ConnectAd Blog

News

The Chrome 80 Update - it's not killing cookies

There's a lot of discussions out there whether or not the recent Google Chrome V80 update is killing cookies. Shot answer: Cookies are still not dead.

Here's what Google is doing:

Google released it's Chrome 80 update on February 4 with some discussions upfront. Google announced recently that they'll eventually kill third-part cookie entirely (which won't happen until two years from now). On the other hand, they've introduced the "SameSite" update and changed the way how cookies are handled. It's important to understand that these are not the same thing. They're separate (but yes, cookie-related) topics.

This new version is focused on how cookies are set and shared - it's primarily a security update focused on preventing bad actors from misusing third-party cookies. And, just like many businesses in the ad tech industry, we're changing the way that our cookies are set in response to these new standards.

As part of the Chrome 80 update, Chrome will set all cookies to "SameSite = Lax" by default, which means that these cookies cannot be shared cross-site (i.e. in a third-party context). Additionally, as of this release, third-party cookies (those with the SameSite field set to "None") must be handled securely.

Here's what ConnectAd is doing:

Starting February 02, ConnectAd is setting the "SameSite=None" and "Secure" attributes on our cookies. Furthermore, we're redirecting all unsecured HTTP requests to secure HTTPS requests to make sure that all cookies are handled securely.

What you need to do:

It's a good idea to review the way you are handling cookies on your site and if everyone in your ad-stack is compliant with the new cookie setting guidelines. To be clear, we have no insight into or control over what other vendors may (or may not) do, so it's always a good idea to get clarity from your partners.

For more in-depth information on how to prepare, Digiday has also published a WTF article with more useful context.