Here's a little riddle for those of you who are tech savvy and know their way around Google Analytics. December 2014 I spoke with the CEO of an agency who told me he was seeing new visits directly landing on his clients thankyou pages.
There are a few cases where this could happen:
- People try to order a product, go to their banks' site, wait for more than 30 minutes causing the Google Analytics session to end, pay and return to your site. This will generate a landing on a thankyou page, but from a returning visitor in stead of a new one.
- People have software in place that erases any cookies from a site as soon as people leave them. After returning back from the payment provider they will be seen as a new visitor, but with the source "direct / none" or "bankdomain.tld / referral". So not as "google / organic" or "google / cpc".
Take a look at this screenshot:
More and more sites are moving towards HTTPS in the past months. Google claimed it can be used as an SEO ranking signal and privacy organizations advice it so you give your visitors more privacy.
Google Analytics works fine on both HTTP and HTTPS sites. In the basic tracking script you see this line:
It's a protocol independent URL that will fetch the analytics.js file from HTTP or HTTPS based on the site's protocol where the script is loaded. But Google Analytics offers an extra option to do the tracking in HTTPS also. Take your basic tracking code and add the forceSSL line:
ga('set', 'anonymizeIp', true);
ga('set', 'forceSSL', true);
(I also add the anonymizeIp line by default to give my visitors just a little bit more privacy).