ID Workaround for Safari Intelligent Tracking Protection

Apple Safari's Intelligent Tracking Protection (ITP) caps client-side cookies to a 7-day lifespan. For the purposes of ITP, client-side cookies are those cookies set via document.cookie, the traditional way to set cookies using JavaScript. This limitation directly affects Monetate's functionality because identifiers are intended to last much longer than 7 days so that Monetate can properly ensure, for purposes of analytics and WHO targeting, split assignment in tests (ensuring a customer always sees split A in a Standard Test experience, for example) and track customer behavior, such as returning sessions, products viewed, carted, and purchased over time.

With ITP 2.2, cookie lifespans can be further limited to 1 day if certain specific conditions are met. These conditions are strict and primarily exist to block what is known as link decoration, a tactic often used by trackers on social media. Link decoration involves the use of query strings for identifying users and doesn't directly affect Monetate's functionality.

By default, the monetateId set in the mt.v cookie has an expiration date of 5 years. When a customer returns to the site, the expiration date is further extended to 5 years from that visit. ITP2.x overrides the expiration date and potentially causes customers to be identified as new, thus making them eligible for different variant assignment in testing experiences, as well as preventing the persistent tracking of customer behavior.

To get around ITP2.x issues, you must configure the Monetate tag to look to a client-defined unique identifier instead of the Monetate–generated mt.v cookie value (monetateId).

Implementing the Workaround

Monetate clients are responsible for establishing and determining a persistent identifier for the device/browser. This persistent identifier can be from any cookie or JavaScript variable as long as the value is consistent for that customer in that device/browser combination and is present before the Monetate tag runs.

For Monetate JavaScript API Implementations

If you're leveraging the Monetate JavaScript API to implement Monetate, then you must add the following code to every track request made on-site, replacing 'string' with the device/browser unique identifier as defined in your implementation:

deviceID Workaround


For Custom Integrations

If you rely on a Monetate–managed custom integration, a script update is required so that the Monetate tag looks to your client-defined unique identifier instead of the monetateId (mt.v cookie) generated by the tag.

Contact your Client Success Manager (CSM) if you're unsure if you use the Monetate JavaScript API or a custom integration maintained by Monetate.

Testing the Workaround

After you make the updates, you can use the Monetate Inspector browser plug-in to check that deviceId is being used instead of monetateId. To accomplish this task, click the additional options menu (...) on the Track tab.

The same updates to Safari's ITP that block third-party cookies on your site also prevent Monetate Inspector from working in Safari. No known workaround for Monetate Inspector is available at this time. Monetate recommends using a different browser such as Chrome to use the Inspector tool.

This screenshot of Monetate Inspector shows that the site is using the monetateId generated by the Monetate tag.

The Track tab of Monetate Inspector, with a Monetate tag-generated Monetate ID in use


This screenshot of Monetate Inspector shows that the site is using deviceId.

The Track tab of Monetate Inspector, with a device ID in use