indirect but firm: advertising use cases are assigned to the Advertising ID, and Play policy bans associating the Advertising ID with SSAID.

  • Android, same-developer

    App Set ID

    A Google Play services identifier offered, per official documentation, “for use cases such as analytics or fraud prevention” across a set of apps owned by one organization. The best-practices guidance permits cross-app analysis of your own apps “as long as you don’t use user data for advertising purposes.” It resets if unused for over 13 months, when the last app in the set is uninstalled, or on factory reset.

  • Retired — being phased out

    Android Attribution Reporting

    Google’s October 17, 2025 Privacy Sandbox announcement explicitly retires the “Attribution Reporting API (Chrome and Android)” — along with Protected Audience, Topics, Protected App Signals, and SDK Runtime — describing the technologies as being phased out, with no published end dates. Do not build new dependencies on it; validate current status, and watch the W3C attribution-standard work the announcement points to.

Identifier / frameworkPlatformRoleKey caveat
IDFAiOSDevice advertising identifierGated by ATT authorization — never assume availability
ATTiOS 14.0+Tracking-permission frameworkPermission gate, not an identifier; no deprecation notes in public documentation
SKAdNetworkiOSInstall attribution frameworkVersion 4 per Apple docs; two methods deprecated, framework remains — not a delivery standard
AdAttributionKitiOS 17.4+Install + re-engagement attributionInteroperable with SKAdNetwork; operates without ATT authorization — not a delivery standard
AAIDAndroidDevice advertising identifierUser-resettable; zeroed on opt-out since the late-2021 Play services update
SSAID (ANDROID_ID)Android 8.0+Per-app-signing-key device identifierNot an ads identifier — and not to be confused with SSAI (Server-Side Ad Insertion)
Attribution Reporting (Android)AndroidPrivacy Sandbox attribution APIRetirement announced Oct 2025 — being phased out; validate current status
Mobile identifiers and attribution — two platform rails feeding attribution and suppression decisions, with SSAID set apart as a device identifier, not an ad standard. MOBILE IDENTIFIERS & ATTRIBUTION iOS — IDENTIFIERS & ATTRIBUTION ATT gates the identifier IDFA — Apple’s advertising identifier, readable only when the user grants App Tracking Transparency authorization (framework available from iOS 14.0). Never assume availability; design for its absence. IDFA gated by ATT prompt ATT-GATED SKAdNetwork version 4 — Apple’s install-validation attribution with up to three conversion windows from iOS 16.1. Two methods are deprecated; the framework remains and interoperates with AdAttributionKit. An attribution framework — not a delivery standard. SKAdNetwork attribution framework VERSION 4 AdAttributionKit — Apple’s newer attribution framework (iOS 17.4+): install and re-engagement attribution across the App Store and alternative marketplaces, interoperable with SKAdNetwork; per Apple documentation it operates without ATT authorization. A measurement rail, not a delivery standard. AdAttributionKit install + re-engage iOS 17.4+ ANDROID — IDENTIFIERS & ATTRIBUTION resettable by design Android Advertising ID (AAID) — user-resettable, and since the late-2021 Google Play services update, returned as a string of zeros when the user opts out. Play policy forbids connecting it to personally identifiable information or persistent device identifiers without consent, and forbids bridging user resets. Advertising ID AAID — resettable OPT-OUT ZEROED App Set ID — Google Play services identifier for analytics and fraud prevention across one developer’s own apps; official best-practice guidance permits cross-app analysis only as long as user data is not used for advertising purposes. Resets after 13 months unused, last-app uninstall, or factory reset. App Set ID same-developer scope ANALYTICS-ONLY Attribution Reporting API — Google’s October 17, 2025 announcement retires it on both Chrome and Android; official pages describe it as being phased out, with no published end dates. Do not build on it — validate current status. Attribution Reporting retirement announced RETIRING SSAID (Settings.Secure.ANDROID_ID) — an Android device identifier concept: on Android 8.0 and higher, a 64-bit value scoped to each combination of app-signing key, user, and device. Not an advertising delivery standard — and not to be confused with SSAI, server-side ad insertion. Official guidance assigns advertising use cases to the Advertising ID. NOT AN AD STANDARD SSAID / ANDROID_ID Android device identifier not to be confused with SSAI Attribution and suppression decisions — what may be measured, which postbacks exist, and which users must be left alone all hinge on identifier state. None of these identifiers is stable, universal, or privacy-safe by default. THE DECISION LAYER Attribution & suppression decisions identifier state gates what may be measured — and who must be left alone SKAdNetwork, AdAttributionKit, and Attribution Reporting are measurement rails, not delivery standards — validate current status.
The identifier and attribution landscape across iOS and Android: permission gates, reset behavior, scoping, and the frameworks being phased out.
Agentic implications

