Control your environment without installing any third-party code.As an add-on package, SiteSpect Enhanced Analytics combines two powerful tools to fortify and finely tune campaign data:
  1. Outlier Data: To identify and mitigate anomalous data that can skew data-driven decision making.
  2. Real User Monitoring (RUM): Capture & analyze actual user interactions and layer performance metrics into any campaign report.
For more information visit
SiteSpect is CCPA Compliant. The California Consumer Privacy Act (CCPA) is a state statute intended to enhance privacy rights and consumer protection for US residents of California. More information about SiteSpect’s CCPA support is located on our Customer Notice On EU GDPR and CCPA Support page.SiteSpect will dedicate resources to the equivalent of a full-time employee to work with your team at your offices.SiteSpect will dedicate resources to the equivalent of a half-time employee to work exclusively with your team across any of the professional services.SiteSpect will dedicate resources to the equivalent of a full-time employee to work exclusively with your team across any of the professional services.SiteSpect provides on-site training sessions custom designed especially for your business and IT teams to help you achieve your business goals.SiteSpect has a curriculum of training modules and best practices that you can take advantage of to increase your team's adoption and mastery of the user interface.We offer training to get you up and running quickly, including test building courses & analytics interpretation.Take advantage of SiteSpect's premium help and knowledge portal where you will find FAQs, how-tos, and detailed step-by-step instructions for successful use of the SiteSpect platform.We offer monthly webinars on SiteSpect featured functionalities and best practices for increased value and success.Identify additional testing and personalization opportunities from the results of past campaigns.Our professional services team will work with you to create visualizations to demonstrate how SiteSpect affects your revenue.Optimization Consultants will provide full analytical reports on campaign performance, highlighting KPI impact, segment analysis, and key insights.Optimization Consultants will show you the best way to get the most out of your traffic across a large number of tests and personalization campaigns.Learn how to track and monitor running tests and personalization campaigns.Learn best practices for efficiently creating and executing tests and personalization campaigns.Design, develop, and optimize all of the components for your program.Learn how to structure experiments to maximize learning and efficiency. A/B vs. MVT, Controlled Experiments vs. Personalization.Add a workflow tool to integrate your prioritization and team workflow directly into SiteSpect.Your Optimization Consultant provides best practices and process recommendations for running a high functioning optimization program.SiteSpect will provide guidance and support for making decisions regarding scheduling tests in order to maximize efficiency and generate as much learning as possible as efficiently as possible.Working with key stakeholders in your organization, SiteSpect will provide test ideas that improve the customer experience and move the needle on your key performance metrics.Your Optimization Consultant will provide best practices for creating data-driven hypotheses that answer key business questions.Based on our experience and your analytics, your Optimization Consultant will help you identify optimization opportunities and establish a workflow for collecting and managing input from across your organization.Provided by your SiteSpect Optimization Consultant who understands your business objectives and works with you to achieve your testing goals and increase ROI.Number of hours SiteSpect professional services representatives will work on strategy, creation, or analysis for your optimization program.Enforce an optimization workflow with campaign administrators, builders and read-only roles.Custom integration with 3rd party tools such as Adobe Analytics, Google Analytics, CrazyEgg, Hotjar and more.Build and optimize the customer experience on iOS and Android apps. Build experiences visually, directly on your mobile device, leverage our SPAs or use API only solution.Leverage Custom Variables to capture dimensions about users, such as products purchased, categories viewed and items searched.Isolate users in single Campaigns or allow them in multiple overlapping experiences.Create a unified customer experience by connecting experiences for recognized users across devices.Automate your optimization program through our API: and deploy server-side functionality with on/off switches or progressive rollouts. Leverage cookies, headers or parameters for feature flagging. Test and optimize your CMS, recommendation engine, and other vendor tools.Leverage our SPA SDK to test and optimize your Single Page Application. Support for major frameworks such as Angular, React, and others.Modify the source code of pages on the fly with Regular Expressions, with zero impact to performance. Replace, remove, add in new functionality before pages are rendered in the browser.SiteSpect offers a number