How to change the name of the OAID cookie

used by Revive Adserver

This article explains the purpose of the OAID cookie in Revive Adserver, and how to change the name of this cookie.

Introducing the OAID cookie

The Revive Adserver software uses several cookies to operate correctly. Each cookie has a specific use and a specific name.

One of these cookies causes a lot of questions, and even concerns, in light of current and new privacy regimes like GDPR:
the OAID cookie.

The origin of the OAID cookie

A predecessor of the Revive Adserver software, called OpenX Source, had functionality to connect it to a ad network called OpenX Market. In order to be able to recognize site visitors across multiple OpenX Source installations, the OpenX Market needed an identification and that is where the OAID cookie came in. When someone would first be in touch with any OpenX Source installation, it would generate a completely random and unique value and store that in the OAID cookie.

OpenX Market has been discontinued a long time ago, but when the OpenX Source software was replaced by the Revive Adserver software in 2013, it continued to generate these OAID cookies, even though it doesn’t actually need them for its own functionality.

There might be some third party plugins that make use of this cookie, but that’s beyond the scope of this article.

New setting in v4.1.4 and higher

Version 4.1.4 of the Revive Adserver software, released on May 25, 2018, has a new setting. Enabling it ensures that the OAID cookie no longer assigns a random but unique value to the OAID cookie. The reason is that technically the OAID when storing a unique value can be considered to be a tracking cookie, which is not permitted under GDPR without prior consent of the visitor. And since the core Revive Adserver software doesn’t actually need the OAID cookies value, it was decided to introduce a setting to disable this.

When the new setting is turned on, the software no longer generates a random unique value, storing it in the OAID cookie.

Instead it always assigns the value

01000111010001000101000001010010

to the OAID cookie. This is the binary representation of the acronym GDPR.

Any existing OAID cookies will get their current value replaced by

01000111010001000101000001010010

as well.

Changing the name of the OAID cookie

Even though the OAID cookie is technically no longer a tracking cookie once the new setting in v4.1.4 or higher has been enabled, you might still be concerned about the name of the cookie. Regulators might misinterpret the name of the cookie since the characters ID are still in it.

It is possible to change the name of the cookie to whatever name you prefer. To do that, you will need to be able to directly edit the configuration file of your Revive Adserver installation, which can be found in the ‘var’ folder of the installation.

Open the configuration file in a text editor like VIM or Nano and look for a section called ‘[var]’. In the section, there are many settings lines, and one of these reads as follows by default:

viewerId=OAID

You can enter whatever name you would prefer instead of OAID just behind the = symbol, for example:

viewerId=RVGDPR

Once you’ve saved the changed configuration file, the software will no longer recognize any existing OAID cookies and starts assigning new RVGDPR cookies.

Keep in mind, however, that any visitor who interacted with your Revive Adserver installation before the name change of the cookie, will still have that OAID cookie present in their browser, and the cookie will be sent to your Revive Adserver system with every request, even though it will simply be ignored.