What this means for agentic advertising.

Agentic systems negotiate and plan at a layer above all of this — and then every plan has to descend through it. The delivery layer is where an agent’s assumptions get audited by reality: by players that parse only some of VAST, identifiers that may not exist, and measurement that covers only some platforms. Six implications follow.

  • 01

    The plan-to-render gap

    An agent’s media plan must compile down to VAST tags that the target players actually parse. CTV Addendum extension support varies by player and SSAI vendor — capability checks belong in the workflow, not in assumptions.

  • 02

    Creative identity is enforcement

    Without registered creative IDs — UniversalAdId, and the ACIF framework the CTV Addendum points to — an agent cannot enforce frequency, competitive separation, or creative-level brand rules across SSAI and CTV paths.

  • 03

    Measure before you optimize

    An agent should only optimize on signals that OM SDK and independent verification can actually carry on that platform, where supported. Optimizing on unverifiable signals automates wishful thinking.

  • 04

    Platform rules are runtime constraints

    ATT status, identifier availability, and SKAdNetwork or AdAttributionKit postback design decide what attribution an agent may even request. Encode the constraints into the workflow before the campaign, not into the apology after it.

  • 05

    Spoofing scales with automation

    Automated buying finds cheap CTV reach fast — and so does spoofed inventory. Use device attestation where supported, require app and bundle verification, and assume fraud adapts to every new buying pattern.

  • 06

    Deprecation debt is agent debt

    VPAID-era assumptions and retiring APIs like Android Attribution Reporting must be removed from agent toolchains deliberately. An agent that plans around a deprecated capability fails silently at execution time.

One table

Standards comparison.

The working matrix: what each standard or framework does, where it stands per the latest official documentation, and where it is covered in depth.

Standard / frameworkPrimary jobStatus per official documentationCovered in
VAST 4.3Video ad serving templateCurrent (December 2022)Core AdTech Standards
VAST CTV Addendum 2024CTV extensions across VAST 2.0+Final (July 2024); extension-based, not a new versionSSAI and CTV execution
SSAI VAST Macros GuidanceVAST macro subset for SSAI verification detailv1.0 guidance (November 2020) — not a standalone specSSAI and CTV execution
SIMID 1.2Interactive video creative layerCurrent (Dec 2022 spec; page updated Jan 2024)Video delivery standards
VPAID 2.0Legacy executable video creativeOfficially deprecated — replaced by OMID + SIMIDVideo delivery standards
MRAID 3.0In-app rich media APICurrent (final, June 2018)Mobile creative and rich media
OM SDKMeasurement data collection rail1.5 release line per latest official documentationMeasurement & Media Quality
OMIDOpen Measurement APIAPI version 1.6 per latest official documentationMeasurement & Media Quality
OM SDK Device AttestationAuthentic-device proof for impressionsLaunched October 23, 2025; platform coverage partial — validate current statusMeasurement and verification
SKAdNetwork / AdAttributionKitiOS attribution frameworks — not delivery standardsSKAN version 4; AdAttributionKit from iOS 17.4, interoperablePrivacy & Consent Standards
Android identifiers (AAID, App Set ID, ARA)Android identifier and attribution setAAID zeroed on opt-out; Attribution Reporting being phased out per Oct 2025 announcementPrivacy & Consent Standards
Implementation lens

Implementation lens.

