[UPDATED January 2020: issue with version 13.0.4 of Safari which requires the Custom Domain solution to resolve]
[UPDATED October 2019: click here for details of a new solution to the cookies issue, or skip to the What is Spektrix doing about this section]
As you may be aware, some customers are having issues booking on Spektrix iframes using the Safari browser. You may have received feedback from customers about the difficulties they are having, which are caused by how Safari interacts with Cookies set by Spektrix. In this article we’re going to look at what’s happening and why, and provide information on what Spektrix is doing to resolve the issues.
Here's what's covered in the article:
- What are cookies?
- What is happening for Safari users?
- What causes these issues?
- What is Spektrix doing about this?
- What can I tell my customers to do until my new sub-domain is ready?
- What's next?
A cookie is a small amount of data sent from a website and stored on a user’s computer by their web browser. Websites utilise these temporary files to store information that allows them to identify a user for the duration of the time they spend on the site. These are known as ‘session cookies’.
Why does Spektrix need session cookies?
Spektrix uses session cookies any time a customer interacts with the booking iframe on your website (or any Spektrix venue’s website). This allows us to keep track of each customer’s session so that we know whose basket we need to display back to them.
These cookies allow customers to move between the different areas of a website without losing information about their authentication (login), or basket/cart contents. We use the same approach to this on all of our clients’ websites.
What is happening for Safari users?
An issue affecting some customers involves being presented with the ‘Cookie Message’ when they try to load or interact with a Spektrix iframe. The Cookie Message is a default message which offers guidance on how to enable third party cookies - more on these later - and looks like this (note that the text on this message has recently been updated):
This message is presented because Spektrix has detected that the customer needs to change their Safari settings, otherwise they won’t be able to proceed with their booking. By default Safari uses a setting called ‘Prevent Cross-Site Tracking’, which the customer needs to disable in order to proceed with booking.
This doesn’t happen for all Safari users, and most users booking on an iPad or iPhone can currently book normally. If that’s not the case then following the steps provided on the cookies message should allow them to book.
However, for users of the latest version of Safari on a Mac (Version 13.0.4) then the steps that previously worked to enable them to book (i.e. changing settings in Safari) no longer work. It’s likely that iPad and iPhone users may face similar problems in the future.
Safari is built on top of a technology called Webkit, which in turn uses a technology called Intelligent Tracking Prevention (ITP). You can find more info on this on Webkit’s site here. Both of the issues are related to this technology; we’ll look at each one in turn, to provide some details around why each issue is (or was) happening.
Through ITP, Safari are targeting third parties who surreptitiously track customers’ behaviour across multiple different websites (for example advertisers looking to profile them for targeted ads).
Unfortunately, as well as catching advertisers, ITP can also sometimes assume that things like the Spektrix iframes are used for cross-site behaviour tracking, and therefore prevent them from setting cookies.
While we don’t track customers in this way, ITP can classify our cookies as cross-site tracking because our iframes are always hosted on system.spektrix.com no matter the venue. This classification happens per-device (see the section on Machine Learning Classifier on Webkit’s site).
This is why users who have visited multiple Spektrix venues are most likely to be affected, as their devices can interpret system.spektrix.com as a tracking domain (while other customers’ devices will not).
In these cases, when Spektrix detects that we can’t set the necessary cookies to allow us to retain the state of a transaction, we know that the user won’t be able to proceed with their booking. Therefore, we present the Cookie Message instead to give them instructions on how to change their settings to allow them to proceed.
What is Spektrix doing about this?
We want to ensure that any of your customers using the latest version of any major browser (Chrome, Safari, Firefox, Internet Explorer and Edge, including their mobile equivalents) are able to purchase tickets without having to alter any default browser settings. This is a continuing challenge as these browsers frequently change their technologies, but it’s an important challenge for us to meet.
We have a solution which allows Safari users to book tickets without having to change any default settings, so read on to find out more about this.
This solution for integrating the Spektrix iframes onto your website means that Safari and other browsers will see the Spektrix cookies needed for booking as ‘first party’ (i.e. coming from your site), rather than ‘third party’.
What needs doing?
We’ve tried to make sure that any necessary changes will require as little intervention as possible from your web team to implement. In order to put this new solution in place, however, we need some action from your web teams, who may need to charge for this work.
Here’s who we need to work with:
- Your web developer to make changes to how our iframes are placed on your site.
- Whoever controls your domain/DNS if this is not your web developer. This could be your internal IT administrator or an external IT team.
You can find the details on how to implement this solution with you and your developers in this article, which includes links to our developer portal for the full technical details that your developers will need. In the meantime, however, the steps involved can be categorised into two main sections, which we’ll break down below.
A new sub-domain will need to be created on your website domain, for example:
- If your current domain is yourvenue.com then you’ll need to create tickets.yourvenue.com as a new subdomain.
This new sub-domain will need to be mapped to a Spektrix address so that customers will still see the same Spektrix iframes as on your existing site. Whoever controls your domain will be able to do this work, and we’ve provided instructions for all the necessary steps.
If you are currently using any Spektrix iframes, Widgets or Web Components on your website, these will need to be changed to point to the new sub-domain you have created. For example:
- The checkout iframe system.spektrix.com/clientname/secure/checkout.aspx would now need to change to tickets.yourvenue.com/clientname/secure/checkout.aspx.
If you have multiple websites running off one Spektrix system, then you’ll need to do this for each site.
NOTE: if you’re using an analytics system, like Google Analytics, you’ll likely also need to make changes to track this new subdomain, rather than system.spektrix.com.
What can I tell my customers to do until my new sub-domain is ready?
We know that you may be getting queries from Safari bookers and that having these conversations can be difficult. Here a few suggestions to help you in conversations with customers who use Safari.
Customers unable to book using a Mac (i.e. those using the latest version of Safari) will need to book with a different browser, such as Chrome, until you can implement the Custom Domain solution.
For customers using an iPad or iPhone to book:
- Try using Private Mode in Safari when booking, which should help avoid getting stuck on the Cookies message
- If this doesn’t work, try disabling the ‘Prevent Cross-Site Tracking’ and 'Block All Cookies' settings while booking with you and then turning it straight back on afterwards
- Spektrix do not track customers across the internet; the only need for the ‘Prevent Cross-Site Tracking’ setting to be switched off is to enable cookies to be set for the purpose of facilitating a transaction
- However, if you have your own tracking code on your site then turning this setting off might mean customers are tracked by you directly, whereas ordinarily Safari might be blocking your tracking of these users.
- If they are unable to book using a Mac, they may need to use a different browser - such as Google Chrome - until you can implement a Custom Domain solution
We've also changed the wording of the Cookie Message to make it clearer to your customers what they have to do on Safari and why.
What about other browsers?
Customers using other browsers can book as normal. However, Google Chrome has recently announced plans to no longer allow third party cookies by 2022, so moving to our Custom Domain solution will become ever-more crucial. Other browsers may make similar moves in the coming years.
We will keep this article updated with new information as and when it becomes available, so we recommend you check back regularly. If you would like to stay informed about when we add new information, you can sign up to receive email notifications on our New Documentation forum, where we’ll be providing updates when major changes are available.
Make sure check out our documentation for the new Custom Domains functionality. Note that we have shared this with all of our partner web developers/agencies as well.
If you have any further questions or would like to discuss any of this in more detail, please don’t hesitate to get in touch with the Spektrix Support team.