Third-party cookies are dying, but conversion tracking doesn't have to. We walk through server-side events, first-party session IDs, and privacy-friendly attribution models.
Third-party cookies have been the backbone of web conversion tracking for two decades. You'd place a pixel on your thank-you page, the ad platform's cookie would identify the user, and attribution happened automatically. Simple, reliable, and deeply invasive.
Safari and Firefox blocked third-party cookies years ago. Chrome has been phasing them out since 2024. The writing is on the wall: if your conversion tracking depends on third-party cookies, it's already broken for a significant portion of your visitors.
The simplest cookie-free tracking approach uses in-memory session IDs. When a visitor arrives, your analytics script generates a random UUID and holds it in JavaScript memory — not in a cookie, not in localStorage. The ID persists for the duration of the browser tab and links all page views and events in that session.
When the visitor signs up, purchases, or completes any conversion goal, the event fires with the same session ID. Your analytics tool can then trace the full journey: landing page → product page → pricing → checkout → conversion. No cookies needed.
The trade-off is that cross-session attribution (e.g., "this user visited 3 times before converting") requires either authenticated user IDs or a privacy-friendly fingerprinting alternative. For most businesses, single-session conversion tracking covers 80% of what matters.
For conversions that happen on the backend — subscription activations, payment confirmations, webhook-triggered events — client-side tracking can't help. Server-side event APIs solve this by letting your backend send conversion data directly to your analytics tool.
A typical server-side event call looks like this:
POST /api/v1/websites/{id}/track
Authorization: Bearer your-api-key
Content-Type: application/json
{
"type": "event",
"name": "purchase_completed",
"visitor_uuid": "abc-123",
"payload": {
"revenue": 49.99,
"plan": "pro"
}
}Server-side tracking is immune to ad blockers, browser privacy restrictions, and JavaScript errors. It's the most reliable way to track conversions that matter to your business.
When a visitor arrives via a UTM-tagged URL, those parameters are captured at the session level. Even without cookies, you know the traffic source, medium, and campaign. When that session ends in a conversion, you have full campaign attribution — no third-party cookies required.
The key insight: UTM attribution happens at the first touch, in the URL itself. It doesn't need cookies to work. It's been the most reliable attribution method all along — cookies just made us lazy about using it properly.
Last-click attribution (giving all credit to the final touchpoint) works naturally without cookies, since you only need to know the current session's source. For multi-touch attribution, you have a few privacy-friendly options:
Web Analyzer App tracks conversions without cookies out of the box. The 2 KB tracker uses in-memory session IDs, captures UTM parameters automatically, and supports server-side events via the API. Goal tracking lets you define conversions by URL pattern or custom event — no cookie consent banner required.
Try it free and start tracking conversions the privacy-friendly way.