October 10, 2017
The ability of web users to opt out of being tracked threatens analytics data. But, the entire discipline of web analytics is premised on cookies working. So, what next?
October 10, 2017
The ability of web users to opt out of being tracked threatens analytics data. But, the entire discipline of web analytics is premised on cookies working. So, what next?
The ability of web users to opt out of being tracked threatens analytics data. This is what happens when a user's browser rejects cookies that are set by an analytics vendor, such as Omniture and Google Analytics. The entire discipline of web analytics is premised on cookies working.
Today, I spent some time analysing web and mobile applications to understand their SiteCatalyst implementations and effectiveness. Companies with first-party cookies (Set A) had rejection rates between 1 and 5 percent. This is quite low and what I'd expect, as many websites — notably e-commerce sites — require first-party cookies to function. Companies with third-party cookies (Set B) had rejection rates between 15 percent and 20 percent.
The most interesting finding was the growth in the rejection rate for Set B. The cookie rejection rate for set B increased from 15.4 percent to 21.2 percent from October 2012 to August 2015.
Efforts towards greater consumer privacy have moved browser security increasingly towards third-party cookie rejection. One force behind the growing divide in the first party vs. third party cookie acceptance is the rise in mobile web usage.
In particular, the Safari browser — the default browser for Macs and iPhones — is the only major browser to reject third-party cookies by default. This has material implications for any website with substantial mobile traffic. As users become increasingly comfortable with browsing on mobile devices — smartphones and tablets — expect the gap between first party and third party cookie rejection to grow.
What I observed was quite surprising. 30-35% of web applications are using s_code version lesser than H.25 and fails to take advantage of first-party cookie (s_fid) set by js code while using a third-party cookie.In analytics world, cookies are used to track and count unique visitors.
But, before we move ahead let's understand first-party cookies and third-party cookies. First party cookies are set by the same domain as the page the user is currently viewing. Third party cookies are set by a domain different from the page the user is currently viewing. As browsers add features to support greater Internet privacy, the acceptance of third-party cookies is diminishing.
However, Adobe uses a fallback method to determine a unique visitor when cookies are rejected. The fallback method varies depending on the analytics code version implemented on your website. Broadly speaking, there are three possible fallback methods, the original method using IP address and user agent string, the new fallback method using the s_fid first party cookie, and the option to use a true first party cookie.
As we speak of fallback methods... it's important to know their impacts too. I have listed a below.
1. Third Party Cookie – Original Fallback Method:
All code versions previous to H.25.3 use the original fallback method to handle cookie rejection. When a third party or first party cookie is rejected by the browser, Adobe uses a combination of user's IP address and the user agent string to identify visitors.
Impact:
2. Third Party Cookie – New (s_fid) Fallback Method:
For analytics code versions from H.25.3 onwards, the code contains a new fallback visitor identification method. If the visitor id cookie is rejected, the code will set a first party cookie using the site's current domain. The new first-party cookie, s_fid, is created and set to a randomly generated unique ID with an expiration of two years. If a s_fid, first-party cookie cannot be set, then the Adobe solution will use the original fallback method of IP address and user agent combination.
Impact:
3. First Party Cookie:
For all versions of the analytics code, first-party cookie tracking is the recommended approach. First party cookie implementations provide the most accurate count of visitors because of the very low cookie rejection rate, as well as the guarantee of a unique and persistent visitor id value.
Impact:
Again, Adobe's recommends to always use first-party cookie tracking. First party cookies will always give you the most accurate visitor count. However, if you need to use third-party cookies, the new s_fid fallback method will provide you with a good degree of accuracy.
Now that you know how each method works, figure out which approach best meets your needs to be a profitable business.
Reference: Visits and Visitors; Cookies