Google Analytics & Universal Analytics Cookies – Complete Guide

 

You need good great knowledge of cookies so that you can understand how Google Analytics collect data, how it define visits, visitors and other metrics and how the cookie knowledge can be used for cross domain tracking and other specialized tracking. 

This article is unique because it is in the form of Q & A.

Index

 

Background information about Cookies

Q1. What is a Cookie?

Cookie is a text file which is used to:

  • store information about users’s preferences, location and other details.
  • protect users’ data from unauthorized access.
  • maintain certain websites’ functionality
  • serve personalize ads to users and to make advertising more effective.
  • collect Google Analytics data and other tracking data.

Q2. What are the different types of cookies used?

There are two types of cookies:

  1. First Party Cookies
  2. Third Party Cookies

First party cookies are issued by the website being visited and only the website which issued the first party cookie can read the cookie. Third party cookies are issued by the website(s) other than the website being visited.

Q3. Where are the cookies stored?

Cookies are stored on users’ hard disk.

 

Q4. Can a visitor disable some or all types of cookies?

Yes.

Q5. Can cookies be set with or without expiration date?

Yes.

Q6. What is a temporary cookie?

Temporary cookies are cookies without expiration date. They expire as soon as you end the web session or close the browser window.

Q7. What is a persistent cookie?

Persistent cookies are the cookies with expiration date. They remain on your computer even when you have ended the web session or closed your browser window. They can be read by the website that created them on return visits.

Q8. Can you determine exact number of visitors who have cookies enabled or disabled?

No.

 

Q9. What happens if you try to create a cookie which already exists?

In that case the original cookie is overwritten.

 

Q10. What types of cookies are set by Google?

Google set different types of cookies for different purposes. Following are the type of cookies set by Google on a user’s hard disk:

  1. Preference cookie (called PREF) – used to store users’ preferences (like preferred language or any type of customization).
  2. Security cookies (like ‘SID’ and ‘HSID’) –  used to protect users’ data from unauthorized access.
  3. Process cookies (like ‘lbcs’) – used to maintain certain websites’ functionality
  4. Advertising cookies (like ‘id’) – used to serve personalize ads to users and to make advertising more effective
  5. Conversion cookies – used to track users’s interaction with ads.
  6. Analytics cookies (like _utma, _utmb, _ga etc) – used to collect Google Analytics data.

 

Google Analytics and Cookies

Q1. What types of cookies are set by Google Analytics?

Google Analytics mainly set first party cookies. But it can also set third party cookies (DoubleClick cookies), if a website is using Google Analytics’ display advertiser features, such as re-marketing.

 

Q2. How Google Analytics decides which cookies to use?

GA uses cookies based on the JavaScript library being used.

Google Analytics support three types of JavaScript libraries for tracking website usage data: 

  1. urchin.js (oldest version of GA tracking code, now deprecated)
  2. ga.js (used in Classic Google Analytics)
  3. analytics.js (used in Universal Analytics)

 

Q3.Why Google Analytics need cookies?

GA needs cookies to store information about a visitors’ web session.

 

Q4.How Google Analytics uses cookies?

GA either creates or update a cookie to store the visitor’s information it has collected.

Note: GA does not store any personally identifiable information in its cookies.

 

Q5. Which first party cookies are set by Google Analytics on a visitor’s hard disk?

Google Analytics can set up to 5 first party cookies:

  1. _utma (unique visitor cookie)
  2. _utmb (session cookie)
  3. _utmz (Campaign cookie)
  4. _utmv (visitor segmentation cookie)
  5. _utmx (Google Analytics Content Experiment cookie)

Note: There is one more cookie which Google Analytics set on a visitor’s hard disk. This cookie is known as _utmc cookie. Google Analytics doesn’t use this cookie any more for ga.js JavaScript library.

 

Q6. When the Google Analytics cookies expire?

Following cookies expire after 2 years from the last time your visitor visited the site: _utma , _utmv  and _utmx.

_utmb cookie expires after 30 minutes of inactivity on a website or  at the end of a day.

_utmc – this cookie expires as soon as you close the browser window.

_utmz  cookie expires after 6 months from the last time your visitor visited the site.

 

Q7. Which Google Analytics Cookies are persistent and which are temporary?

All of the Google Analytics cookies are persistent except the _utmc cookie which is a temporary cookie.

 

Q8. Does Google Analytics set different set of cookies when you return to a website via another web browser?

Yes. This is because all cookies are browser specific.