The same standards land differently depending on where you sit in the chain. Select your company type for the version of this page that applies to you.

Select your company type
What to demand

Require registered creative IDs (UniversalAdId) on video buys, independent measurement via OM SDK where supported, and explicit answers on SSAI verification before treating CTV reach as premium. Keep attribution expectations inside what SKAdNetwork, AdAttributionKit, and the Android identifier rules actually permit.

  • VAST
  • UniversalAdId
  • OM SDK
  • SKAN / AAK
What to operationalize

Translate plans into delivery reality: which players parse which VAST features, which CTV platforms carry OM SDK, where device attestation applies, and which identifier constraints shape measurement design per platform. Maintain a capability matrix per supply path and validate it on a cycle.

  • VAST CTV Addendum
  • SSAI macros
  • OMID
  • ATT
What to implement

Implement VAST 4.x and the CTV Addendum extensions, populate SSAI VAST macros for verification partners, integrate OM SDK on supported platforms, and carry creative IDs through the stitch. Transparency here is a sales asset — buyers increasingly gate spend on it.

  • VAST 4.3
  • SSAI VAST Macros Guidance
  • OM SDK
  • SIMID
What to integrate

Support MRAID 3.0 for rich media, integrate OM SDK for measurement, and follow the platform identifier rules: AAID for advertising on Android, App Set ID only for same-developer analytics and fraud use, ATT-gated IDFA on iOS. Never connect advertising IDs to persistent device identifiers.

  • MRAID 3.0
  • OM SDK
  • AAID
  • App Set ID
What to engineer

Parse and emit VAST CTV Addendum extensions, support SIMID rather than VPAID-era creative, carry SSAI macros faithfully, and surface OM SDK and attestation signals to buyers. Remove retired dependencies — VPAID assumptions and Android Attribution Reporting — from roadmaps deliberately.

  • VAST
  • SIMID
  • OM SDK Device Attestation
  • OMID
What to cover

Build on OMID 1.6 sessions where OM SDK runs, consume SSAI macro details for server-side paths, and incorporate device-attestation signals where supported — while being explicit with clients about which platforms have no coverage. Absence of signal is not absence of ads.

  • OMID 1.6
  • OM SDK
  • Device attestation
  • SSAI macros
What to redesign

Design measurement around SKAdNetwork version 4 and AdAttributionKit on iOS, AAID-with-consent on Android, and the retirement of Android Attribution Reporting. Treat every identifier as conditional — resettable, permission-gated, or being phased out — and validate current status on a cycle.

  • SKAN version 4
  • AdAttributionKit
  • AAID
  • Attribution Reporting (retired)
No Fluff POV

No Fluff POV.

Video and mobile standards are where workflow ambition meets execution reality. The agentic layer gets the headlines; this layer decides whether anything the agent planned actually happens, gets measured, and can be defended. Build for it deliberately.

  • Treat the delivery layer as a constraint set the agent must satisfy, not a detail someone downstream will handle.
  • Remove VPAID-era assumptions deliberately — the official direction is OMID for measurement and SIMID for interactivity.
  • Design SSAI measurement upfront: which macros are populated, which verification runs where supported, and how creative IDs survive the stitch.
  • Treat identifiers as conditional inputs — never stable, never universal, never privacy-safe by default.
  • Keep attribution claims inside what SKAdNetwork, AdAttributionKit, and the Android identifier rules actually support.
  • Validate current status before building: this layer keeps moving — VPAID deprecated, the CTV Addendum shipped in 2024, device attestation launched in 2025, and Privacy Sandbox ad APIs were retired the same year.

