Payment Gateway Referral Exclusions in Google Analytics

One of the most frequently visited reports in Analytics is the Source / Medium report. This is a primary reason why it’s targeted by referrer spammers, as we discussed in a recent article. There is, however, a much more trivial, yet common issue with the source / medium report that we see during audits and setups.

It’s the issue of proper attribution of conversions/ecommerce transactions towards a traffic source in the presence of payment gateway referral traffic. In many cases the implementation of a payment gateway requires that some traffic is sent to the payment gateway site and back to your site. This results in a visit with source “your payment gateway domain” and medium “referral” to be recorded in Google Analytics.

PayPal Referrer

In the example above we see a very common scenario: being recorded as the source for all or some of the transactions.

Why does it happen?

Google Analytics starts a new session whenever a user comes to the site from a traffic source different than the previous one (and when it’s not a direct visit), even if the previous session hasn’t expired. The user browses your site and decides to purchase. You send them to the payment gateway one way or another and then he’s sent back after a successful transaction. When the user arrives at the site from the gateway the HTTP headers contain referrer information saying that the visitor is coming from your payment gateway hostname, in the example above: Many of the other popular payment gateways like Shopify, Authorize, WorldPay, Gate2Shop, etc. also employ a similar solution which results in referrer traffic from them getting credit for your ecommerce transactions.

What’s the harm?

The harm is rather obvious: it prevents you from seeing the original traffic source that was responsible for bringing the transaction. Instead of seeing you got 50 transactions from Google / Organic and 100 more from Google / CPC you now see 150 transactions coming from / Referral.

Sure, you can extract the data with some work using the MCF reports or the Attribution Modeling tool, but why? The payment gateway as referrer tells you nothing you didn’t know and is in this sense a data pollution that should be avoided.

How to determine if you are affected?

You should check for sessions, coming from your payment gateway’s domain name (or in some cases names). You can do that by navigating to the Acquisition > All Traffic > Source/Medium report in Google Analytics.

If you are using our Google Analytics Health Checker tool you now have an in-built function that automatically performs this for you. When you run the health report, you’ll get a FAIL and a short description of the issue if we detect such traffic from a list of over 20 popular payment gateways. A table showing the traffic source/medium that the tool identified as wrongly attributed payment gateway traffic is shown as well, containing data about the number of sessions, number of transactions and the transactions per session for each source.

Payment Gateway Referrer Example

How to exclude payment gateway referrers?

There are two methods to accomplish this.

First method: the Referral Exclusion List

If you are using Universal Analytics, the recommended way to do this is to use the Referral Exclusions feature. It’s accessible via the Google Analytics interface under Admin > (Property) Tracking Info > Referral Exclusion List. You need to add the hostname – either the domain name or a specific subdomain only, to the list. This assures that a visit with a referrer field set to a URL under that hostname will not start a new session if there is already an active session.

Here is what our Referral Exclusion List looks like:

Referral Exclusion List

The important line here is, since this is our shopping gateway hostname. This way we don’t see visits from our gateway when you sign up for a paid plan with us.

Second method – utm_nooverride=1

This was the only method before Universal Analytics. However, prior to UA there was also much less need for it, since for a very long time Google Analytics wouldn’t start a new session for the same visitor if an old one has not yet expired. Then, when they made the change the need to use utm_novverride=1 suddenly jumped and that’s why they added the Referral Exclusion List as a feature.

utm_nooverride=1 is a parameter that you attach to your payment gateway return pages. Say your return page is /checkout/payment/success. You need to provide this URL to your payment gateway: /checkout/payment/success?utm_nooverride=1 . This way Google will ignore the referrer information for this session if there is already another session in progress. This is not what this parameter was originally intented for, but it does the job nicely as I can confirm through my deployment of such solutions.

Remember, you need to do this for all links from the payment gateway to your site and this is not a recommended solution if you are on Universal Analytics.

Georgi Georgiev is a managing owner of digital consultancy agency Web Focus and the creator of His 16 years of experience with online marketing, data analysis & website measurement, statistics and design of business experiments include owning and operating over a dozen websites and hundreds of consulting clients. Georgi is also the author of the book "Statistical Methods in Online A/B Testing" as well as several white papers on statistical analysis of A/B tests. He’s been a lecturer on dozens of conferences, seminars, and courses, including as Google Regional Trainer for Bulgaria and the region.

Facebook Twitter LinkedIn 

Payment Gateway Referral Exclusions in Google Analytics by
This entry was posted in Google Analytics and tagged , , , , . Bookmark the permalink. Both comments and trackbacks are currently closed.


  1. Posted July 3, 2015 at 9:48 am | Permalink

    Very good article !
    I’ve got a question :
    we’ve migrated recently to universal anlytics and we use a lot payment gateways. Since migration, all the transactions come from referrals and not ppc or organic search.
    If we use referral exclusion, can we link transactions with ppc and organic search ?

    • Posted July 3, 2015 at 2:06 pm | Permalink

      Hi Matthieu,

      Yes, if the transactions are coming from your payment gateways as referrals, then using referral exclusions is the way to go.


      • Posted January 13, 2016 at 11:04 am | Permalink

        Hi Georgi Georgiev,

        We have added the payment gateway domain name in exclusion list but now google analytic showing payment gateway name in “Direct Traffic”.
        Before that its showing “Referral Traffic”.
        How you please help in this issue. We have magento community edition store.

  2. Posted July 27, 2015 at 1:54 pm | Permalink

    For Google Universal Analytics, is that the only way to fix this problem? I am looking for a workaround that doesn’t require changing settings in the admin page.