 

Q9. When cookies are created /set up by Google Analytics?

Cookies are created as soon as you visit a website on which Google Analytics tracking code is installed.

 

Q10. How you can view the various cookies set by Google Analytics when you visit a website?

Step-1: Click the Chrome menu button on the browser toolbar and then select Settings:

chrome settings

Scroll down the page and then click on the link ‘Show Advanced Settings:

advanced chrome settings

Step-2: In the “Privacy” section, click on the ‘Content settings’ button:

content settings

Step-3: In the “Cookies” section, click on ‘All Cookies and site data’:

all cookies and site data

You will now see a dialogue box like the one below:

cookies and site data

Step-4: Click on a website name to see all the cookies set by it:

 

google analytics cookies

cookies and site data

You can now see the cookies set up by Google Analytics on your hard disk.

Note: You can use the above method to see all the cookies (not just Google Analytics cookies) set up by a website on your hard disk.

 

Q11. What is _utma cookie?

GA uses this cookie to identify unique visitors.

 

Q12. How you can interpret the _utma cookie?

 

Domain Hash => This number represents the domain which set up the cookies.  All Google Analytics cookies set by a particular domain have same domain hash.

Random Unique ID => This is the second number which is randomly generated.

Timestamps => The next three numbers are timestamps which represent the time of initial visit, beginning of previous session and beginning of current session. All these three numbers also represent the number of seconds elapsed since Jan 1, 1970.

Session Counter => The last number is the session counter. It is incremented each time a visitor starts a new session.

 

Q13. How Google Analytics define visitor as unique?

Google analytics assign unique ID to each visitor on your website. This ID is called the visitor ID and it is made up of random unique ID and the first time stamp (also known as the time of initial visit).

 Note: If you look at the three timestamps above, you will notice that they all are same.

 

Q14. What does all the same timestamps in the _utma cookie tells you?

It tells you that this is your first visit to the website.

 

Q15. How you can reset your session counter in _utma cookie to 1?

You can do this by deleting all the Google Analytics cookies or by using a different web browser or computer to return to a website.

 

Q16. Can you change the expiration date of _utma cookie?

Yes through _setVisitorCookieTimeout() method.

This method is used to change the expiration date of _utma cookie. By default, _utma cookie expires after 2 years. But you can set it to expire after 1 week or any time you want to.

For example:

_gaq.push([‘_setVisitorCookieTimeout’, 604800000]);

Here _setVisitorCookieTimeout() method sets _utma cookie to expire after 604800000 milliseconds or 1 week.

Note: Use a search query like ‘1 week in milliseconds’ on Google to convert any time into milliseconds.

 

Q17. Can you set the _utma cookie to expire as soon as the browser window is closed?

Yes. For this set the expiration timeout of the _setVisitorCookieTimeout() method  to 0. For e.g.

_gaq.push([‘_setVisitorCookieTimeout’, 0]);

 

Q18. Why is _utmb cookie?

GA uses this cookie to identify a web session and to store information about the session.

When your visitor loads a web page, the Google analytics tracking code check for _utmb cookie on the visitor’s hard disk. If this cookie is missing then Google Analytics treats the session as a new session and creates a new _utmb cookie. If the cookie is already present than Google Analytics update the cookie to expire in 30 minutes.

Note: Web session is also known as visit.

 

Q19. When _utmb cookie expires?

1. This cookie automatically expire after 30 minutes of its set-up provided a visitor does not navigate to other pages on the website. If the visitor navigates to other pages of the website within 30 minutes then the cookie is automatically updated to expire after another 30 minutes.

2. The _utmb cookie expires at the end of a day or when a visitor returns to the website via a different traffic source value (utm_source, utm_medium, utm_campaign, utm_content, utm_term, utm_id or gclid) even within the 30 minutes time frame.

For example if a visitor come to your website via a PPC ad and then later return to the website via organic search listing then his second visit will start a new web session even if 30 minutes have not elapsed between the two page views/visits.

Note: _utmb cookie does not expire if the visitor closes the browser window or navigate to other websites within the 30 minutes time frame.

 

Q20. When Google Analytics end a web session?

when _utmb cookie has expired.

 

Q21. How a web session can be longer than 30 minutes when _utmb cookie expires after 30 minutes?

Whenever a visitor navigates to other page of a website, Google Analytics updates the _utmb cookie to expire after 30 minutes. So as long as the visitor doesn’t stay on a web page for more than 30 minutes and continue to navigate other pages of the website, the _utmb cookie will not expire and hence the web session will not terminate.

