The ability of web users to opt out of being tracked threatens web analytics data. This ability is what happens when a user’s browser rejects cookies that are set by a web analytics vendor, such as Omniture and Google Analytics. The entire discipline of web analytics is premised on cookies working.

Today I spent quite some time analyzing web/mobile applications to understand their SiteCatalyst implementations and effectiveness.

Companies with first-party cookies(Set A) had rejection rates between 1.0-5 .0 percent. This set is quite small and in keeping with what I would expect, as many websites — notably e-commerce sites — require first party cookies to function. Companies with third party cookies(Set B) had rejection rates between 15 percent and 20 percent.

The most interesting finding was the growth in the rejection rate for Set B. The cookie rejection rate for set B increased from 15.4 % to 21.2 % from October 2012 to August 2015.

Efforts toward greater consumer privacy have moved browser security increasingly toward third-party cookie rejection. One force behind the growing divide in the first party vs. third party cookie acceptance is the rise in mobile web usage.

In particular, the Safari browser — the default browser for Macs and iPhones — is the only major browser to reject third-party cookies by default. This rejection has real implications for any website with substantial mobile traffic. As users become increasingly comfortable with browsing on mobile devices — smartphones and tablets — expect the gap between first-party and third-party cookie rejection to grow.

What I observed was quite shocking for me. I noted that 30-35% of web applications are using s_code version lesser than H.25 and fails to take advantage of first party cookie (s_fid) set by js code while using a third party cookie.

In web analytics world, cookies are used to track and count unique visitors; before we move ahead let’s understand first party cookies and third party cookies.

The same domain sets first party cookies as the page the user is currently viewing.

Third party cookies are set by a domain different from the page the user is currently viewing. As browsers add features to support greater Internet privacy, the acceptance of third party cookies is diminishing.

When cookies are rejected, Adobe uses a fallback method to determine a unique visitor. The fallback method varies depending on the web analytics code version implemented on your website. Broadly speaking, there are three possible fallback methods, the original method using IP address and user agent string, the new fallback method using the s_fid first party cookie, and finally, the option to go with a valid first party cookie.

1. Third Party Cookie – Original Fallback Method:

All code versions previous to H.25.3 use the original fallback method to handle cookie rejection. When the browser rejects a third party or first party cookie, Adobe uses a combination of user’s IP address and the user agent string to identify visitors.


• Multiple users may be counted as a single visitor.  If two users are on the same network and use the same browser, which rejects third party cookies, then both users will appear to have the same IP address and potentially the same user agent string, resulting in two separate users being counted as a single visitor.

• A single visitor may be counted multiple times: If a user is IP address changes halfway through the visitor the user agent variations in the future, a new visit and visitor will be counted as the same user.

2. Third Party Cookie – New (s_fid) Fallback Method:

For web analytics code versions from H.25.3 onwards, the code contains a new fallback visitor identification method. If the visitor id cookie is rejected, the code will set a first party cookie using the site’s current domain. The new first party cookie, s_fid, is created and set to a randomly generated unique ID with an expiration of two years. If a s_fid, first party cookie cannot be set, then the Adobe solution will use the original fallback method of IP address and user agent combination.


• Visitor accuracy matches right first party cookies: This solution sets a first party cookie, and its rejection rate is as low as any first party cookie implementation.

• Visitor Uniqueness: The methodology used to generate the s_fid value does not guarantee a unique value for each visitor. Factors that impact uniqueness include the volume of s_fid values set across the site and the number of concurrent hits from visitors who arrive at the same millisecond. It is important to note that the odds of this are minimal, and you should not notice an even remotely significant difference between visitor counts using this methodology and using CNAME first-party cookies.

• The decrease in visitors after code update: If you update your Adobe web analytics system to H.25.3 or higher, you may see an overall decline in your visitor count because of the decrease in overall cookie rejection.

3. First Party Cookie:

For all versions of the web analytics code, first party cookie tracking is the recommended approach. First party cookie implementations provide the most accurate count of visitors because of the meager cookie rejection rate, as well as the guarantee of a unique and persistent visitor id value.


• The decrease in visitors after update from the original: If you choose to transition from the primary fallback method to first party cookie, you will see an overall decline in unique visitor count resulting in a more accurate report.

• Increase in visitors after update from s_fid: If you choose to transition from the s_fid fallback method to actual first party cookie, during the transition phase, you will see an increase in visitor count because Adobe will disregard the s_fid value and instead set a new cookie value resulting in visitors being recounted.

Again, it is Adobe’s recommendation always to use first party cookie tracking when possible. First party cookies will always give you the most accurate visitor count. However, if you need to use third party cookies, the new s_fid fallback method will provide you with a good degree of accuracy. Now that you know how each method works, I hope you can figure out which approach best meets your needs!

Now you are paying huge Money to Adobe and failing to take advantage of these fallback methods in this competitive world? Which experience a higher rejection rate for third party cookies is beyond comprehension.

Amit Kumar

Results driven Adobe Certified Architect with extensive experience managing and implementing marketing Strategies to drive business growth. Enjoy optimizing the customer experience through the use of data, futuristic thinking + channel mixing – e.g., using creative combinations of traditional methods + shiny new toys like automation platforms.


Leave a Reply

Avatar placeholder

Your email address will not be published.