The point

The agent may plan the buy, but the ad still has to render in a player, run inside an app, pass measurement, respect platform rules, and survive verification.

Validate, don’t assume

Primary sources to validate.

Video, mobile, CTV, measurement, and platform references last validated: June 2026. Validate current official documentation before implementation.

Primary sources to validate 28 sources
  • Update on Plans for Privacy Sandbox Technologies ↗ Official blog

    Google Privacy Sandbox · checked 2026-06-12 · Primary

    Google's October 17, 2025 announcement retiring most Privacy Sandbox ad APIs — including Topics, Protected Audience, and Attribution Reporting (Chrome and Android) — citing ecosystem feedback and low adoption. CHIPS, FedCM, and Private State Tokens continue. No concrete removal dates published. Supports: Current Privacy Sandbox status, Which APIs are retired vs continuing, Why Google retired the ad APIs.

  • Next steps for Privacy Sandbox and tracking protections in Chrome ↗ Official blog

    Google Privacy Sandbox · checked 2026-06-12 · Primary

    Google's April 22, 2025 announcement that Chrome will keep third-party cookies under the existing user-choice settings and will not roll out a standalone cookie prompt — reversing earlier deprecation plans. Supports: Third-party cookie status in Chrome, Cookie-deprecation reversal (April 2025).

  • Privacy Sandbox feature status ↗ Official docs

    Google Privacy Sandbox · checked 2026-06-12 · Primary

    Per-API status table (last updated October 17, 2025): Topics, Protected Audience, Attribution Reporting, Private Aggregation, Shared Storage/SelectURL, and Related Website Sets marked 'Deprecate and remove'; CHIPS, FedCM, and Private State Tokens continue. The live tracker for validating current status. Supports: Per-API deprecation status, Live phase-out tracker.

  • Topics API — developer documentation ↗ Official docs

    Google Privacy Sandbox · checked 2026-06-12 · Primary

    Canonical Topics API docs: interest-based advertising without sharing the specific sites a user visited. Carries a phase-out banner — historically important, being retired; validate current status before building on it. Supports: What the Topics API does, Phase-out caveat.

  • Protected Audience API — developer documentation ↗ Official docs

    Google Privacy Sandbox · checked 2026-06-12 · Primary

    Canonical Protected Audience (formerly FLEDGE) docs: on-device ad auctions run by the browser for remarketing / custom-audience ads without cross-site third-party tracking. Carries the same phase-out banner — validate current status. Supports: What Protected Audience does, Phase-out caveat.

  • Attribution Reporting API — developer documentation ↗ Official docs

    Google Privacy Sandbox · checked 2026-06-12 · Primary

    Canonical Attribution Reporting docs: browser-generated reports matching ad interactions to conversions without cross-site tracking. Carries the same phase-out banner — validate current status. Supports: What Attribution Reporting does, Phase-out caveat.

  • SKAdNetwork — Apple Developer documentation ↗ Official docs

    Apple Developer · checked 2026-06-12 · Primary

    Apple's privacy-preserving install-validation API. Documents version 4: up to three conversion windows (starting iOS 16.1), up to three postbacks, and a winning postback plus up to five runner-up postbacks. Only two methods are deprecated — not the framework; Apple recommends AdAttributionKit for new ad campaigns. Supports: What SKAdNetwork does, SKAdNetwork version 4 specifics, Apple's AdAttributionKit recommendation.

  • AdAttributionKit — Apple Developer documentation ↗ Official docs

    Apple Developer · checked 2026-06-12 · Primary

    Apple's newer attribution framework (iOS/iPadOS/Mac Catalyst 17.4+): install and re-engagement attribution for ads in the App Store and alternative marketplaces, no ATT authorization required, cryptographically signed postbacks containing no user- or device-specific data. Supports: What AdAttributionKit does, OS availability (17.4+), Re-engagement and alternative-marketplace support.

