Effectively tracking site visitors is extremely important for gathering accurate site-activity metrics. Over the last few years, cookies have gotten almost as bad a reputation as the more well-known chocolate chip variety (my personal favorite) have among the diet conscious. The former has a reputation for invading privacy; the latter for expanding waistlines.
Cookies can be a good thing, especially when fresh out of the oven with a glass of cold milk. Or, when used properly, to better understand and service your customers.
Cookies define visitors and “sessionize” their data. These are two of the more important requirements for actionable Web analytics. You want to segment your visitors and identify their visits, from first page viewed to the last and all pages in between.
Define Tracking Setups
Let’s review some options and preferred setups to track visitors and define sessions for your site.
Robert Volz, one of my partners and a strategic consultant explains:
To effectively track a visitor and her session we need a visitor-specific unique identifier that is maintained throughout the visit to the site. There are many accepted and effective methods to track and sessionize visitor activity. Some of the most common visitor identifiers are IP address, IP address and browser (user agent), authenticated user name, session cookies, and persistent cookies, to name a few. Once you identify the visitor, you then sessionize the activity using their unique identifier.
The most basic and common methods for tracking visit sessions are IP address, and IP address and user agent. They’re used as a default for tracking sessions because an IP address is required to surf the Internet. Using cookies to track visitors and sessions is one of the best methods, but it’s difficult to properly configure and implement. Though not the only methods, they’re the most prevalent and can be used by almost all sites.
So let’s further examine the two methods.
Tracking visitors via their IP addresses beats not tracking at all. But it’s ineffective for unique identification or sessionization, as there are a limited number of IP addresses available. Volz clarifies:
You can think of each IP address as one room in a 4 billion room hotel where you or your customers stay whenever you access the Internet. This may seem like a lot, but many of the floors are reserved for special purposes, each site has a permanent room, and so there is limited rental space for Internet surfing. Since you only need space while you are actually interacting with the Internet (surfing), the rooms (IP addresses) are shared among many surfers (visitors). This sharing not only occurs after one visitor leaves (signs off the Internet), but while they are signed on and more often now while they are on a site — they can switch rooms. All this sharing and changing of rooms (IP addresses) means that using an IP address as a visitor identifier is confusing to analyze.
Because the IP address is shared by visitors at different times, it appears you get many repeat visitors. Actually, they’re different customers sharing one IP. Each customer is assigned a different IP address each time she surfs. That reduces the reported number of returning visitors.
IP addresses can also change while visitors surf. Instead of one visitor’s click stream, analysis may reveal two visitors with entirely different behaviors. Another likely occurrence is many visitors look like one visitor because they access the Internet through a proxy server, such as Akamai or AOL. This is very common with both business-to-consumer (B2C) and business-to-business (B2B) sites.
The more traffic volume, the bigger the problem. Although analysis is compromised, results tend to trend consistently. It is possible to gain insight from traffic patterns and make changes to your site using visitor IP address as the visit identifier.
Cookies are small files given to site visitors. In many cases, they’re saved on visitors’ computers. Although the cookie has gotten some bad press and can be misused (as well as misunderstood), many cookies are very good for customers. They improve their Web experience through personalization and optimization.
The best cookie is a first-party, persistent, non-personal, P3P-compliant tracking cookie. Most of the Internet community accepts it. Most visitors don’t delete their cookies very often, and almost never do so during a browsing session. As a result, you can use these cookies as visitor identifiers and establish a proper method for tracking visitors and their sessions.
We establish the cookie as a unique identifier for each visitor to the site, and, when properly configured, [it] remains with the visitor until they either remove the cookie or the cookie expires. There is still some cookie sharing, but only by visitors [who] use the same computer and log in to surf the Internet (for example, through Internet kiosks). Unless your site is accessed heavily from kiosk visitors, tracking with cookies is an exceptionally effective method for getting good base visitor identification and sessionization for use throughout your analysis.
Types of cookies:
- Persistent or session
- First party or third party
- Non-personal or personal
- P3P compliant or not
Persistent or Session
A persistent cookie is saved to the computer and remains for a specified period. A session cookie isn’t saved to the computer and expires at the end of the visitor’s stay. Both can track pages visited and individual visits. Only the persistent cookie tracks repeat visitors.
First Party or Third Party
A first-party cookie is served from the visited site (e.g., www.yourdomain.com). A third-party cookie is served from outside your site (e.g., www.youranalyticsvendor.com). Third-party cookies are often served by outside tracking vendors and Web analytics services.
The primary difference is first-party cookies are mostly accepted by default browser settings, while third-party cookies are blocked.
Non-Personal or Personal
If you want to track visitors and their sessions, don’t set cookies to acquire personal information. If you do need personalized cookies, consider implementing multiple cookies. This way, each cookie can be configured for a specific task.
Volz explains P3P-compliance information in cookies:
If you are compliant, then include it since it also means that more visitors will accept your cookie. But if your cookie is first party and non-personal, then it is accepted almost 99 percent of the time, so this may not be needed.
Optimizing Only Works With Proper Tracking
One of the basic requirements for good analytic metrics is effective tracking. Using the best session identifier available provides a foundation to:
- Understand your customers
- Understand their surfing habits
- Know how often they return
- Get the best analysis possible
Implementing persistent, first-party, non-personal cookies is one of the best ways to track site activity and sessionize data. Instead of tracking visits by IP address, track with cookies. This increases accuracy and comprehension of your Web analytics.
For more details, read “Web Analytics Demystified” by Eric Peterson, former WebSideStory employee, now a Jupiter Research analyst. Meantime, I’ll munch some chocolate chip cookies.