 

Q22. How you can interpret the _utmb cookie?

Q23. Can you change the session time out length (which is usually 30 minutes) to anything you want?

Yes you can. Use the _setSessionCookieTimeout() method in your Google Analytics tracking code.

This method is used to specify when the session should time out in milliseconds.

1 millisecond = 0.001 seconds

Syntax:  _gaq.push([‘_setSessionCookieTimeout’, 100000]);

Here you are telling Google Analytics to end a web session in 100000 milliseconds or 100 seconds.

Note:  Avoid using this method as it can considerably increase or decrease the number of visits reported by Google Analytics. It can also skew all those metrics which use visits in its calculations.

 

Q24. Can you set the _utmb cookie to expire as soon as the browser window is closed?

Yes. For this set the expiration timeout of the _setSessionCookieTimeout() method to 0. For e.g.

_gaq.push([‘_setSessionCookieTimeout’, 0]);

 

Q25. What is _utmz cookie?

It is a campaign cookie which is used by Google Analytics to store campaign information.

The campaign information is stored in campaign variables.Following are the campaign variables supported by Google Analytics:

utm_source
utm_medium
utm_campaign
utm_term
utm_content

Q26. How you can interpret the _utmz cookie?

Domain Hash – The first number in the _utmz cookie is the domain hash which represents the website that set up the cookie on visitor’s hard disk.

Time stamp – The second number  in the _utmz cookie is a timestamp.

Session Number – The third number in the _utmz cookie  is the session number which is incremented every time a visitor starts a new session. For example: from the image above we can see that this is the 8th session of the visitor.

Note: For every new session the campaign cookie values gets overwritten with new value.

Campaign number – The fourth number in the _utmz cookie is the campaign number. This number is incremented every time a visitor arrives at your website via a different campaign even within the same session. From the image above we can see that the visitors arrived on my website via 6 different campaigns.

Campaign Tracking values –  The last number in the _utmz cookie contains information about the campaign which resulted in the current visit.

utmcsr = >It represents campaign source and stores the value of utm_source variable. For example, from the image above we can see that the campaign source for the current visit is Google.

utmccn = >It represents campaign name and stores the value of utm_campaign variable. For example, from the image above we can see that the campaign name for the current visit is organic.

utmcmd = >It represents campaign medium and stores the value of utm_medium variable. For example, from the image above we can see that the campaign medium for the current visit is organic.

utmctr = >It represents campaign term (keyword) and stores the value of utm_term variable. For example, from the image above we can see that the campaign term for the current visit is seotakeaways.

utmcct = >It represents campaign content and stores the value of utm_content variable.

So in short the visitor clicked on my search engine listing for the keyword ‘seotakeaways’ via Google Organic search.

Note: once Google Analytics read the _utmz cookie it sends the campaign information to the Google Analytics server which then sends the data to analytics reports.

 

Q27. How the content of the campaign cookie _utmz will look like if you visit the following URL:

http://www.optimizesmart.com/?utm_source=bing&utm_medium=ppc&utm_term=web-analytics&utm_content=st-brand-1&utm_campaign=brand

The campaign cookie will look like this:

Q28. How you can see the campaign information collected by _utmz cookie in your Google Analytics reports?

Check the  ‘campaigns’ report under ‘Acquisition’ menu (not the Google Adwords campaigns report) in your Google Analytics account.

 

Q29. The _utmz cookie has a 6 months time out. What does that means?

It means Google Analytics attribute visit to a campaign for up to 6 months or until the campaign cookie value is overwritten with another value.

 

Q30. Can you change the campaign cookie time out length?

Yes you can. Use the _setCampaignCookieTimeout() method in your Google Analytics tracking code. This method is used to specify when campaign cookie expiration should time out in milliseconds.

1 millisecond = 0.001 seconds

Syntax:  _gaq.push([‘_setCampaignCookieTimeout’, 100000]);

Here you are telling Google Analytics to delete the campaign cookie (_utmz) after 100 seconds.

 

Q31. Can you set the _utmz cookie to expire as soon as the browser window is closed?

Yes. For this set the expiration timeout of the _setCampaignCookieTimeout’ () method to 0. For e.g.

_ gaq.push([‘_setCampaignCookieTimeout’, 0]);

 

Q32. What is _utmv cookie and how can you set it on a visitor’s hard disk?