  • Understanding AdAttributionKit and SKAdNetwork interoperability ↗ Official docs

    Apple Developer · checked 2026-06-12 · Supporting

    The authoritative reference for how AdAttributionKit and SKAdNetwork interact when delivering ad impressions — the two frameworks coexist and interoperate; neither has fully replaced the other. Supports: AdAttributionKit–SKAdNetwork relationship.

  • App Tracking Transparency — Apple Developer documentation ↗ Official docs

    Apple Developer · checked 2026-06-12 · Primary

    ATT requires apps to declare NSUserTrackingUsageDescription and request user authorization (ATTrackingManager.requestTrackingAuthorization) before accessing app-related data for cross-app/website tracking. Available iOS/iPadOS 14.0+; no deprecation notes — ATT remains in force. Supports: What ATT does and requires, OS availability.

  • MRAID — Mobile Rich Media Ad Interface Definitions (IAB Tech Lab standards page) ↗ Official standards page

    IAB Tech Lab · checked 2026-06-12 · Primary

    Official MRAID page listing 3.0 as the current version. MRAID is the common API between rich media ads and in-app environments — expand/resize, device-feature access, orientation handling, full-screen interstitials. 3.0 added viewability measurement support, audibility, a standardized close button, and error handling; backwards compatible with prior MRAID versions. Supports: MRAID current version (3.0), What MRAID defines, 3.0 feature additions, Backward compatibility.

  • MRAID Version 3.0 specification (FINAL, June 2018 — PDF) ↗ Official docs

    IAB Tech Lab · checked 2026-06-12 · Primary

    The normative MRAID 3.0 specification PDF, FINAL June 2018 — still the current MRAID spec per the official standards page as of June 2026. MRAID defines the in-app rich media ad API; it is not a measurement or attribution solution. Supports: Canonical MRAID 3.0 spec citation, June 2018 final date.

  • SIMID — Secure Interactive Media Interface Definition (IAB Tech Lab standards page) ↗ Official standards page

    IAB Tech Lab · checked 2026-06-12 · Primary

    Official SIMID page: latest version 1.2 (page last updated January 3, 2024). States the Digital Video Technical Working Group is 'replacing VPAID with a set of more focused standards' — OMID for measurement/verification, SIMID for interactivity. SIMID separates the interactive layer from the media asset, both delivered via VAST 4.x, enabling SSAI and OTT use cases. Supports: SIMID current version (1.2), Official VPAID-replacement framing, SSAI/OTT positioning.

  • SIMID 1.2 specification (PDF) ↗ Official docs

    IAB Tech Lab · checked 2026-06-12 · Primary

    The SIMID 1.2 specification PDF ('Released December 2022'; the standards page notes a January 2024 update — cite both dates). v1.2 added responsive ad support, L-shaped ad-space guidance, cryptographic session-ID requirements, and deep-link handling. Supports: Canonical SIMID 1.2 spec citation, v1.2 changelog, Dual dating (Dec 2022 PDF / Jan 2024 page).

  • VPAID — Video Player-Ad Interface Definition (official page, deprecated) ↗ Official standards page

    IAB Tech Lab · checked 2026-06-12 · Primary

    The official VPAID page — now living under /standards-old/ — states verbatim that VPAID 'has been deprecated and is being replaced by Open Measurement Interface Definition (OMID) and Secure Interactive Media Interface Definition (SIMID).' Last published version is VPAID 2.0. Supports: VPAID deprecation (official wording), Last version (2.0), OMID + SIMID as the named replacements.

  • SSAI VAST Macros Guidance — IAB Tech Lab page ↗ Official standards page

    IAB Tech Lab · checked 2026-06-12 · Primary

    The official server-side ad insertion artifact: SSAI VAST Macros Guidance v1.0 (November 2020) — a curated subset of VAST macros for sharing user-agent, environment, and content details with verification partners and buyers; compatible with VAST 2.0+. It is guidance, not a standalone SSAI specification — IAB Tech Lab publishes no standalone 'SSAI spec'; VAST 4.x carries built-in SSAI-support features. Supports: What officially exists for SSAI (guidance, not a spec), SSAI macro purpose and scope, v1.0 / Nov 2020 dating.

