There’s been a lot of buzz recently about the lack of security associated with client-side testing and optimization solutions. These susceptibilities can leave organizations’ testing strategies, creative rotations, and even historic variations exposed—sitting open in the page’s source code—for competitors and inquisitive marketers to see. The culprit isn’t JavaScript in general (despite what some might have you believe), it’s one of the drawbacks of client-side architecture, and one of the many reasons we’ve invested in a server-side approach for Adobe Target.
The basic difference between server– and client-side architecture is simple: server-side systems perform operations on remote servers and deliver the results back to a user’s local computer (the client), whereas client-side systems execute processes on the user’s computer itself. Adobe’s global network of edge servers enables us to make content and experience delivery decisions on the server side. The browser sends relevant information to Adobe Target, which returns the right content to the right user at the right time. This architecture ensures that Adobe can support the round trips (from client to server to client) quickly and efficiently. Relevant consumer experiences shouldn’t lag, and this infrastructure enables seamless delivery while leveraging the most up-to-date information for decisioning.
What’s more, server-side architecture enables companies to leverage robust integrations with data collection and reporting systems, as well as with third-party data providers. This type of infrastructure readily facilitates cross-system user data mapping—a single user ID can exist across all systems—leading to consistency in reporting and attribution, as well as flexibility in targeting and audience-level performance analysis. With a client-side approach, you’re likely to encounter significant discrepancies between systems, and suffer from brittle connections that often break when changes are made in either one.
As for those security concerns, another benefit of server-side architecture is that it minimizes the communication from server to client, sending through only what’s required. With client-side systems, the server must send all possible content options to the browser, so the client can decide what to serve. This is where the vulnerability arises—this transfer enables virtually any interested party to examine what’s sent to the client and to discern your testing strategy. With a server-side approach, such as Adobe Target’s, the payload to the client is only the content needed for that user, on that page view. There’s no opportunity for external discovery of your brand’s testing plans and strategy, and, because the payloads are small, the impact on page load times is significantly less.
There are many reasons to mandate server-side architecture within your testing and optimization solutions. It makes sense, plain and simple. The benefits are clear: seamless, relevant experiences for consumers, governed by secure, flexible, testing and optimization programs for our customers. Although security concerns may have made this a timely topic of discussion, the underlying rationale has always been clear.