How An iOS 6 Change Makes It Seem Like Google Traffic From Safari Has Disappeared

A change in iOS 6 made by Apple and not anticipated by Google means that for the past week or so — and likely for some weeks to come — those reaching web sites from Google’s search engine after doing searches from within Safari will be counted as “direct” traffic rather than “search” traffic.

As we reported last week, those using the built-in search box within Safari are now having their searches sent though Google SSL Search, if they use iOS 6. Apple apparently made this change in order to increase privacy for searchers. It won’t officially confirm that but neither is it saying that our assumptions are wrong.

Only Apple could have made the change within the Safari search box (Google certainly didn’t ask for it, as explained below). The shift to using Google SSL Search is similar to how Firefox made a similar change earlier this year and Google itself did so last October, for signed-in users.

Change To Protect Privacy

In those cases, the change meant that what people searched for wasn’t exposed to potential “eavesdropping” when they clicked on a link from Google’s search results and were sent to a destination web site. This type of eavesdropping can happen because normally a web browser sends what’s called “referrer” information when someone clicks from one page to another. It’s sort of like a Caller ID for the web.

The browser reports the URL of the page you clicked from to reach a new page. If that page is from a search engine, the referrer often contains what you searched for in it. In this way, analytics programs like Google Analytics can separate out “search” traffic from “referral” traffic and show the most popular terms used to reach your web site.

Our article, The Death Of Web Analytics? An Ode To The Threatened Referrer from 2010, explains more about how referrers work to pass search terms.

“Empty” Searches

Last year, Google stopped passing search terms when it switched on Google SSL Search for signed-in users, except for when people clicked on ads. Those referrers still exposed search terms, a potential eavesdropping leak, but a compromise Google felt comfortable with. The stories below explain more about this:

Even with the change, publishers at least could tell that a search referral had happened. That’s because Google SSL Search was configured to still pass along referral information, just stripped of the actual terms. In other words, publishers were told an “empty” search had happened to reach their web sites (something Google Analytics reports as “not provided”).

When Firefox began using Google SSL Search earlier this year, more search term data was lost, more “empty” searches reported — but at least the traffic still appeared as if it was coming from Google searches. That’s not the case with Apple’s shift.

Searches Become “Direct” Traffic

As it turns out, Google SSL Search is configured by Google differently for mobile browsers. The mobile version doesn’t send any referral information at all. Nothing goes out to publishers from a click on unpaid listings. Nothing goes out from paid listings (except within the AdWords reporting system).

It’s not just that search terms are stripped. No referral is passed, period. This means that anyone who does a search using Google through Safari’s search box in iOS 6 and clicks from Google’s results to a site will appear to the publisher as if they directly went to the site rather than having found it via Google.

Consider these stats from Search Engine Land, drawn from the past three weeks. They show visits to us by iOS operating system version. You can see that iOS 5.1.1 is the leading source (51%), with iOS 6.0 right behind (37%):

Now consider these stats, which show that for iOS 5.1.1, the leading way users of that operating system find our web site is through Google (27%) followed by direct visits (22%):

Here’s the situation for iOS 6 visitors:

Google drops from the leading source of iOS traffic (as it was with iOS 5) down to fourth, at only 9% overall. Visitors using iOS 6 finding us directly skyrockets to 49%, if you believe the stats.

You shouldn’t believe them. People haven’t suddenly changed their behavior in iOS 6, seeking us out directly. It is, as I’ve explained, that iOS 6 now sends many Google searchers through Google SSL Search, where the lack of referral information means stat programs assume they are direct visitors.

By the way, an easy way for those with Google Analytics to see the impact on their own sites is a special comparative dashboard Dan Barker created; read more about it here.

Google SSL Search: Desktop Vs. Mobile

To recap, searches made through Google SSL Search operate like this:

  • Desktop: Referrers passed from unpaid listings, stripped of search terms; full referrers passed from paid listings
  • Mobile: No referrers passed from any listings

The only caveat is that if someone clicks from a Google SSL Search listing that leads to a secure web site, then the full referrer would pass. This is technically how referrer passing should always work. It doesn’t work that way with desktop search because Google has deliberately changed things to ensure that search traffic can be registered in some way (“empty” searches for unpaid listings; full search term data for paid clicks).

The Speed Issue

So why hasn’t Google made the mobile version of Google SSL Search work the same way? Speed, it seems. Google told us:

If you go to on most mobile web browsers today, you don’t get SSL. Currently there’s significantly more latency for SSL connections on mobile devices that we believe creates a poor user experience, so we’re looking into the best way to make HTTPS connections faster on mobile devices. That’s why we don’t yet show personal results on mobile, either.

For now, SSL Search on desktop continues to be a leader for offering more secure searches, which other major search engines don’t offer in any form.

For the web browser on iOS 6 with SSL on by default, our web servers don’t yet take that fact into account. We’re investigating different options to address this issue.

To be clear, if you’re on Safari (or any mobile web browser) and you sign-in to Google, you will not automatically be shifted to a secure connection for your searches, as you would if you did the same using a desktop browser. That’s because doing so would slow things down. Google wants to keep things speedy, so privacy from potential eavesdropping is deemed less important with a mobile connection.

