User logs in to the Facebook app, and Facebook ties the user's IDFA to their Facebook account.
User opens non-Facebook app X that uses the Facebook SDK for ads/tracking. App X sends the IDFA to Facebook, who then looks it up in their database and sees it on your account. They can now tie all user activity tracked by app X to the user's Facebook account.
Without IDFA, this kind of cross-app tracking becomes considerably more difficult.
User logs in to the Facebook app, and Facebook ties the user's IDFA to their Facebook account.
User opens non-Facebook app X that uses the Facebook SDK for ads/tracking. App X sends the IDFA to Facebook, who then looks it up in their database and sees it on your account. They can now tie all user activity tracked by app X to the user's Facebook account.
Without IDFA, this kind of cross-app tracking becomes considerably more difficult.