Expand my Community achievements bar.

Applications for the 2024-2025 Adobe Analytics Champion Program are open!
Apply Here
SOLVED

The Impact of Third-Party Cookie Deprecation on Adobe Analytics

Avatar

Community Advisor
Community Advisor
4/23/24 5:22:36 AM

Hi Team,

The Cookies that are placed by Experience Cloud VisitorID and Adobe Analytics are First Party Cookies and can see that SameSite is blank and and secure not set by default.

 

So wanted to check if the Third Party Cookie deprecation would impact these Experience Cloud VisitorID and Adobe Analytics  cookies ?

Any guidance would be really helpful.

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

Analytics

Views

521

Replies

6
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
4/25/24 6:25:14 AM
In response to ambikaTewari_ATCI

@ambikaTewari_ATCI I believe that all third party cookies, including the demdex cookies are subject to the restrictions, unfortunately...

View solution in original post

Views

410

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
6 Replies

Avatar

Community Advisor
Community Advisor
4/23/24 10:39:45 AM

That is a really good question.. and one that I am not sure about... a few years ago, I had added the "secureCookies" true setting into my Visitor ID Service extension... I am sure it used to work... so I was a bit surprised to see that my cookies are also not secure right now.... 

 

I did a  quick search and found this: 
https://experienceleague.adobe.com/en/docs/analytics/implementation/vars/config-vars/writesecurecook...

 

Now this will only apply to the s_fid, s_cc and s_sq cookies, but it did say that we can get secure s_vi and s_ecid cookies by contacting Client Care?

 

So that might be worth a check...

 

As to why there is an option to set "secure cookies" in the extension, if it's not going to actually work, I cannot answer that one.... I guess maybe it made my AMCV cookies secure...

Views

486

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
4/23/24 11:09:28 PM

SameSite and Secure attributes are another level of security control on cookies and should be impacting the ECID cookies and the capabilities of tracking. Moreover, as you are aware ECID cookies are first-party cookies so they are not impacted by the deprecation of third-party cookies. You can try to actively disable third-party cookies on your browser and observe, you will find ECID retained and sent over to Adobe in the web beacon for tracking.

 

Just an update from Google that they are delaying the phase-out of third-party cookies on Chrome again.

Update on the plan for phase-out of third-party cookies on Chrome (privacysandbox.com)

Views

475

Replies

4
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
4/24/24 6:17:58 AM
In response to leocwlau

While ECID should be first-party, as you said @leocwlau, server-side set first party cookies (and those that are secure and "same site") are treated as a cookie with less restrictions... generally....

 

However, even those are under more strict restrictions now..  

 

I would say anything we can do to improve the authenticity of the cookies would be a good thing, and secure and same site are some of the ways to do that.

Views

460

Replies

3
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
4/25/24 12:27:58 AM
In response to Jennifer_Dungan

Hi @Jennifer_Dungan  and @leocwlau Thank you  for the valuable feedback.
So demdex cookie is set in the third-party, demdex.net domain in the browser. This domain is separated from the site currently visited by a user.

Unlike the first-party, AMCV cookie, the demdex cookie and ID persists across different domains.  I have checked it and could see sameSite as None and secure is set by default. So this demdex will also not be impacted by 3rdParty cookie deprecation, can I assume it ? As I read somewhere (not able to find that link), if 3rd Party cookies having sameSite as None and secure is set then such cookies will not be impacted. Or CNAME implementation should be the final solution ?

Views

426

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
4/25/24 6:25:14 AM
In response to ambikaTewari_ATCI

@ambikaTewari_ATCI I believe that all third party cookies, including the demdex cookies are subject to the restrictions, unfortunately...

Views

411

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 4
Level 4
4/29/24 12:02:38 PM
In response to Jennifer_Dungan

@ambikaTewari_ATCI currently, Adobe's ITP is detecting all "cloaked" CNAME requests as going to Adobe IPs and hence treat them as 3rd-party cookie in terms of lifetime (7 days).

 

This blog explains it in more detail.

Views

356

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
In Page view call need to add additional events (page load time, time spent on previous page) from data-layer Solved

Views

134

Likes

0

Replies

8
use of .shtml has issues tracking campaign IDs

Views

42

Likes

0

Replies

0
Click count vs page views of referrer

Views

100

Likes

0

Replies

3
The Library Loaded (Page Top) Event is not consistently being triggered on iFrame when embedded on a parent page

Views

84

Likes

0

Replies

0
Average bounce rate for adobe analytics does not seem to be accurate

Views

75

Likes

0

Replies

1