  • Server-Side Ad Insertion (SSAI) — VAST Macros Guidance v1.0 (PDF, Nov 2020) ↗ Official docs

    IAB Tech Lab · checked 2026-06-12 · Primary

    The canonical SSAI VAST Macros Guidance document, v1.0, November 2020. Supports: Canonical SSAI guidance citation.

  • A Deeper Look into VAST 4.0 and the Universal Ad ID ↗ Official blog

    IAB Tech Lab · checked 2026-06-12 · Primary

    Official explainer: the UniversalAdId element of VAST 4.x carries a unique creative identifier maintained across platforms, with Ad-ID (ad-id.org) as the registry for US markets. Registry metadata supports creative-level competitive separation, brand safety, and advertiser/product categorization; consistent creative IDs also help in SSAI environments. Supports: Universal Ad-ID purpose in VAST 4.x, Ad-ID as the US registry, UniversalAdId element placement.

  • VAST CTV Addendum 2024 (FINAL, July 2024 — PDF) ↗ Official docs

    IAB Tech Lab · checked 2026-06-12 · Primary

    The final addendum (published July 18, 2024) retrofits CTV-critical features into VAST 2.0–3.x via backward-compatible extensions — explicitly not a new VAST version: UniversalAdId recognition (a designated field in VAST 4.x), ACIF registered ad IDs, Open Measurement, interactive video, high-resolution creative, and DSA-compliance icons. Names video players, SSAI vendors, and ad platforms that parse and execute VAST tags as implementers. Supports: CTV Addendum scope, UniversalAdId retrofit into VAST 2.0–3.x, SSAI vendors as named implementers, Extension-based approach (not a VAST version bump).

  • IAB Tech Lab Expands Open Measurement SDK to Connected TV ↗ Official press release

    IAB Tech Lab · checked 2026-06-12 · Primary

    June 8, 2022 announcement extending OM SDK to CTV (available Q3 2022) on tvOS and Android TV, adding CTV-specific viewability signals — TV-off signaling and last-user-activity-in-app — alongside screen/ad geometry, obstruction, viewable impressions, and quartile measurement. Supports: OM SDK CTV launch (June 2022), Initial CTV platforms (tvOS, Android TV), CTV-specific signal list.

  • IAB Tech Lab Expands Open Measurement SDK to New CTV Platforms (Samsung, LG) ↗ Official press release

    IAB Tech Lab · checked 2026-06-12 · Primary

    May 30, 2024 announcement adding Samsung and LG to OM SDK CTV coverage — delivered via the HTML5/Web Video SDK in the OM SDK 1.5 release line per the standards pages (the PR itself states no version number). Cited 40% CTV-market coverage as of that announcement (a stale figure — do not cite as current). Roku, Vizio, and Fire TV are not listed as OM SDK CTV measurement platforms on official pages. Supports: Samsung/LG addition (May 2024), HTML5/Web Video SDK delivery, Platform-coverage limits (no Roku/Vizio).

  • IAB Tech Lab Launches Device Attestation Support in Open Measurement SDK to Combat Device Spoofing ↗ Official press release

    IAB Tech Lab · checked 2026-06-12 · Primary

    October 23, 2025 launch (shipped, not proposed) of Device Attestation in OM SDK, adopting the IETF Privacy Pass protocol for the ads-verification use case. The PR states the capability 'is currently supported on Apple devices and FireTV'; a 2026 Tech Lab blog instead lists Samsung, LG, AndroidTV, and tvOS — attribute each list to its source rather than merging them. No OM SDK version number is stated. DoubleVerify, HUMAN, and Integral Ad Science quoted supporting at launch. Attests device authenticity only — not a complete fraud solution. Supports: Device Attestation launch (Oct 23, 2025), Privacy Pass basis, PR platform list (attributed), Launch supporters (DV, HUMAN, IAS).

