CNAME Cloaking Defense in Safari and its impact on Munchkin

In late 2020, Apple announced their intent to add a new feature to their Intelligent Tracking Prevention implementation in Safari called CNAME Cloaking Defense, to be rolled out with the release of Safari and IOS 14.  Like many of the other efforts in Apple’s Intelligent Tracking Prevention schemes, this feature is designed to limit the lifespan of cookies set by hosts which have a CNAME pointing to a domain name which does not match the visited page’s domain name to seven days.  Since Munchkin JS uses cookies set by a CNAME, and the underlying host to which the CNAME ({your instance} points will never match the domain name of a visited page, cookies set by Munchkin in Safari 14 browsers will be capped to a seven-day lifespan.  While the reduction in cookie lifespan will have some effect on tracking known leads, traffic from Safari generally represents less than 10% of requests handled by Munchkin.   


There are no apparent easy solutions to this issue, and each would require significant intervention both on the part of Adobe engineering and subscribers.  Adobe will continue to explore long-term options for improving consistency and accuracy of web tracking behaviors, but at this time we have decided not to take any extraordinary measures to try to circumvent this change and restore long lifespans for Munchkin cookies.  Instead, we have decided to focus on our efforts to integrate Marketo web tracking with the Adobe Web SDK so that all Adobe Marketo Engage customers can benefit from our best-in-class web tracking solution.  We will have more information to share when we are closer to release of this solution.