CAPI is the New Standard For Social Ads

In a world where technology moves so fast sometimes we wonder if it's even worth implementing the latest changes, as they'll just be replaced in what feels like a few minutes, the new challenge is now identifying which systems are just a fleeting fancy and which are here to stay

It feels completely bizarre stating this as ‘new’ bearing in mind CAPI (the short hand for “Conversions API”) is implemented across essentially every significant ads platform in the western and eastern world, but here we are.

In a world where technology moves so fast sometimes we wonder if it’s even worth implementing the latest changes, as they’ll just be replaced in what feels like a few minutes, the new challenge is now identifying which systems are just a fleeting fancy and which are here to stay – which brings us neatly back to CAPI.

What is CAPI?

The Conversions API is the ‘new’ standard procedure for websites to accurately as possible track user behaviour back to each advertising platform. If that sounds confusing or vague, do not worry, you are not alone. In order to fully understand CAPI, you need to understand the history of online advertising, tracking and machine learning in general. Add in a splash of data privacy and a glance at GDPR/The ACT (the short hand for “The Online Safety Act 2023” in the UK)/CCPA (the short hand for the “California Consumer Privacy Act 2024” in the US) and you get to the mess that we have today.

So let me break CAPI down for you, how it works, what it’s wider aim is and why it’s important that every online advertiser implements it.

Coupon Codes

Yes, that is actually where this whole palava with tracking begins. Back in 1887 Asa Candler, the then owner of Coca Cola, invented the idea of giving out a hand-written voucher that entitled people to a free Coke. Fast forward to the 1930’s and the world renowned marketer David Ogilvy decided he would employ this little used marketing tactic in magazine marketing across north America but added a twist, a unique code to each coupons design, so he could track which magazine was delivering the most sales. In one fell swoop he had re-invigorated both the cut-out coupon and, probably, the worlds-first wide scale marketing tracking system.

As mail-out technology started to develop, the tracking started to shift from identifying which publication was delivering the best, to identifying which customer was buying which items from which publications. It’s important to note here, there was nothing particularly new about keeping records of customer details and past purchases, this had been going on since the dawn of commerce. The rolodex was invented in the 1950’s almost exclusively for this purpose. However, the big change was in the invisible, un-obvious nature of how these things were now being tracked and that they were now tracking what customers were reading/doing away from the shop floor. Before this point, customers were very aware of their file, they could see it and phrases like “I’ll add a note to your file” were very common place. With coupon codes and other tech (which we won’t dive into here) the file stopped being such a forward facing aspect of retail.

The introduction of the CRM system

In 1987 Pat Sullivan and Mike Muhney, two US salesmen, invented the worlds first computer based ‘contact management system’ (Yes, you read that correctly, they called it a contact relationship management system, not a customer relationship management system) and then in 1993 SalesForce really took the whole idea and ran with it as a way for tracking every touchpoint and communication point between a business and a prospect/customer. Essentially, CRMs replaced the Rolodex as the new way to keep a customer file. It was faster, it took up less physical space in the store/office and, with functions like ‘copy & paste’, it was much easier to update.

The Digital Cookie

Whilst SalesForce were driving ahead in developing the CRM system, another issue was presenting itself for the newly emerging field of “Websites”.

In the 1990s when websites were struggling to remember who their users were or what they did in previous website visits, Lou Montulli, a network engineer, invented the HTTP cookie or what is widely known as internet cookies or simply as cookies. Cookies have now become an inevitable part of the internet, helping businesses accomplish a wide variety of purposes. (

Lou Montulli’s invention was leapt upon by internet advertisers almost the same day it was released. There is a certain level of irony here as the Cookie was specifically chosen for privacy centric reasons. As Quartz highlights:

Montulli considered a range of potential solutions before settling on the cookie, as he later explained in a blog post. A simpler solution might have been to just give every user a unique, permanent ID number that their browser would reveal to every website they visited. But Montulli and the Netscape team rejected that option for fear that it would allow third parties to track people’s browsing activity. Instead, they settled on the cookie—a small text file passed back and forth between a person’s computer and a single website—as a way to help websites remember visitors without allowing people to be tracked. (

Cookies became the main way advertisers tracked peoples behaviour online from 1994 through to 2020. Everything from add to carts to form submissions could be tracked and passed back to advertising platforms via cookies, so these platforms could use their ‘Algorithms’ to identify other people that would be likely to become buyers as well. These are known today as Lookalike audiences or LLA‘s.

The Era of Internet Privacy

As I am sure you are beginning to see, the current state of internet privacy has been a convergence of many different, independently developing, strands and technologies. This trend does not change when it comes to legislation.

The first data privacy legislation was introduced in Europe in 1978 with Germany’s Federal Data Protection Act.

