Insurance

They compared 8 providers over 3 weeks. You lost attribution after 7 days.

Insurance purchases are driven by comparison. Customers visit aggregators, request multiple quotes, and deliberate for weeks before binding cover. Safari's 7-day cookie cap means your attribution dies before the decision is made — and every lost quote completion is a high-value conversion your ad platforms can't optimise for.

2-4 weeks

Comparison cycle

Customers compare multiple providers before committing to a policy

20-40%

Conversions hidden

Ad blockers strip analytics and conversion tags on quote journeys

£50-200

Cost per acquisition

Insurance CPAs are among the highest — every lost attribution is costly

FCA

Regulatory oversight

Financial conduct rules require strict data handling and audit trails

Why insurance attribution is uniquely challenging

Insurance combines high-value conversions, long comparison cycles, strict regulation, and sensitive personal data. Client-side tracking fails on every dimension.

Comparison outlasts cookies

Customers compare quotes across multiple providers over 2-4 weeks. By the time they bind cover, Safari has deleted the cookies that would attribute the conversion to your campaign.

Sensitive personal data

Quote journeys collect date of birth, health conditions, driving history, and address data. Third-party vendor JavaScript has DOM access to all of it.

Regulatory audit requirements

FCA, Solvency II, and GDPR require complete audit trails for data processing. Third-party tags send data to vendor servers with no visibility, no control, and no audit record.

How Signal recovers insurance attribution

Server-set 400-day cookies that survive the entire comparison cycle, automatic PII protection for sensitive quote data, and a complete audit trail for every data delivery.

400-day attribution

Server-set first-party cookies that persist far beyond the comparison window. When a customer returns to bind their policy weeks later, you know exactly which campaign and keyword brought them in.

  • Attribute policy binds to the original ad click
  • Track the full comparison journey across visits
  • Attribute renewals back to original acquisition channel

Automatic PII protection

Date of birth is stripped, postcode is masked, email and phone are SHA-256 hashed — all automatically before any data leaves your infrastructure. No vendor ever sees raw personal data.

  • Per-field PII rules: hash, mask, strip, pseudonymise
  • Date of birth never leaves your infrastructure
  • Hashed email enables ad platform matching without exposure

Regulatory compliance

Single-tenant VPC deployment, complete audit trail, and double consent enforcement. Deploy on GCP, AWS, or Azure with your encryption keys and full data residency control.

  • FCA and Solvency II audit requirements met
  • Complete before/after audit trail for every change
  • VPC deployment — data never leaves your infrastructure
Pipeline as Code

From quote to every ad platform — safely

A single quote_completed event captures the product type, quote value, and cover level. Sensitive fields are automatically hashed or stripped, then the event is delivered simultaneously to Google Ads, Meta CAPI, and GA4 — each receiving only the data they need in the format they expect.

  • Product type, quote value, and cover level captured
  • Date of birth stripped, postcode masked, email hashed
  • Consent verified at collection and again at delivery
  • One event, three vendor-specific payloads
pipeline/quote-completed.ymlYAML
# Quote Completed Pipeline
event: quote_completed
source: web

org_data_layer:
  schema:
    - field: properties.product_type
      type: string
      required: true
    - field: properties.quote_value
      type: number
      required: true
    - field: properties.cover_level
      type: string
    - field: properties.renewal
      type: boolean
  pii:
    - field: context.traits.email
      action: sha256
    - field: context.traits.phone
      action: sha256
    - field: context.traits.postcode
      action: mask
    - field: context.traits.date_of_birth
      action: strip
  consent:
    required: [analytics, marketing]

pipelines:
  - name: google_ads
    integration: google-ads-enhanced-conversions
    event_name: quote_completed
    mapping:
      - source: context.traits.email_hash
        target: user_data.sha256_email_address
      - source: properties.quote_value
        target: conversion_value
      - source: properties.product_type
        target: custom_variables.product_type

  - name: meta_capi
    integration: meta-conversions-api
    event_name: Lead
    mapping:
      - source: context.traits.email_hash
        target: user_data.em
      - source: properties.quote_value
        target: custom_data.value
      - source: properties.product_type
        target: custom_data.content_category

  - name: analytics
    integration: google-analytics-4
    event_name: generate_lead
    mapping:
      - source: properties.quote_value
        target: params.value
      - source: properties.product_type
        target: params.item_category
      - source: properties.cover_level
        target: params.item_variant

Attribution that survives the comparison cycle

Insurance customers compare 5-8 providers before binding cover. Every platform claims the conversion. Signal gives you configurable attribution models so you know which campaign actually drove the policy — not which platform is loudest.

Last Click

Attribute the policy bind to the final touchpoint. Simple, defensible for board reporting.

First Click

Credit the channel that started the comparison journey weeks before the bind.

Time Decay

Weight credit toward the touchpoints closest to the quote and bind events.

Position Based

40/20/40 — credit both the initial comparison search and the return visit to bind.

Linear

Equal credit across the full comparison journey. No channel overvalued.

Custom Rules

Define your own logic per product line — motor, home, life, commercial.

Built for regulated industries

Insurance companies operate under some of the strictest data regulations. Signal's architecture provides compliance by design — not by policy.

Regulatory frameworks

  • FCA Consumer Duty — demonstrate data handling controls
  • Solvency II — operational resilience and audit
  • GDPR — full data residency, DSAR, right to deletion
  • ePrivacy / PECR — consent enforcement at every stage
  • PCI DSS — no payment data in analytics events

Enterprise security

  • Single-tenant VPC on GCP, AWS, or Azure
  • AES-256-GCM encryption at rest with your KMS
  • TLS 1.3 in transit, zero-downtime key rotation
  • 5 RBAC roles with least-privilege access
  • Immutable audit trail — exportable for compliance review

Attribute every quote and policy to the right campaign

See how Datafly Signal recovers the attribution data that expires before your customers bind cover — with the compliance controls your regulatory team requires.

Request a DemoView Security