  • OM SDK Device Attestation Implementation Guidance ↗ Official docs

    IAB Tech Lab · checked 2026-06-12 · Supporting

    Landing page (last updated November 4, 2025) hosting the Open Measurement Device Attestation Implementation Guidance PDF (uploaded October 2025), which references the IETF Privacy Pass working group — evidence that the capability shipped with formal implementation guidance. Supports: Published implementation guidance (shipped status).

  • OMSDK-Device-Attestation repository ↗ Official GitHub

    IAB Tech Lab (GitHub) · checked 2026-06-12 · Supporting

    Public repo containing the implementation guidance and attestation flow diagram; frames the capability as privacy-preserving attestations made by device manufacturers. The README describes the initiative as 'In Progress' — the capability launched October 2025 but expansion work continues. Supports: Official technical resource location, Post-launch expansion signal.

  • Open Measurement Working Group — IAB Tech Lab directory page ↗ Official standards page

    IAB Tech Lab · checked 2026-06-12 · Supporting

    Official directory entry for the working group under which OM SDK/OMID standards work is developed: owner Jill Wittkopp, status Active, join via [email protected]. The page publishes no detailed charter text — do not quote a mission statement from it. Supports: Working group existence, owner, active status, Stewardship of OM SDK/OMID.

  • Best practices for unique identifiers — Android Developers ↗ Official docs

    Google (Android Developers) · checked 2026-06-12 · Primary

    Google's canonical identifier-per-use-case guidance: use the most restrictive identifier that satisfies the use case — advertising → Advertising ID (AAID); same-developer analytics/crash reporting → App Set ID or Firebase Installation ID; fraud prevention → Play Integrity API. AAID is user-resettable and, since a late-2021 Google Play services update, returns a string of zeros after opt-out; Play policy forbids connecting it to PII or persistent device identifiers (SSAID, MAC, IMEI) and bans bridging user resets. No Android identifier is stable or universal. Supports: Identifier-per-use-case mapping, AAID reset and zero-on-opt-out behavior, Play policy constraints on AAID.

  • Settings.Secure.ANDROID_ID (SSAID) — Android API reference ↗ Official docs

    Google (Android Developers) · checked 2026-06-12 · Primary

    Official SSAID/ANDROID_ID definition: on Android 8.0 (API level 26) and higher, a 64-bit number unique to each combination of app-signing key, user, and device; the value may change on factory reset or APK signing-key change. SSAID is an Android device-identifier concept, not an ad-delivery standard — not to be confused with SSAI (server-side ad insertion). Official guidance assigns advertising use cases to the Advertising ID, not SSAID. Supports: SSAID definition and per-signing-key scoping, Reset behavior, SSAID-vs-SSAI disambiguation.

  • Identify developer-owned apps (App Set ID) — Android Developers ↗ Official docs

    Google (Android Developers) · checked 2026-06-12 · Primary

    Official App Set ID page: a Google Play services identifier for analytics or fraud prevention across apps owned by one organization — per the best-practices doc, usable only 'as long as you don't use user data for advertising purposes.' Scoped to the Google Play developer account (app-scoped fallback); resets after 13 months without access, when the last app in the set is uninstalled, or on factory reset. Supports: App Set ID purpose and advertising restriction, Scope (Play developer account), Reset conditions.

Platform capabilities and naming change quickly. Last validated: June 12, 2026. Check current documentation before implementation.Video, mobile, CTV, measurement, and platform references last validated: June 2026. Validate current official documentation before implementation.

Next step

Building video, CTV, or mobile execution into an agentic workflow?

The operating work is to wire VAST capability checks, SSAI measurement design, identifier constraints, and independent verification into the execution path — before agents scale whatever the delivery layer actually permits.

Scope this work Open Mobile App Growth