First-party cookie vs Third-party cookie: what’s the difference?

By Juliette Belfiore
19 Jul
2021

In January 2020, Google announced its plans to downgrade ⏏️ third-party cookies from its Chrome browser by 2022. In May 2021, the Apple iOS update 14.5 has been launched: every user could choose to allow or block sharing their IDFA (unique identifier) to track their activity. Many browsers had already blocked the third-party cookies a long time ago. ⌛💣


Cookies are a mainstay of digital advertising. With the gradual disappearance of third-party cookies, it has never been more important for Marketing Managers to understand the context and the situation.🔆


Here are some questions revealed by this topic, detailed in this article =

- Why will the third-party cookie disappear?

- For the future of online advertising, why do you need to be up-to-date on first-party cookies?

- Why PixelMe is definitely the tool all savvy marketers should adopt before third-party cookies end?


Let’s analyze it. ✔️


I.  First-party cookie VS. third-party cookie

1/ What is a cookie?

2/ What is the first-party cookie?

3/ What is the third-party cookie?

4/ Main differences between a first-party cookie and a third-party cookie


II. The third-party cookie is dying, long life to the first-party cookie!

1/ The vice tightens around the third-party cookie

2/ New life for the first-party cookie! 

3/ The Facebook case

4/ PixelMe: the tool all savvy marketers must adopt!



I.  First-party cookie VS. third-party cookie


1/ What is a cookie?


Web servers don't have their own memory: cookies are used by websites to remember user actions. This way, they aren’t asked to perform a task over and over again. They help provide a better and more personalized user experience.


Concretely speaking, this is a small file that contains some letters and numbers, and other information such as the domain, the expiration date… It is downloaded on your computer when you visit an Internet site.



First and third-party cookies are both employed to track user behavior. They have similar goals but are collected and applied in different ways.


2/ What is the first-party cookie?


A first-party cookie is created and stored by a domain or a website that you have visited. When you come back to the website, all data have been held. It improves your user experience.


Here are some analytic data recorded by the first-party cookie

  • user name
  • password
  • address 
  • language preferences
  • payment information 
  • shopping carts

➡️ Let’s take an example when you sign in with Amazon. Your browser will send a request that provides the highest level of trust because you are directly interacting with Amazon. Your browser will save this data file on your computer, under the “amazon.com” domain. 

If first-party cookies are blocked, you would be required to log in each time and add your card information with each purchase. 

©️ clearcode.cc/blog/facebook-first-party-cookie-adtech/


3/ What is the third-party cookie?


A Third-party cookie is created by a domain other than the one you are visiting directly, hence the name “third-party”. 

These are usually used for online advertising purposes and placed on a website through a script or tag. 

A third-party cookie is accessible on any website that loads the third-party server’s code.


Here are applications of third-party cookies :

  • Retargeting: using search activity to retarget you with ads based on products and services you have already noted interest
  • Cross-site tracking: collecting browsing data from diverse sources that report your activity
  • Ad-serving: making decisions about the ads that appear on a website, deciding when to serve these ads, and collecting data (and reporting said data including impressions and clicks) to educate advertisers on consumer insights and ad performance.

➡️ Let’s continue with an Amazon purchase. You could spend some time on multiple product pages. When you decide to buy one item, you may later receive emails and other ads for the shoes you have looked at, but never purchased. Even if you close the browser and end the session, that tracking data will still be on your computer.


4/ Main difference between first-party cookies and third-party cookies

  • Usage

Technically, first-party cookies and third-party cookies are the same types of files. The only difference is in the way they are created and used by websites.


  • Storage

A first-party cookie is set by the publisher’s web server. A third-party cookie can be set by a third-party server, or by a code loaded on the publisher’s website.


  • Browser

First-party cookies are supported by all browsers and can be blocked or deleted by the user. Many browsers now block the creation of third-party cookies by default


➡️ To sum up, if you visit a website called pixelme.com, all cookies placed on this website by pixelme.com would be first-party cookies. All cookies placed on pixelme.com by any other site, such as a social media site or an advertiser, would be third-party cookies.



