IE8 Beta and the Attack on Cookies
September 4th, 2008 | 
Author: Posted by: Jeff Leget, Director of Operations
Microsoft is gearing up for another major release of Internet Explorer. A recent blog post at 5 Star Affiliate Programs discussed concerns regarding this upgrade. Like the recent Firefox upgrade, the new IE8 beta promises to have additional security features that make browsing safer. With each browser release, ClickBank and other Internet advertisers are left wondering how those new security features that make “browsing safer” will affect now-common advertising practices.
At ClickBank, we always try to stay a step ahead of the latest browser releases. We recently tested the IE8 beta and confirmed that it did NOT affect ClickBank affiliate tracking in any way. We performed the same tests on Mozilla Firefox several weeks ago and came to the same conclusion. ClickBank does not use 3rd party cookies to track affiliate commissions. Since the Hoplinks our affiliates are asked to use direct a consumer’s browser to a “clickbank.net” Web address, without the use of popups or embedded tags, ClickBank is able to place legitimate 1st party cookies on consumers’ PCs, for accurate affiliate tracking. When cookies are disabled or otherwise blocked, ClickBank uses other proprietary methods to track affiliate commissions.
The larger issue here is the public’s opinion that cookies themselves are “bad.” Most Web sites today use browser-based cookies to track user preferences, search history, etc. Wikipedia states, “Cookies are also subject to a number of misconceptions, mostly based on the erroneous notion that they are computer programs. In fact, cookies are simple pieces of data unable to perform any operation by themselves. In particular, they are neither spyware nor viruses, despite the detection of cookies from certain sites by many anti-spyware products.” See http://en.wikipedia.org/wiki/HTTP_cookie for more information.
This consumer misconception about browser cookies plagues many online retailers. When consumers blindly disable cookies, online retailers have difficulty providing a targeted and personalized experience to the consumer. ClickBank vendors and affiliates can do their part by making sure they explicitly abide by our privacy policy and refrain from any unscrupulous advertising practices. At ClickBank, we’ll continue to do our part by testing new browser releases, maintaining quality technology, and building a recognizable and trusted brand.
Posted in Technology | 
Tags: advertising, clickbank, cookies, Firefox, IE8, Internet Explorer, microsoft
Have Clickbank tested the new Google browser, Chrome?
I totally agree on the public opinion on cookies…
You have tested FF and IE, but what about Googles new browser Chrome?
It is my understanding that IE8 or Chrome are able to let the user do private browsing, meaning the cookie in a user’s PC is deleted latest at the end of a session. How will ClickBank track a sale when the same user attempts to purchase an item in another session, perhaps days later, yet the affiliate’s cookie is not on the user’s PC anymore?
What exactly are the other proprietory methods used by ClickBank to overcome this problem?
ClickBank has tested the new Google Chrome browser. As with all major browsers, the default security settings within Google Chrome do NOT inhibit affiliate commission tracking through Hoplinks to the order form. Google Chrome accepts the 1st party cookie that ClickBank sets. Google Chrome does offer security “tweaks” that restrict 3rd party cookies. When affiliates use Hoplinks correctly (meaning the Hoplink is not embedded in an image or frame) these settings do not affect the functionality of the ClickBank 1st party cookies.
Some browsers do have settings that erase cookies after each session. And, users themselves can elect to erase cookies from their computers at any time. By analyzing the millions of Hoplinks ClickBank receives, we have found that nearly all users complete their purchase within the same browser session within 1 hour. In most cases, even if the user does erase their cookies, ClickBank’s proprietary tracking methods often match the consumer back to the referring affiliate. ClickBank’s proprietary tracking methods are considered a trade secret and cannot be shared here.
ClickBank will continue to test and retest new browsers and updates to old browsers. Our goal is to provide a consistent and reliable service for everyone.
You said that
<>
I just tested it with FireFox, I clicked on a well formatted hop-link, ended up on a vendor page. Then I removed the cookie from FireFox, closed FireFox, re-started FireFox and went directly to the vendor page, now in a new session. Following the link to the order payment form I noticed this at the bottom:
[affiliate = none]
Hence, it doesn’t appear to be tracked by Clickbank anymore, does it? Or is it still doing a proper tracking but merely doesn’t display the [affiliate = whoever] note at the bottom of the payment form?
I thought your article spent too much time trying to convince me cookies are good, and not enough talking about the future of affiliate marketing and cookies with the advances of anti-cookie browsers. I would like to hear more from technical experts about the current and long term outlook of using cookies for affiliate programs.
I am really new to Click Bank and the Internet. I read SOMEWHERE that IF the affiliate offers a bonus of some kind (FREE E-Books, etc.), AND you only get the bonus by ordering (clicking) through their hop link. This would deter others from replacing your nickname in the hop link with theirs and robbing you of your commission. Would this same practice not help with this problem as well??
Bill Hayden what anti cookie browsers are you talking about? Users of MSIE have always had the ability to delete cookies, after a session or any time they feel like it. Nothing new in the functionality in this post at all.
The post was about cookies not about the future of affiliate marketing. That future looks brighter and brighter as more and more people get used to spending money online.
Of course, like everything else, affiliate marketing will get harder and harder as more people decide to build websites and do marketing of products. However the size of the pie is growing faster than the webmasters building sites so I see no huge problems for the next few years.
Other than needing to get my sites translated into Chinese languages and whatever languages the people of India use. That’s where the most growth is going to come from.
As for proprietary info, it’s silly to even ask for it as no company is going to post their private secrets on an open website and more than likely require all of their employees to sign confidentiality agreements. That’s the nature of the beast.
I haven’t actually tested it yet, but as a web designer i can say that it would be rather easy to track your ip address and save the hoplink info locally on my site, so even if you did remove the cookies, my site could auto-look up who referred you
as long as your ip address did not change.
on one of my sites: you get referred by ‘thomas’, my sites saves that info based on your ip, you go clear your cookies, and place the order, and my site looks up your referrer.
so it may say affiliate=none, but clickbank could have already stored your referrer to your ip address and re-match it after payment. a little iffy but easy to pull off without cookies, cause your referrer’s id is passed when you click the affiliate link before you get to the salespage and could easily be stored.
another of my sites: you can’t join my site unless you were referred by an existing member, and every time you order you get forced through the hoplink on the way to clickbank(fresh cookie), you can’t block it because it happens instantly and you get taken directly to CB’s payment page.
I agree that it’s a real shame that the public has been misled into thinking that cookies (which are just text files) have way more power than they actually do. I think a lot of this misinformation comes from companies who sell antivirus and antispyware products, who profit from scaring people.
The web will not survive without cookies. I operate several sites and unless you accept cookies you will not stay logged in. I believe most people will turn off the new privacy settings as there will be a lot of interference with legitimate sites. I do wonder (tongue in cheek) whether MS will be blocking it’s own cookies (live.com, ms support etc). I bet they won’t.