Skip to content
Pricing
Log InStart Free TrialBook a Demo
Privacy & Compliance

ITP (Intelligent Tracking Prevention)

ITP (Intelligent Tracking Prevention) is a privacy feature built into Apple's Safari browser that limits cross-site tracking by restricting third-party cookies and shortening the lifespan of certain cookies and other stored data.

How it works

How ITP (Intelligent Tracking Prevention) works

Introduced by Apple in 2017 and refined across many Safari and WebKit releases, ITP uses on-device logic to identify domains that appear to track users across sites and then curtails their ability to do so. Over successive versions it moved from heuristic classification toward broadly blocking third-party cookies by default and imposing strict limits on cross-site state.

A defining behavior of ITP is that it caps how long client-side storage survives. Cookies set through JavaScript, for example via the document.cookie interface, have historically been capped to a short lifetime measured in days, and other client-side storage can be purged after a period without user interaction with the site. This directly undermines the assumption that a cookie will persist for as long as its stated expiration date.

ITP also addresses techniques used to work around cookie limits, such as link decoration and bounce tracking, where identifiers are passed through URLs or intermediary redirects. By constraining these methods, Safari narrows the paths available for reconstructing a cross-site identity after cookies have been cleared.

The practical effect is that any system depending on long-lived cookies in Safari faces significant erosion. Even first-party cookies can be shortened when set via script, which is why measurement, personalization, and cookie-based fraud controls behave differently, and less durably, on Safari than on browsers without comparable restrictions.

Why it matters

Why ITP (Intelligent Tracking Prevention) matters for fraud prevention

ITP meaningfully weakens cookie-based fraud defenses on one of the most widely used browser families, particularly on iPhones. Rate limits, trial gating, and account-linking that lean on persistent cookies decay quickly under ITP's short lifetimes and third-party cookie blocking, and attackers on Safari can appear new simply by waiting out or clearing constrained cookies. This is a central reason fraud prevention has shifted toward device intelligence, which recognizes a device from stable technical signals that ITP's cookie restrictions do not remove.

With TRACIO

How TRACIO handles it

TRACIO remains effective on Safari because it does not rely on the long-lived cookies that ITP restricts. Its identification is derived from the device's technical signals, so recognition of a returning device persists even where ITP shortens or blocks cookie storage. This lets customers maintain consistent detection of multi-accounting, trial abuse, and related fraud across browsers, including Safari and iOS. TRACIO treats this as first-party, security-oriented device recognition rather than cross-site tracking of the kind ITP targets, and customers remain responsible for transparency and for establishing an appropriate lawful basis.

FAQ

Frequently asked questions

Identify every device with confidence

Start with a free plan of 2,500 API calls per month. No credit card required.