But anyone can force a secure searching connection by going to Google’s SSL Search ( That’s what Apple is doing. It’s routing searches there. Since Google wasn’t expecting this, it hasn’t changed how the mobile SSL connection passes referrers.

Google Fix Might Restore Referrals (& Make Privacy Worse)

Hopefully, Google will fix things on its end quickly. It’s unlikely that Apple’s going to change people back to a less secure connection. It is likely that searches done with Google and through Safari’s search box will continue to grow, as people continue to upgrade to iOS 6. That means more of those searches will mistakenly appear as direct traffic (this isn’t an issue for the alternative Safari search engines of Bing and Yahoo, since they have no secure search that Apple can route people to).

There’s also a rich bit of irony. Right now, Apple’s change means that many iOS 6 mobile users are getting a more secure version of Google SSL Search than desktop users, since the mobile version doesn’t have the deliberate leak to advertisers that Google allows. If Google “fixes” the mobile version to operate like the desktop version, it will actually have made it less secure.

Alternatively, Google could make a fix that allows referrals to pass from unpaid links and ad links but stripped of search terms from both. Doing so would ensure that search traffic would be properly registered but without the hypocrisy to declaring that search terms are so private that they need protection from eavesdropping except when it comes to keeping advertisers happy.

Related Articles

Related Topics: Apple | Channel: Analytics | Features: Analysis | Google: Analytics | Google: Privacy | Top News


About The Author: is a Founding Editor of Search Engine Land. He’s a widely cited authority on search engines and search marketing issues who has covered the space since 1996. Danny also serves as Chief Content Officer for Third Door Media, which publishes Search Engine Land and produces the SMX: Search Marketing Expo conference series. He has a personal blog called Daggle (and keeps his disclosures page there). He can be found on Facebook, Google + and microblogs on Twitter as @dannysullivan.

Connect with the author via: Email | Twitter | Google+ | LinkedIn


Get all the top search stories emailed daily!  


Other ways to share:

Read before commenting! We welcome constructive comments and allow any that meet our common sense criteria. This means being respectful and polite to others. It means providing helpful information that contributes to a story or discussion. It means leaving links only that substantially add further to a discussion. Comments using foul language, being disrespectful to others or otherwise violating what we believe are common sense standards of discussion will be deleted. Comments may also be removed if they are posted from anonymous accounts. You can read more about our comments policy here.
  • robertoblake

    Apple really needs to work on the relationship it has with its partners like Google. In making these changes to suit their agenda they are overlooking consequences that with a little distance from the “Apple-centric” mindset become obvious.

  • James Royal-Lawson

    If someone clicks from a Google SSL Search listing that leads to a secure web site, the full referrer *doesn’t* pass as Google “bounces” those clicks via a http redirect; which of course causes the original referral data to be stripped.

    What’s happening in at the moment is that https Google searches on “mobile” devices (irrespective of browser) *aren’t* getting bounced via the http redirect, meaning the referrer header is empty.

  • Bob Bigellow

    With Steve Jobs gone, Apple’s knee-jerk decisions are stacking up.

  • Danny Sullivan

    It’s not down the redirect. You’re thinking of official https specs. Read my previous articles. Google can (and does) pass to its own secure server, then forward that information outward through a non-secure referrer when it wants. And this is what it does for desktop SSL searching.

  • Danny Sullivan

    It’s not really down to Apple. Google provides this service for anyone to use it. It actually has encouraged the idea of secure searching. Google just didn’t anticipate that it would be used in the mobile space, apparently.

  • Danny Sullivan

    Apple is simply doing what Firefox and Google itself already do.

  • James Royal-Lawson

    Yes, that is what happens with desktop SSL – although I hadn’t read or realised that was “when it wants”. I’ve only ever experienced the https->http->destination redirect chain – hence my disagreement with your caveat in the article about Google passing the full referrer when the destination is a https page.

    And I’ve done some more testing now, and I agree it’s not down to the redirect.

  • figment88

    While ios6 referral stripping certainly seems to be the big cause in the surge of apparent direct traffic, I think another feature might also be leading to more direct searches.

    iCloud Tabs in ios6 keeps track of your browsing across devices. It seems this feature will work a lot like bookmarks allowing people to get websites for return visits. This will likely replace some brand searches as a way to return to websites.

  • Kalatantra Consultancy

    web design company navi mumbai, web design company navi mumbai, website design navi mumbai , web development company navi mumbai , web development navi mumbai, seo company navi mumbai, website development company navi mumbai, seo services navi mumbai , web designing company navi mumbai, web design companies in navi mumbai, seo companies in navi mumbai, IT outsourcing company navi mumbai, web development companies in navi mumbai, navi mumbai web design company, navi mumbai seo company, web design navi mumbai

Get Our News, Everywhere!

Daily Email:

Follow Search Engine Land on Twitter @sengineland Like Search Engine Land on Facebook Follow Search Engine Land on Google+ Get the Search Engine Land Feed Connect with Search Engine Land on LinkedIn Check out our Tumblr! See us on Pinterest


Click to watch SMX conference video

Join us at one of our SMX or MarTech events:

United States


Australia & China

Learn more about: SMX | MarTech

Free Daily Search News Recap!

SearchCap is a once-per-day newsletter update - sign up below and get the news delivered to you!



Search Engine Land Periodic Table of SEO Success Factors

Get Your Copy
Read The Full SEO Guide