This is a visitor segmentation cookie which is used by Google Analytics to identify a visitor  as male, female, member, non member, signed in or signed out visitors, pro-member, pro++ member, employee, non-employee etc.

To set this cookie you need to use the _setCustomVar() method in your Google Analytics tracking code.

Syntax: _setCustomVar(index, name, value, opt_scope)

Example: _gaq.push([‘_setCustomVar’, 1, ‘visitor-type’, ‘pro-member’, 3]);

 

Q33. How you can interpret _utmv cookie?

From the cookie above we can determine that the visitor is a pro member.

 

Q34. When _utmv cookie is set up by Google Analytics on a visitor’s hard disk?

This cookie is set up only when Google Analytics tracking code call the _setCustomVar() method and the javascript library used is ga.js.

 

Q35. What is _utmx cookie?

It is Google Analytics Content Experiment cookie which is used for A/B testing of different versions of a web page.

 

Universal Analytics and Cookies

Q1. What types of cookies are set by universal analytics?

Ans.  Universal Analytics set a single first party cookie called ‘_ga’

 

Q2. Why universal analytics need cookie?

Universal Analytics (UA) does not really need any cookie to collect data. It can collect data even without any cookie through analytics.js JavaScript library and through the measurement protocol.

 

Q3. Why analytics.js uses only one cookie?

In order to significantly reduce the number and size of cookies that are sent.

 

Q4. What is _ga cookie?

It is the only cookie used by UA to store information about visitors, sessions and campaigns.

 

Q5. When _ga cookie is created?

As soon as you visit a website on which Universal Analytics tracking code is installed.

 

Q6. How you can create _ga cookie?

By creating a tracking object through ‘create’ command.

Syntax: ga(‘create’, ‘UA-XXXX-Y’);

 

Q7. What are the various attributes of _ga cookie?

_ga cookie has got following attributes:

  1. Cookie name – which is obviously ‘_ga’ by default.
  2. Cookie domain – it is the domain at which the cookie is set up. By default the _ga cookie is set on the top level domain. So if you have set cookie at top level domain like www.optimizesmart.com then the cookie domain would be ‘optimizesmart.com’.  (without ‘www.’ Prefix)
  3. Cookie Path – it is the path at which the cookie is set up. By default the _ga cookie is set on the top level domain with the root level (/) path.
  4. Cookie Expires – It is the time in seconds after which the _ga cookie will expire. By default _ga cookie expires after 2 years from the data it was last refreshed.

 

Q8. In case of the domains www.example.com, fun.example.com, more.fun.example.com which is the highest domain level (or top level domain)?

 It is ‘example.com’

‘www.example.com’ and ‘fun.example.com’ are the second highest domain levels and ‘more.fun.example.com’ is the third highest domain level.

Note: analytics.js cannot set up cookie at ‘.com’ level.

 

Q9. How you can modify _ga cookie?

By changing the attributes of _ga cookie.

For example by changing the cookie name, by changing the cookie domain, cookie path and/or cookie expiry date.

Note: Google recommends not to directly access the _ga cookie as the cookie format might change without warning which could lead to script errors and incorrect data.

 

Q10. How you can rename the _ga cookie to say ‘himanshu’?

ga(‘create’, ‘UA-XXXX-Y’, {‘cookieName’: ‘himanshu’,});

 

Q11. How you can set the _ga cookie at sub domain level like analytics.optimizesmart.com?

ga(‘create’, ‘UA-XXXX-Y’, {‘cookieDomain’: ‘analytics.optimizesmart.com’,});

 

Q12. How you can end up setting an incorrect value for ‘cookie domain’?

By using a cookie domain which is not the ancestor of the current domain.

For example, if the current domain is ‘analytics.optimizesmart.com’ then you can set the cookie at ‘optimizesmart.com’ as ‘optimizesmart.com’ can be considered as an ancestor of ‘analytics.optimizesmart.com’. But you can’t set cookie on some other website say example.com.

ga(‘create’, ‘UA-XXXX-Y’, {‘cookieDomain’: ‘optimizesmart.com’,}); // correct

ga(‘create’, ‘UA-XXXX-Y’, {‘cookieDomain’: ‘example.com’,}); // incorrect

 

Q13. What happens when you set an incorrect value for ‘cookie domain’?

The _ga cookie will not set.

 

Q14. How you can modify the _ga cookie path from the default ‘/’ to say ‘/lib’?

ga(‘create’, ‘UA-XXXX-Y’, {‘cookiePath’: ‘/lib/’});

Note: Google does not recommend changing the cookie path.

