we have a unique issue.. it seems one of our payment processors offers additional options to users the first time they visit our payment page with the processor - being sent to it from our website. However, the subsequent times our users go to that payment page, those additional options are gone... we believe it has to do with cookie settings from the site.
Is there a way, with the users interaction/approval, to delete cookies from that other domain BEFORE we direct them to that payment page??
So, the process might look something like this:
1) User clicks payment link
2) Confirm box displays notice stating to enable 'these' features, they need to clear their cookies from the site they are being sent to..
3) User clicks yes and all cookies from the other domain are deleted
4) User is then directed to the payment page to complete payment with the additional features.
Thanks!
cookies do not work cross domain, so when your clients go to the payment site, the payment site can not read the cookies that are not set by them
It is a problem of you payment provider and he should solve it! Cookies cannot be read or modified from other domains for security and privacy reasons.
Related
I have been looking around the last few days for cookies and gdpr law, and I have been busy getting OneTrust and GoogleTagManager up and running on our current website and it works just fine!
On our Cookie consent banner, we have a "Reject all Cookies" button and then we do not load our tracking and other 3rd party scripts.
We have also added a list of all cookies etc. we use on the site that we receive automatically from onetrust. Necessary cookies for the site to work are loaded even if the user clicks Reject all cookies.
So some problems I have today:
Rectaptcha:
https://measuredcollective.com/gdpr-recaptcha-how-to-stay-compliant-with-gdpr/
https://www.imy.se/en/verksamhet/data-protection/this-applies-accordning-to-gdpr/transfer-of-data-to-a-third-country/
According to these links, we send sensitive information such as IP address to another country. as well as puts cookies on google's own domain google.com
If we decide that the user must ask for consent before using Google ReCaptcha cookies and then a spam/bot allows the possibility to deny these cookies. Then you have to ask if there is any point in using Google ReCaptcha in the first place?
I interpret this as meaning that we cannot use Google Recaptcha and have to change to another Recaptcha solution like hcaptcha.com?
A / B test.
https://help.optimizely.com/Account_Settings/Enable_opt-in_options_for_Optimizely_cookies_and_local_storage
In recent months, we have prepared some things to be A/B tested on the website. We already do not have that many users on the site and have to run our a/b tests for a slightly longer period for better results. Of course, an a/b test uses cookies and these cookies are counted as analytics cookies.
But now that we have "Reject all cookies" or "deny analytics cookies", we lose quite a lot of visitors and it becomes almost impossible to a / b test.
Is a/b test dead for smaller websites in EU?
Local storage
We save personal data when the user orders a service from us, in LocalStorage.
Does the website have to tell users, what and why we save it in LocalStorage?
When a user has clicked "X" on a popup, we save it in LocalStorage so that the user does not have to see the popup every time they come into the page. This is not necessary but improves the user experience. So are it considered necessary cookies or do we have to have the user consent to it?
On A/B testing, there are ways to run them without relying on cookies, and instead use a server-server integration that doesn't send any of the user information to 3rd party websites. This is accomplished by having a rules engine run locally on your own server and then only send exposure logs to the analytics service.
If you're curious, one such service with a rule-set based engine is: https://statsig.com.
Disclaimer: I work at Statsig.
An order confirmation email is sent for canceled/failed payments
User reach to the payment gateway, when reached to the cart after selecting final and reach to the payment page and user cancel the order but a successful email sent to the user did somebody face this issue before my open cart version 3.0
didn`t check the code yet, please tell me,
2) My website home page icons change into some encrypted boxes whenever some body visit my website first time later on user go in and visit some other pages and revisit the website home page, icons looks fine ,i refer so many links, even try to make changes in .htaccess file as well but nothing works,is there any way that i can fix it,i am providing my website site link,if you want because this issue never comes on local server,enter image description here,enter image description here
First thing that comes to mind is the order states options (system -> settings -> options). What state do the orders get when a payment is cancelled? Is the state unchecked for the 'order ready' states in the options?
This mainly depends on payment extension. Payment extension is responsible of setting correct order_status_id depending from 'error', 'failed', 'not completed' methods.
Sometimes, payment module has incorrect return callback links.
Again, check payment module methods.
I'm about to implement cookie consent for a website. As I understand it, cookie consent means that you shall not use cookies before you have received a consent from the user.
How can I know that a user have accepted cookies or not without storing this information in a cookie?
I'm assuming you mean the GDPR. Your understanding of it is incomplete: cookies that are necessary to deliver the site's functionality are allowed without consent. A cookie that merely stores consent is thus allowed, even if the user rejected other cookies.
I am not a lawyer, not legal advice, etc.
I sugest you set a cookie only if the user has accepted cookies. If this cookie is set dont ask again. Otherwise show the cookie consent banner again and again on every new site they visit as if they were new visitors.
What i find strange is that even big german sites like Stern.de, Focus.de, Spiegel,de and even the computer magazine heise.de are setting loads of cookies before they show the consent banner.
Even more strange is that while Stern.de and Focus.de also offer a complicate "Adjust" button (users usuarly dont click them because adjusting cookie preferences on every site is nerve wrecking), Spiegel.de and Heise.de dont even offer this. They just offer "Accept" or pay for a ad free version.
If you click on "Adjust" instead of "Accept" on the first sites they just close the consent banner.
So all the sites dont show a button to easily denie or delete cookies even i thought it has to be as easy to deny as to accept. Im not a lawyer too and this is no legal advice but if they all do it this way i guess this must be legal in Germany even it doesnt make any sence at all. Cookies are set no matter what the visitor does. The big question seems to be what es necessary? Are google Analytics und Adsense and others necessary to finance the server and keep the site online? Necessary cookies are allowed.
