First Party Cookie Confusion
Matt Hopkins posted in Visitor Segmentation, Web Analytics on August 1st, 2007
Cookies in their own right are really simple little things, the idea being that every time you view a web page on a website, you will be given a code to store on your local PC. The next time you come back to that site it can read your stored cookie and so count you as the same visitor who has returned.
So where is the confusion?
Well, the confusion comes when you start talking about first party and third party cookies and how they are treated differently by web browsers.
A first party cookie is a cookie that is given to the website visitor by the same domain (www.domain.com) that the web page resides on. Whereas, a third party cookie is one that is issued to the website visitor by a web server that is not on the same domain as the website. I’ve made a diagram below which shows how the first party cookie and third party cookie differ.
So when might a third party cookie be used?
Generally third party cookies are issued when are third party is interested in tracking your website visitor traffic, this could either be by a banner advertiser who places a number of banners on your site and wants to know how many times it has been requested, or it could be a third party hosted analytics vendor that issues a page tag for each of your pages that forces a cookie on your site.
In the last situation, where an analytics vendor issues a cookie through a page tag the cookie is seen as a third party cookie because it is being generated by the analytics server which is having the tracking 1×1 invisible gif image requested from it by the page tag. It is however possible to have an analytics cookie issued by the third party vendor but still look like a first party cookie.
There are 2 ways of achieving this:-
- Create a DNS alias for third party analytics server so that it looks like it is actually part of your domain and so anything issued by this server because 1st party (including cookies)
The obvious advantage of the DNS alias option is that you can have a smaller page tag which is quicker to load, however the cookie making page tag has an advantage over the DNS alias because no structural changes need to be made to the site’s infrastructure and the implementation of the tag should be more straight forward.
So, in the end you want to aim for a first party cookie as these are typically blocked by fewer browsers than third party cookies. To give you an example, I did a test a few weeks ago using on a site using a third party cookie and measured that over 70% of the cookies were being blocked. After a similar test using first party cookies only 30% were being blocked. This shows that although cookies aren’t as accurate as we might all like, all cookies are not created equal.