II. The third-party cookie is dying, long life to the first-party cookie!

1/ Issues around the third-party cookie


  • Transparency

For many years, third-party cookies have gone under the radar of online Internet users and have enabled advertisers and publishers to collect data from them as they move from site to site.

As is often the case, third-party cookies are often set by companies that the user has never heard of or with which they have never interacted.

After years of abuse by advertisers, users have become more aware of the situation and are asking for more transparency. Public perception of cookies began to be suspicious.😑



  • Ineffectiveness

Third-party cookies are becoming increasingly ineffective for advertisers to target users and track performance. Users now use multiple connected devices and use them interchangeably. Third-party cookies cannot be transferred between devices or even between apps, which means it is very difficult to follow a customer's entire shopping journey. This causes issues with correctly attributing conversions and budget to the right channels, ultimately resulting in waste.

  • Pressure

Awareness of privacy concerns and the introduction of European privacy-centric laws (GDPR and ePrivacy) have prompted online advertising technology companies to change the way they collect, store and use visitor data.


2/ Restrictions: the vice tightens around the third-party cookie 😨

  • Safari, Firefox

Safari and Firefox have decided to block third-party cookies since 2013.


Apple's iOS 14 update was released in April 2021. Now, whenever a user downloads or updates an app, their consent is required. The iOS 14.5 update sends users a push notification prompting them to allow apps to track activity. It gives users the option to block sharing of their IDFA (Unique Identifier) ​​at the application level.


  • Google

In January 2020, Google announced that they will deprecate third-party cookies over the next two years. Google chooses for its browser Chrome the more ethical approach of capitalizing on proprietary data to optimize the customer experience and the loyalty of identified Internet users.


3/ New life for the first party cookie! 


Only cookies classified as “strictly necessary” will be exempt from the cookie consent notification and even then, you will need to explain somewhere what these cookies are doing.


Savvy marketers must know above all that first-party cookies are the key to relationships with publishers and brands.

Now is the time ⌛ for marketers to reach customers and drive performance without third-party cookies.


Advertisers are going to be imaginative to use data from the first-party cookie for targeting or retargeting. For instance, using: data from a CRM, data entered by Internet users in forms relating to registrations, access to content, services, or purchases on the Internet, or navigation data (by sites for example). 


Other companies are working on the implementation of third-party identification data excluding cookies to compensate for their disappearance.


4/ The Facebook case


The website Clearcode explains in detail how does the Facebook pixel work here :

clearcode.cc/blog/facebook-first-party-cookie-adtech/


Here is a quotation :

“Simply put, Facebook’s new first-party cookie pixel is a workaround for cookie-blocking techniques like Apple’s ITP. The cookie looks like it’s coming from the site displaying the ad, while in fact, it sends data back to Facebook and, as such, performs functions typical of third-party cookies.

Abandoning the “legacy” third-party cookie and switching to the first-party cookie as the default option for the Facebook pixel is intended to help businesses continue using analytics and tracking ad attribution, independently of the browser they’re using.”


➡️ In other words, you can continue to track data with Facebook ads as it is with third-party cookies. As data are sending back to Facebook, this is considered as first-party cookies and not third-party cookies.

4/ PixelMe: the tool all savvy marketers must adopt!


🔆🔗PixelMe is not impacted by the disappearance of third-party cookies thanks to the Facebook workaround. 90% of our customers are doing ads from Facebook to third-party platforms, so Facebook will still (and always) be able to track and retarget people who clicked on PixelMe links! 🔗🔆


“The disappearance of the third-party cookie is quite a bad news for advertisers. It is a very powerful tool that allows you to send ads in a targeted manner.
But it can also be bad news for users: the third-party cookie has the merit of helping to display advertisements that are of much more interest to us. 
However, more privacy can be salutary for the web. And we have no doubt that marketers will redouble their imaginations to offer more and more interesting content for the end user.”


Tom Benattar, CEO of PixelMe