of capabilities for effective front-end testing. Use Visual Editor or Regular Expressions to modify source code, support SPA frameworks, define pages for reusability in tests, and minimize performance hits for users and servers.Use point-and-click actions to modify text, images, buttons, promotional banners, and styling. Create, move, rearrange, hide, and track behaviors across channels. Works with SPAs out of the box, such as React and Angular.Push winning Variations to all traffic to benefit early from wins. Push hot fixes your website to quickly resolve issues, to all traffic or segments of users.Respond to real-time alerts and in-product messages to proactively manage your campaigns. Known when a campaign has a winning variation, is hurting conversion, does not have any recent visits, or is disabled.Quickly analyze and understand relevant campaigns and outcomes. Measure conversion, KPIs, user actions, events, conversion funnels, and other key user interactions in our comprehensive dashboard.Personalize the experience for mobile devices, geo location, user types, and user behaviors. Build your own Audiences to align with your key segments of users and leverage your Data Layer.Experience our proxy architecture built from the ground up to avoid flicker and ensure fast experience delivery across desktop, tablet, and mobile devices.Training to get you up and running quickly, includes test building courses & analytics interpretation.Dedicated optimization consultant for strategic and tactical guidance. Your GoLive Report is a success plan to get your team up and running, including website audit, test ideas and optimization roadmap. You will also get ROI (return on investment) modeling backed by Forrester.Depending on which package there are countless tests, segmentations and optimizations within your control across almost any digital touchpoint.Run as many Campaigns as you want.Our optimization experts work with you to recommend 10 impactful test ideas to improve customer experience and impact your bottom line, and build 10 Campaigns so you can quickly benefit from our platform.Directly ingest SiteSpect traffic logs into your monitoring infrastructure to diagnose underperforming applications/servers and identify site errors in near real time.SiteSpect sends a sample of log data to, a log visualization service. This service offers full flexibility to view and analyze logs relating to traffic health and routing. Your network operations center can also use this service to build your own visualization and dashboards or integrate into existing systems.SiteSpect is GDPR Compliant. The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collecting and processing personal information of individuals within or who are citizens of the European Union. More information about SiteSpect’s GDPR support is located on our Customer Notice On EU GDPR Support page.SiteSpect is HIPAA ready, which saves you time when you use SiteSpect in your HIPAA-compliant environment. SiteSpect obfuscates and encrypts visitor behavior and does not store any personal data. SiteSpect also offers on-premise and other deployment models to guarantee personal data never leaves your datacenter.SiteSpect supports Single Sign-On (SSO) authentication through Active Directory and SAML. SSO allows you to centrally manage SiteSpect permissions and login credentials. It also makes it easier for SiteSpect users to quickly log in and switch between their applications saving time and improving productivity.Restrict user access to SiteSpect by IP address.Restrict access to your websites by IP address. Create lists or ranges of IP addresses that allow trusted (whitelisted) users to access your websites or prevent access from disallowed (blacklisted) users.Two-Factor Authentication, also known as 2FA, requires not only a password and username but also something that only a user has access to, such as a token. Using a username and password together with a token makes it harder for potential intruders to gain access to SiteSpect.SiteSpect complies with both the EU-US and the Swiss-US Privacy Shield Frameworks. SiteSpect certifies that it adheres to the Privacy Shield Principles with respect to personal data. More information about SiteSpect’s Privacy Shield support is available on our Business Services Privacy Policy - GDPR and Privacy Shield page.SiteSpect includes a complete history of every user action. Quickly undo changes in the audit history list and audit any change as part of your change management process.SiteSpect maintains the privacy of all customer data by ensuring no test data is exposed and that data is not grouped with or shared with others in any way.SiteSpect leverages Alert Logic to monitor and track security vulnerabilities. This provides you with an additional line of defense as we will notify you of any detected threats or attacks on your website.SiteSpect supports nine different permission levels that provide control and configurable access. Set view and edit permissions on a per user basis for building, managing, and analyzing campaigns.SiteSpect fully supports encryption for all types of in-transit data such as end-user content, SDK and API transmissions, and business user data. We also support testing on HTTP and HTTPS websites.

