In recent years, Safari, Firefox, all iOS browsers (Safari, Chrome, Edge, Firefox), and Edge on Android have begun blocking cross-domain access to browser storage, as well as blocking 3rd-party cookies. This limits support for the Cross-Domain feature: disrupts the ability to maintain an unauthenticated web messaging consumer's identity and state across different domains/sub-domains on these browsers. Note: This does not disrupt maintaining the identity of authenticated consumers, but only unauthenticated.

Storage partitioning documentation from browsers providers: Safari Firefox

Currently, the exceptions are Chrome and Edge browsers on certian operating systems where they continue to support cross-domain storage for LivePerson. LivePerson deeply evaluated and pursued several options to ensure cross-domain messaging flows would continue (with best-effort) to be available for the following:

  • Chrome on Windows, macOS, and Android with default privacy settings ✅
  • Edge on Windows and macOS with default privacy settings ✅

More information on Cross-Domain support is here.

Unpartitioned Storage (old behavior)

Previously, without storage partitioning, a third-party site ("C" - liveperson.com) could store data when embedded in one top-level site ("A" - brand-domain1.com), and then access that same data when the site was embedded in another top-level site ("B" - brand-domain2.com). In other words, LivePerson's storage context was shared between the different/unique brand sites it was embedded in.

Partitioned Storage (new behavior)

Now with storage partitioning, a third-party site ("C"- liveperson.com) that stores data when embedded in one top-level site ("A" - brand-domain1.com) cannot access that same data when the site is embedded in another top-level site ("B" - brand-domain2.com). In other words, Liveperson's storage context is now completely separated (i.e. "partitioned") between the different/unique brand sites it is embedded in.

Future support

LivePerson is closely following these developments and is evaluating options to restore this functionality to more browsers and operating systems in the future based on the availability of new browser APIs. Please reach out to your account team if you are interested in discussing how these impacts can be mitigated.

Please review the below FAQ section to understand the implications of these changes and determine if and how it may impact the messaging experience on your website.

FAQ:

Q: Why does Third Party Storage Partitioning affect Unauthenticated Web Messaging?

A: Storage Partitioning prevents the LivePerson web application from storing the unauthenticated consumer's identifier as 3rd-party data that can be accessed across a brand's defined/allowed domains. In this case, a consumer has a different identity across a brand's different domains, and thus cross-domain continuity does not work.

Q: Why are certain browsers implementing this change?

A: Some major browsers are making this change in an effort to improve user privacy and security. The main goal is to prevent cross site trackers from easily tracking users across various domains.

Q: Will my messaging experience be impacted?

A: If you are utilizing unauthenticated web messaging across multiple domains with the Cross-Domain feature, then your users will not have the expected continuity across domains on the impacted broswers. Authenticated messaging is not affected as the user's ID is not persistent in browser storage.

Q: What will the experience be for an impacted user when they change domains during a messaging conversation?

A: If an impacted unauthenticated user navigates to a page on another domain during a conversation the messaging window will no longer be open, instead the engagement button will be displayed. If they click the messaging engagement button it will start a new conversation as if they are a new/different user.

If the user navigates back to the first domain while their conversation is still active they will see the messaging window with their initial conversation.

Q: Are there plans to re-introduce more browser support for cross-domain continuity in unauthenticated LivePerson web messaging in the future?

A: Whether or not LivePerson will be able to support cross-domain continuity in unauthenticated LivePerson web messaging on certain browsers in the future will depend on future functionality/limitations of each browser. LivePerson will continue to monitor the state and privacy initiatives of our supported browsers, and will communicate any notable impact on our functionality.