Changing the name of the OAID cookie

Introducing the OAID cookie

The Revive Adserver software uses several cookies to operate correctly. Each cookie has a specific use and a specific name.

One of these cookies causes a lot of questions, and even concerns in light of current and new privacy regimes like GDPR: the OAID cookie.

A predecessor of the Revive Adserver software, called OpenX Source, had functionality to connect it to a ad network called OpenX Market. In order to be able to recognize site visitors across multiple OpenX Source installations, the OpenX Market needed an identification and that is where the OAID cookie came in. When someone would first be in touch with any Revive Adserver installation, it would generate a completely random and unique value and store that in the OAID cookie.

When the OpenX Source software was replaced by the Revive Adserver software, it continued to generate these OAID cookies, even though it doesn’t actually need them for its own functionality. There might actually be some third party plugins that make use of this cookie, but that’s beyond the scope of this article.

New setting in v4.1.4

Version 4.1.4 of the Revive Adserver software, released on May 25, 2018, has a new setting. Enabling it ensures that the OAID cookie no longer assigns a random but unique value to the OAID cookie. The reason is that technically the OAID when storing a unique value can be considered to be a tracking cookie, which is not permitted under GDPR without prior consent of the visitor. When the new setting is turned on the software no longer generates a random unique value, but instead always assigns the value 01000111010001000101000001010010 to the cookie. This is the binary representation of the acronym GDPR. Any existing OAID cookies will get their current value replaced by 01000111010001000101000001010010 as well.

Changing the name of the OAID cookie

Even though the OAID cookie is technically no longer a tracking cookie once the new setting in v4.1.4 has been enabled, you might still be concerned about the name of the cookie. Regulators might misinterpret the name of the cookie since the characters ID are still in it.

It is possible to change the name of the cookie to whatever name you prefer. To do that, you will need to be able to directly edit the configuration file of your Revive Adserver installation, which can be found in the ‘var’ folder of the installation.

Open the configuration file in a text editor like VIM or Nano and look for a section called ‘[var]’. In the section, there are many settings lines, and one of these reads as follows by default:

viewerId=OAID

You can enter whatever name you would prefer instead of OAID just behind the = symbol, for example:

viewerId=RVGDPR

Once you’ve saved the changed configuration file, the software will no longer recognize any existing OAID cookies and starts assigning RVGDPR cookies.

About the author

Erik Geurts

Erik Geurts

Independent Revive Adserver consultant

Erik Geurts is an independent Revive Adserver consultant with over 15 years of hands-on experience. He’s also one of the founders and Managing Director of Aqua Platform, a leading Revive Adserver hosting company.