• http://www.rimmkaufman.com George Michie

    Matt, there is a great deal of confusion about this topic in the industry, and unfortunately I think you’ve added to it.

    The whole point of a redirect is to allow the tracking platform to set a first party cookie. At the time the confirmation page fires, the tracking platform is making a third party request, but it is a read request, not a set cookie request. I’ve never heard of a browser blocking read requests.

    Empirically, RKG’s redirect based tracking system (we can actually do either redirects or JS, but redirects provide much tighter tracking for reasons I’ve discussed in the past on SEL) sees higher conversion rates on iPads than desktop, and higher conversion rates on iPhones than any other smart phone which suggests that the default behavior isn’t clouding our vision.

    Maybe some tracking systems try to set third party cookies, but that would be pretty silly given that new versions of IE block the setting of third party cookies, too.

    In fact, if this was a problem it would impact any SaaS tracking system unless the end advertisers was comfortable giving over a piece of its domain, eg http://www.trackingplatform.advertiser.com, but that would be a bit scary for advertisers as it would allow the tracking platform to see the cookies set by the advertiser as well as the ones it sets.

  • http://www.rimmkaufman.com George Michie

    Matt, we did a bit more digging on this and we think we may have found your problem. The redirector has to be P3P compliant and have a Compact Privacy Statement that browsers can read to know you’re okay. Ours does, as do probably all platforms that use redirects. We noticed that http://www.marinsoftware.com does not have the necessary privacy statement, so if you’re testing out using your core domain as a redirector you’d certainly see wide drop off of cookie acceptance.

    Hope this helps.

  • http://www.rimmkaufman.com George Michie

    Thanks for the correction, Matt.

  • Joe Malley

    Is the “problem” the technology that circumvents the iOS default settings and user’s security preferences, or the use of an “invisible cookie” from a third party domain, coded as a first party domain, a domain other than the domain of the original page requested by the user?