Writing this, there is an article in another big news site (that also sets loads of cookies before showing the consent banner and also just offers accept or pay buttons) saying someone had to pay €100 for not asking the visitor for his permission before even loading google fonts not even talking about analytics: https://t3n.de/news/google-fonts-illegal-urteil-dsgvo-1447698/
https://stackoverflow.com/q/70967060/12668719
Analytics Is there a setting on Google Analytics to suppress use of cookies for users who have not yet given consent
Adsense How To Make Adsense Load When Cookie Consent Given?
Check this open source solutionfor the EU cookie law compliance:
https://cookieconsent.osano.com/
The easiest and most effective way is to show a pop-up banner that explains which kind of cookies you want to store and provide an option to allow/disallow each cookie. When clicking Save, you have to handle which cookies were allowed and load them accordingly. Everything can be done in JS.
I am using universal analytics on my website via Google Tag Manager with data layer e-commerce tracking enabled.
The referral addresses are appearing to be coming from the payment providers (e.g. secure.arcot5.com)
I have included all my URLS in to the autolinker and after some testing the _ga cookie value appears to be consistent all the way through the booking process but it appears differently on the page after the secure payment takes place.
This suggests the session is being treated as a new one, hence the referral address issue I am having.
I have been trying to set a cookie on the entry page which equals the _ga cookie value but currently I am unable to retreive it on the confirmation page.
Has anyone got any ideas for a possible solution?
You will most definitely save my life!
Dan
Have you read this article? There could be a couple of pointers in there however I'm not sure what you have and haven't tried
Accurately reporting referrer from payments made with PayPal in Google Analytics
I want to implement a system similar to affilite tracking systems like Skimlinks, Viglink, etc. I searched their customer tracking systems. Found some information about tracking systems. I have also searched Analytics systems like Google Analytics, Piwik, OWA. There is a point I need to be guided.
When a user visits my website, clicks a product link of a shopping website like ebay, amazon, etc. I need to track the payment information of my user at the shopping website.
I achieved tracking user activity, clicks, etc on my web site with using Analytics's tracking methods (JS tracking). But I cannot find a way how Skimlinks or Viglink tracks user activity(succesful payment of users) in the shopping website which user redirected.
(Tracking user activity in the shopping website without using a service from shopping website, without Instant Payment Notification service of PayPay or something else)
I noticed Viglink and Skimlinks redirects user to their server before shopping and adds some additional information (like cookies, URL parameters etc)
Here is an example link to affiliate link of Skimlinks
website : http://www.capoeira-izmir.com/capoeira-kiyafetleri/
link : Street Abada
http://go.redirectingat.com/?id=25227X845172&site=capoeira-izmir.com&xs=1&url=http%3A%2F%2Fwww.ebay.com%2Fitm%2FHELANCA-POLYAMID-CAPOEIRA-PANTS-ABADA-YOGA-FREE-BONFIM-%2F280678232152%3Fpt%3DUS_CSA_MC_Pants%26hash%3Ditem4159b9f058%23ht_2891wt_1163&xguid=94275a6f74c7ce02bf4739e364d8831c&xcreo=0&sref=http%3A%2F%2Fwww.capoeira-izmir.com%2Fcapoeira-kiyafetleri%2F
It redirects user to go.redirectingat.com first, then a redirection is done to ebay.com/...
I also noticed that it adds an attribute to the url of ebay product link : afsrc=1
I guess it is "affiliate source = 1 " or something like that.
Any guidance or documents about this will be great for me.
Thanks in advance!!
I think your question is more about how online advertising works rather than technical.
This is a two parts answer.
1. How a conversion tracking works:
In any advertising platform that tracks conversions (any user action that happens in the advertiser property like, in example, a sale) you need to make a request to the advertising platform to notify this.
This is usually done by placing a "Tracking pixel" in the confirmation page the users see after performing the action, commonly known as the "Thank you page".
So the process goes like:
User goes to a website and sees an ad
User clicks the ad
The user's browser goes to the advertising platform (Adwords, Rightmedia, Appnexus, etc) and a cookie is placed in her browser. In this cookie there's a click ID, containing all the relevant information (website that originated the click, time, IP, campaign, etc) and it is redirected to the advertiser's website
The user lands in the advertiser website and "converts" (buys)
The user is redirected to the Thank you page where a "Tracking pixel" is placed, this makes a request to the advertising platform, which reads the cookies in the user's browser and if there's a match, logs the conversion.
Note: The previous example is a Client Side conversion. The same logic could be done in a Server Side request by the advertiser saving the "click id" in step 4 and sending it to the advertising platform in step 5. This is useful when the conversion occurs offline.
For more information: Adwords Conversion tracking: https://support.google.com/adwords/answer/1722054?hl=en
2. How I assume VigLink works
I noticed that many of the products VigLink tracks are from ClickBank, since this is the one I'm more used to, I will write the answer using this example.
You first need to be aware that VigLink is an "affiliate" of Clickbank. As such, it has a report of every sale made by users they referred. They, as affiliates, also have the chance to pass extra information in each click as a TID parameter. This TID sent as a URL parameter in the click will be shown in the sales report.
When a user clicks on a link to a clickbank product using VigLink. VigLink attaches their affiliate link to this same product and a unique TID. I assume this TID matches an ID in their database containing the information of the VigLink website who referred the click.
If the user buys the product, VigLink will see in their ClickBank report (I assume via the ClickBank API) the product bought and the TID, and so on they will know in which website the sale was originated.
Short answer: VigLink is not tracking user actions in the advertiser's website. They are just matching click IDs between their click tracker and the advertiser's reports.