 

Q15. How you can set the _ga cookie to expire after 1 second?

ga(‘create’, ‘UA-XXXX-Y’, {‘cookieExpires’: 1});

 

Q16. What happens when you set the _ga cookie to expire after 0 second?

ga(‘create’, ‘UA-XXXX-Y’, {‘cookieExpires’: 0});

In this case the cookie turns into a session based cookie and expires once the current browser session ends.

 

Q17. How you can set _ga cookie on a local host?

By setting the value of ‘cookie domain’ to ‘none’. For example:

ga(‘create’, ‘UA-XXXX-Y’, ‘none’);

 

Q18. When you should disable _ga cookie?

When you want to send data directly to Universal Analytics servers without using any cookie.

 

Q19. How you can disable _ga cookie?

By disabling the cookie storage.

ga(‘create’, ‘UA-XXXX-Y’, {‘storage’: ‘none’,’clientId’: ‘35009a79-1a05-49d7-b876-2b884d0f825b’

});

Note: you have to supply your own clientId

 

Q20. How you can retrieve the clientId value?

Through ‘get’ command. For example:

ga(function(tracker) {var clientId = tracker.get(‘clientId’);});

 

Q21. Does deleting _ga cookie and then returning to your website means, you will be labelled as a new visitor by Universal Analytics?

There is no guarantee because UA does not need to rely only on ‘_ga’ cookie for collecting data and can collect visitor information through other methods like measurement protocol.

 

Q22. How you can track traffic across all sub domains in case of Universal Analytics?

By default you can track traffic across all sub domains in Universal Analytics. This is accomplished by configuring tracking objects to set cookies at the highest domain possible (which is a default setting anyways).

For example, if you have a website with 3 subdomains: one.example.com, two.example.com and three.example.com, you would configure their tracking objects as follows:

// Configuration for one.example.com

ga(‘create’, ‘UA-XXXX-Y’, {‘cookieDomain’: ‘example.com’});

 

// Configuration for two.example.com

ga(‘create’, ‘UA-XXXX-Y’, {‘cookieDomain’: ‘example.com’});

 

// Configuration for three.example.com

ga(‘create’, ‘UA-XXXX-Y’, {‘cookieDomain’: ‘example.com’});

 

Q23. How you can configure tracking objects to automatically set cookies at the highest domain possible (top level domain).

By using the auto parameter.

For example, if you have a website with 3 subdomains: one.example.com, two.example.com and three.example.com, you could configure their tracking objects as follows:

// Configuration for one.example.com

ga(‘create’, ‘UA-XXXX-Y’,’auto’);

 

// Configuration for two.example.com

ga(‘create’, ‘UA-XXXX-Y’,’auto’);

 

// Configuration for three.example.com

ga(‘create’, ‘UA-XXXX-Y’,’auto’);

 

Q24. How _ga cookie is able to work for all sub domains of your website?

This is because by default _ga cookie is set at the top level domain.

 

Q25. How Universal Analytics define visitor as unique?

UA assign unique ID to each visitor on your website. This ID is called the ‘user ID’ (or client ID). The user id is made up of random unique ID and the first time stamp.

 

Q26. What is the biggest drawback of _ga cookie?

You can’t dig out session or campaign specific data from _ga cookie as all of these calculations happen in the backend on UA servers.

 

Q27. How you can view the _ga cookie set by Universal Analytics when you visit a website and how you can interpret it?

The process of viewing the cookie is same as it is in case of GA. You can view the cookies through chrome advanced settings:

universal analytics cookie

 

_ga cookie is made up of 4 fields:

ga cookie

First field is version number (GA1). It seems to be fixed at the moment and may change if the cookies format changes in the future

The second field is number of components at the domain separated by dot. By default the _ga cookie is set on the top level domain with the root level (/) path.

 

The third field is random unique ID (randomly generated number).

The fourth field is first time stamp i.e. the time when the cookie was first for the user.

 

Other Posts you may find useful:

Subscribe to my blog
Join my free newsletter and learn to avoid the analytics mistakes everyone seems to be making over and over again.

 



Subscribe to my YouTube Channel > > >

 



Click on the banner above to register and then use the discount code BPOS15 during checkout to receive 15% off the price of registration for 2 Day, All Access and Combo passes.

 

About the Author:

Please feel free to endorse/forward my LinkedIn Profile to your clients, colleagues, friends and others you feel would benefit from PPC, Web Analytics or Conversion Optimization.

For any question/comment Contact me