Keeping Up With Browser Privacy Changes with Cory Underwood

May 20, 2020


In 2019, Safari released Intelligent Tracking Prevention (ITP), now on version 2.3. Firefox then released its own set of tracking prevention policies: Enhanced Tracking Protection. Closely following suit, Microsoft Edge and Google Chrome each announced their own sets of tracking protection features in early 2020. While each browser now has its own rules, the common theme remains: the game is changing around using cookies for tracking.

At each of these turns I sat down with Cory Underwood, current Platform Engineer at Search Discovery and longtime programmer and analyst, to dive deeper both into the technical side of these changes and what they mean for marketers and developers. Below are parts of our conversations on what browser tracking changes mean for optimization and analytics. You can watch the recorded webinar, “Keeping Up with Browser Privacy Changes,” here.

To Start Off, Can You Give Us An Overview About What Safari ITP Is, Exactly, And What The Change Is For 2.3?

Sure. We have to go back to earlier 2019 to really understand how it’s formed. So, very early in the Spring [2019], ITP 2.1 changed the way client-side cookies are set and what their expiries are, and that has impacts for all kinds of functionalities — not just limited to A/B testing. But basically, any client-side code that needed to maintain state would get a maximum of 7 days out of that cookie before it gets deleted. And then any subsequent visit after that point, that logic would interpret as a new person.

When 2.2 rolled out under mobile devices in May, under special conditions related to the referring domain and link formatting and such, the cookies would only get a 24 hour expiry. All these client-side tools look at first party cookies that are set on their client. Because they’re client-side based, and A/B testing normally runs longer than a week, you’re concerned during the course of the A/B test execution that people are going to get alternate cell assignments and see all the different experiences.

What the vendors did in a lot of cases is started relying on local storage which wasn’t subject to Safari’s protocols of privacy. So they either store the segmentation in local storage, or they do a cookie and recreate it in local storage, or something of the sort. It had its limitations, specifically around cross-domain and things like that, but it basically still allowed the tools to work more or less as they did.

Now with 2.3, which was released with Safari 13, under special circumstances relating to the referrer domain — especially if it’s social — the local storage will also get deleted after 7 days. So, in the absence of having a server-side solution set your state, you’re going to essentially believe that the client is a new person after 7 days or 24 hours because all of the stateful identifiers on the client get removed. To the server, the person is new, even if they’ve been there every day (but 24 hours have passed between each visit). And that’s really not ideal from a A/B testing perspective because you want them to maintain variation assignment.

Now can you break down Google Chrome’s cookie changes?

Cookies can either be first-party or third-party based on how they get loaded onto their page and the context. And that can have some unintended scenarios because it enables an attack vector known as cross-site request forgery. So Google is hoping to address that by changing the default behavior.

The current behavior is to always share the cookies in all contexts, unless the programmer specifically sets something for that not to happen. So it’s an insecure/open default. What they’re doing is closing that off by making the default lax, so the developer would have to explicitly change the attribute for a cookie to be available across sites.”

What are Safari and Google trying To Curb? Is It Mainly About A/B Testing And Personalization? Is It More About Ads? What’s Safari’s Biggest Intention Here?

Safari is really trying to target cross-site tracking. And I really think they’re targeting social networks in particular, but with the way that they’re going about it and the solutions that they’re putting in place are not limited to that kind of tracking. They say “Unintended Impact” is possible, and that they might, on a case by case basis, look at workarounds for it. But these things can break.

So, theoretically, they think all that stuff could break by what they’re doing.

With Google, where I really think it’s going to hit is things like third-party ad attribution, and unintentionally it’s going to impact third-party log in flows [using a login from one site to authenticate you on another site, eg using Google to log in to Instagram] — which I know is something they’re working on. The concept is to prevent cookies from allowing you to be inadvertently tracked cross-site, and as a result of that the technology that has to function cross-site either has to be updated or it stops working.

