How can the new Chrome Cookie Policy (version 80) impact my Magento environment?

Mid-March we found an issue that our merchants were having with our 3DS feature. For these merchants a large number of orders are in the "offers" section (Transactions >> Offers), and the shopper is redirected to an empty cart instead of receiving a 3DS redirect.
We have found the 3DS issue, which originated from the new Chrome Cookie Policy (v. 80) that was released on the 4th of February 2020.

Because of the phased roll-out for this new Chrome version, our merchants only started noticing the effects around mid-March.
The cookie management is dealt with by your Magento instance (Magento Cookie Management), however this issue was not yet picked up by the Magento team.

About Chrome Cookie Policy (v. 80)
From this version on Chrome is enforcing a secure-by-default cookie classification system, treating cookies that have no declared SameSite value as SameSite=Lax cookies. Only cookies set as SameSite=None; Secure will be available in third-party contexts, provided they are being accessed from secure connections. Do please note that the SameSite field is not yet a widely supported value in older browsers, as well as Safari and Firefox.

Google announcement
Google has announced last Friday (3d of April) that they are temporarily rolling back the SameSite cookie changes they have been rolling out since February, as they noticed many websites were not ready for this major change.

  • Please find the official statement of Google here.
  • Google has also provided a further explanation of the changes here.
  • For more information TechCrunch has also released this article.

Actions
If you have already implemented changes for your cookie management (either previously provided by us, or your own fix), we advise to revise your cookie management and check for cross-browser compatibility. We do not expect Chrome to break as a result of the rollback and understand you just put in effort and time to fix this, but due to the announcement from Google we believe that it would be a sustainable solution on the long term to revise your Cookie management and prepare your website for when Google does indeed initiate this change.

Be aware that this is a temporary change, as Google still plans on rolling this out over summer. We advise our merchants to make sure that the required changes are made in the coming months, before the SameSite cookie policy is further rolled out. For our plugin merchants (e.g. Magento), we will check with Magento directly and provide further updates if needed. As a long-term fix from Magento will be expected, the fix we provided can be rolled back for now. 

For further questions please contact our Support Team.

Have more questions? Submit a request

Articles in this section

See more