Pardot Cookies Update: First-Party vs Third-Party

This blog was written before Pardot was renamed to Marketing Cloud Account Engagement. You can read more about the name change and what it means here.

We all know about third-party cookies, these have been the basis of tracking visitors across the web for years. However, third-party cookies are being blocked by more and more browsers to protect consumers' privacy. As part of the Summer ’20 release, Pardot announced support for first-party cookies in an open beta.

The difference between third-party and first-party cookies

Generally speaking, most browsers accept first-party cookies by default, as their primary role is to allow customisation and improve user experience.  

From a technical perspective, there isn’t much difference between first and third-party cookies. The distinction is in the detail, and lies in the context of a particular visit and who creates a cookie:

• First-party cookies are created and viewed by the website operator of the website we are visiting. They allow website owners to collect analytics data, remember language settings, and help provide a good user experience.

• Third-party cookies are created by domains other than the one we are visiting directly, hence the name third-party. They are used for cross-site tracking, retargeting and ad-serving. 

Why the move to first-party Pardot cookies?

Pardot’s move from third to first-party cookies is to first protect consumer privacy but also to record prospect activity, give us more flexibility with campaign attribution, and block traffic that doesn’t come from our domains. 

Third-party cookies have been used heavily in online advertising. As advertisers add their tags to a page they can display ads, as well as track users and devices across the different sites they visit. From a user’s perspective, it’s hard to understand who is doing what with their data, which is why many now block cookies.

With more and more browsers blocking third-party cookies, Pardot has announced timelines for when they’ll start doing so. It’s key to get ahead of this sooner rather than later! 

Benefits of first-party cookies

First-party cookies bring considerable advantages for website operators, such as:

• When using first-party cookies it means we are collecting data via our own domain - meaning greater control and full ownership of data.
• Longer life-span! First-party cookies don’t fall into automated cookies blockers like private/incognito browsers or ad blockers.
• Using branded domains. First-party cookies highlight our brand to users instead of another site.
• A new first-party tracking code - this sets up three key pieces of information (piAId, piCId AND piHostname) and then loads the actual Pardot tracking code.

They also offer further benefits for user experience:

• Our language is set when we visit a website that is also available in other languages.
• Login data (except the password) is automatically entered for a faster log in.
• Web forms suggest information we have already entered e.g. addresses.
• Search masks suggest the most recently entered search terms so that we can return to a specific page of results faster.

Ideal candidates for Pardot’s first-party tracking beta meet most of these criteria:

• Don’t use iframed Pardot forms.
• Only using one tracker domain, or tracker domains are all subdomains.
• Tracker domains are HTTPs-enabled.
• Flexibility to update campaigns without replacing Pardot tracking code.
• You can easily change the Pardot tracking code on your website.
• You’re creating new marketing assets.

For best results, we recommend enabling third-party cookies during the transition to full first-party tracking.

Considerations

It’s key to remember that first-party Pardot cookies is currently a beta feature, so it may not be perfect just yet and things may go wrong!

• List emails: To track links in list emails, the system rewrites the link to your primary tracker domain. If a link points to a different tracker domain, it prevents the activity from being properly tracked by first-party cookies. To avoid this, use an email template and specify a tracker domain.

• iframed forms: Forms that use iframes result in simultaneous tracking requests to Pardot, which can cause form view data to be disassociated with the visitor ID. To preserve page view data during the beta, form view data is not recorded when no visitor ID is present and third-party cookies are turned off.

• Tracker domains and the API: The Account API endpoint provides automated tracker code embedding for only your primary tracker domain. With first-party cookie tracking, converting a prospect on one of your sites will no longer track prospect activity on your other website(s) automatically. If you have multiple tracker domains, you must manually add tracker codes for all domains except your primary domain.

The move to first-party tracking is a huge and essential change for security, but, it is an optional change for now. 

Many browsers have blocked third-party cookies or have announced timelines when they’ll start doing so. Any site can follow suit so making the switch is something that we highly recommend in the current cookie climate!

Have questions about Pardot cookies or anything else Pardot-related? Get in touch for a chat!