What Kind Of Impact Are We Going To See In A/B Testing And Personalization? How Might This Throw A Wrench In Current Processes, And What Best Practices Should We Be Adopting Now To Deal With It?

You definitely need to take a look at your platform and understand how it fundamentally works. How it does state, and if how it works is compatible with all of the recent browser announcements. If it’s not, you’ll need to work with whatever team runs that platform to come up with a solution on whether it is even still viable, or if you have to do additional development to get it to continue working. But you just can’t ignore it — it’s going to show up in your analytics, and on paper everything would be working as you would expect but not as you intend. And as a result of that, you would end up with substantially different data than you would if you had all the context.

Let’s say you have a lot of traffic from Safari but it’s social… so one person comes back every 25 hours, but they do that every day — but always just one hour off. How many users did you have that month? Technically 1, but your reporting says 30. And you have the worst retention rate ever, because you have 0 retention. But new users are knocking it out of the park. But that’s not really what’s happening. You might think, “I can cut back on my new user spend because new users are crushing it, the engagement team is knocking it out of the park”. But that would be a mistake.

So That’s A Big Problem For Data Analysis. What Other Impacts Are You Seeing On User Experience, Or In Any Other Fields?

I’m going to speak from a generally more development point of view. You wouldn’t necessarily always come back to the server to do state, because maybe the server doesn’t need to know, and you still need to have some sort of long term storage.

So a good example of this would be GDPR consent dialogues. If they [a visitor] opt out, you don’t want to show that dialogue box to them on every page. So you need the client to understand that, but the server doesn’t necessarily need to care. But, because of the way that this is structured, and the need to preserve state longer than 24 hours potentially, you would have to now have the client call the server, and have the server do something that previously the client could do on its own. So, in order for you to not be subject to edge cases around things that aren’t even within your control, like how they get to your site, you now have to have a different architecture with anything concerning state.

How Should We Be Adapting?

You have to look at how you set state, essentially. And go through all the code, and look at basically, do I have to do this differently? Do I even need to do it at all?

From that you figure out, okay, well, “I need to set the state under these circumstances so I am going to have to re-architect that.” And that is going to commonly come in from additional development investment.

And now I also think that’s what’s going to happen is for marketers who are used to doing all this tag and installation, they’re going to have to understand how the tag works because that’s now as, if not more, important than what the tag actually does. And so I think what that could actually end up resulting in is tagging moving to more of a developer focused workflow. And companies are going to have to look at all of this, and figure out “how do I support this?”

But, maybe you don’t have a lot of Safari traffic and you can kind of skip it. But I mean, maybe you’re 50, 60, 70, 80 percent Safari traffic because you get all of your traffic from iPhone users, and you’re going to have to stop feature development to have to fix this if you want to maintain collection accuracy.

It Sounds Like Marketers Are Going To Have To Get A Lot More Technical, Or Work More Closely With Developers.

I think that basically is going to be the only path forward because you can’t just add a marketing pixel to the site and expect it to work as you intend.

What Should Everybody Be Doing Differently Right Now?

Stop looking at stuff in aggregate, and start looking at it by browser. But also have a context of how that browser operates, because you’re going to want to know that before you go and start shifting your spending. Otherwise you’re going to be making choices that seem logical but are ultimately based on a flawed understanding of what’s actually occurring.

You can find more from Cory Underwood at, and you can watch the webinar, “Keeping Up With Browser Privacy Changes,” here.

To learn more about SiteSpect, visit our website.


Suggested Posts

Emoticon icons face on Wooden Cube , Costumer service concept

Best Practices to Optimize On-Site Customer Feedback


How to Diagnose, Solve, and Prevent Traffic Problems… With an A/B Testing Solution?

moonpig card 1-01

Case Study: Moonpig Increases Conversions by Optimizing Product Recommendations

Leave a Comment

Your email address will not be published. Required fields are marked *