This act marked a pioneering move towards establishing the right to privacy as a fundamental human right. Since then, numerous countries around the world have adopted similar privacy laws, reflecting a global recognition of the importance of personal data protection. These laws have continuously evolved, shaping the landscape of internet privacy and significantly impacting the way businesses operate online.

The GDPR (General Data Protection Regulation) which came into effect in the EU in 2018, and the CCPA (California Consumer Privacy Act) in 2020 in the US, have further solidified these privacy frameworks, requiring more transparency and giving consumers greater control over their personal file. These regulations have forced companies to rethink their data strategies, ensuring they prioritise consumer rights and compliance.

Enter CAPI

In response to these shifting tides, CAPI (Conversions API) emerges as a modern solution that respects user privacy while still allowing advertisers to track conversions effectively. Unlike traditional methods that rely heavily on cookies and potentially expose user data to various third parties, CAPI offers a more secure and direct way of transmitting data between a business’s CRM/server and the advertising platforms.

Here’s a step-by-step breakdown of how CAPI technically works:

Step 1: User Interaction on the Website or App

The process begins when a user interacts with a website or app. This could be various actions like making a purchase, signing up for a newsletter, or any other event that a business deems valuable. Each action is a potential conversion event that the business wants to track.

Step 2: Collecting Event Data

When a user performs an action, the website or app collects data related to that event. This data typically includes:

  • Event Name: What the action was (e.g., purchase, sign-up).
  • Event Time: When the action occurred.
  • User Data: Information that can help identify the user, such as an email address, phone number, or a hashed user ID.
  • Event Parameters: Additional details about the event (e.g., the value of a purchase, items bought).

Step 3: Sending Data to the Server

The data collected from the user’s action is sent from the client-side (the user’s device) to the business’s server. This transition to server-side is critical as it keeps the data secure and less exposed to third-party tracking or blocking.

Step 4: Processing and Hashing Data

Once the data reaches the server, it undergoes processing. This includes:

  • Validation: Checking the data for accuracy and completeness.
  • Hashing: Sensitive user information (like emails or phone numbers) is hashed for privacy. Hashing is a form of encryption that turns readable data into a randomized string of characters, which is virtually impossible to reverse.

Step 5: Server-to-Server API Call

The server then makes an API call to the advertising platform’s Conversions API. This call includes the hashed user data and details about the conversion event. The API uses a secure connection, ensuring that the data transmission is encrypted and safe from interceptors.

Step 6: Matching and Attribution

On receiving the data, the advertising platform attempts to match the hashed user data with its own records of users who have seen or clicked ads. If a match is found, the conversion event is attributed to the respective ad campaign.

Step 7: Reporting and Optimization

The results of these conversions are reported back to the business through the advertising platform’s dashboard. This data is crucial for businesses to understand the effectiveness of their ads and to optimize future advertising campaigns based on real conversion data rather than mere projections or estimations.

Step 8: Feedback Loop for Improvement

The final step involves using the insights gained from the reporting to refine targeting, ad creative, and overall campaign strategy. This feedback loop is essential for continuous improvement and ensuring the maximum ROI on ad spend.

By leveraging server-side API like CAPI, businesses can maintain robust tracking capabilities in a privacy-focused world, ensuring that their digital marketing efforts remain effective and compliant with global data protection standards.

The primary aim of CAPI is to provide advertisers with accurate data about user interactions without compromising the user’s privacy. By processing data on the server side, CAPI minimises the exposure of user data to external threats and reduces the dependency on cookies, which are becoming increasingly unreliable due to privacy blockers and changing regulations.

Why CAPI is Here to Stay

CAPI is not just a temporary adjustment to new privacy laws but a forward-thinking tool designed to adapt to the ongoing evolution of the digital advertising landscape. It addresses both the technical limitations of cookie-based tracking and the growing demand for privacy-centric advertising solutions. This is why it has been adopted by Meta, Tiktok, Snapchat, Twitter/X, LinkedIn and every other major social advertising platform in the western and eastern world.

The significance of implementing CAPI lies in its ability to maintain the effectiveness of digital marketing campaigns. By ensuring that conversion data is accurately and securely transmitted, advertisers can continue to optimise their strategies and achieve better outcomes, even in a privacy-first world.

Furthermore, as more regions implement stricter privacy laws, the adaptability and compliance of CAPI will likely make it a standard component in digital advertising frameworks worldwide. It represents a balance between the need for detailed analytics and the respect for user privacy, making it a sustainable and essential tool for future-proofing digital marketing practices.

In conclusion, CAPI is much more than a fleeting fancy; it is an integral part of the ongoing evolution in digital advertising that aligns with both technological advancements and increasing privacy concerns. By understanding its role and implementing it wisely, advertisers can stay ahead in the game, ensuring their practices are both effective and ethically sound.

What Our Clients Say