    The reason is that I am managing 600+ Analytics accounts that need this fix, and manually updating the Referral Exclusion List for each account will take a lot of time. I need an alternative similar to option #2, where I can have a URL parameter or where I can send some kind of settings to analytics.js just before it tracks the pageview, telling it to keep the original referral / analytics session.

    • Posted July 27, 2015 at 8:45 pm | Permalink

      Hi Costin,

      I don’t think there is an easy way to update 600+ analytics accounts with referral exclusion settings as the API doesn’t support this atm (as far as I know). I think you can still use option #2, but you need to make sure you tag all links, otherwise some payment gateway traffic may override your original referral.


      • Posted July 28, 2015 at 8:11 am | Permalink

        Ok, I will try, although I’ve seen other articles saying that this fix no longer works with Google Universal Analytics…

  3. Posted August 3, 2015 at 4:17 pm | Permalink

    We seem to have been upgraded to Universal Analytics when migrating our ecommerce website to a new platform. It is exactly doing as you described – counting all the paypal traffic as referral traffic when someone pays. Once I exclude the referral domain from paypal, will the cpc traffic that was originally routing via paypal reappear in my referral traffic reports? I have it set up so that I can see cost and revenue in a weekly report and really need to track this info.
    Thanks in advance.

    • Posted August 3, 2015 at 4:23 pm | Permalink

      Hi Sandra,

      Using the above solution isn’t removing PayPal traffic from your reports, rather it makes it so that PayPal doesn’t rewrite your original (true) referrer in Google Analytics. It has no bearings on revenue tracking per se. It also has no bearing on how your CPC traffic is tracked.


  4. Posted September 1, 2015 at 4:37 pm | Permalink

    Hi Georgie,

    Very useful article, thanks! I’ve tried the first method to filter out the payment referrals. However, the referrals still show instead of the original source.

    What am I missing here?

    Thanks in advance!

    • Posted September 1, 2015 at 4:45 pm | Permalink

      Hi Vi,

      Looks OK, if the sources are these. You should check your reports in a few days and see if these sources disappear after the day you applied the exclusion rules (note that this is not applied retroactively).

      If you still have issues, we’d be happy to help via our consulting service. Reach us via our contact form if you want to know more.


      • Posted September 2, 2015 at 8:32 pm | Permalink

        Seems to work just fine. Thanks again for sharing, keep up the good work :-)!

  5. Posted September 10, 2015 at 8:08 pm | Permalink

    Hi! great post.
    Have ever experienced a case were a domain is listed in the Referral Exclusion List but it keeps appearing in the results? I’m not saying past results, I mean when checking results from days after the domain being added to the list.

    • Posted September 10, 2015 at 8:13 pm | Permalink

      Hi Ariel,

      Yes, it’s possible. If there is no prior active session (that has not yet expired) then there should be a session registered with that referral. “When you exclude a referral source, traffic that arrives to your site from the excluded domain doesn’t trigger a new session”. (from the Google docs)


  6. Posted October 7, 2015 at 11:05 am | Permalink

    I have tried excluding refferals in admin section, but still am seeing few refferals with the payment gateways.

    Our site is still http, and payment gateways are https, does this have any impact?

    i have added the exact subdomain of payment gateway too but still the problem exists.

    • Posted October 7, 2015 at 5:45 pm | Permalink

      Depending on your implementation a session might end while the users is at the payment gateway so when he returns he’ll still be counted as being referred from there.

  7. Posted October 23, 2015 at 8:51 am | Permalink

    Dear Georgi Georgiev,
    We use First method: the Referral Exclusion List for our store, But now its showing Direct Traffic instead of Referral Traffic.
    We can’t edit the payment gateway pages for second method. Is there any solution for first method.
    Please advice.

    YLP Team.

    • Posted November 12, 2015 at 8:05 pm | Permalink

      Dear Georgi,
      I seem to have the same issue as Suresh and the YLP Team with Direct traffic. Is there a way arround this?

      • Posted November 12, 2015 at 10:37 pm | Permalink


        This is not what usually happens. This should only happen if people come back from the payment gateway after their session has expired and even then it mostly shouldn’t happen.

        You can try increasing the session length if there is reasonable suspicion that that’s what’s happening.

        Otherwise it’s an issue for a 1 to 1 consultation, not a blog forum discussion…


  8. Posted November 11, 2015 at 11:00 am | Permalink

    Hi Georgi,

    I dont have this with payment refferals but with confirmation emails. GA gives credit to the email (they get a confirmation email) as refferal channel. How can i change it so that it gives the refferal credit to the primary channel (organic, cpc, social etc)? I tried searching for data about utm_nooverride=1 but they dont seem to work with UA.
    Thanks in advanced.


    • Posted November 11, 2015 at 3:56 pm | Permalink

      Hi Randy,

      If you’re UTM tagging those links, don’t. If you’re not and you’re simply getting traffic from webmail services as referrals, then maybe you can add the webmail domains as referral exclusions? If this doesn’t help then the MCF and Attribution Modeling reports are your best friends.


  9. Posted February 7, 2016 at 11:50 pm | Permalink

    Hi Georgi,

    Thanks for this great article.

    Just to clarify, if I use method 1, the revenue will be attributed to the original source (rather than the referral), correct? Or will it be attributed to Direct?


    • Posted February 9, 2016 at 10:07 pm | Permalink

      Hi Jake,

      Revenue will be attributed to the original source in most cases.


  10. Posted March 21, 2016 at 2:34 pm | Permalink

    Hi Georgi,

    What would be alternative recommended method to utm_nooverride for GA Universal. I’m looking for a solution to exclude referrals from emails which function as customer’s account updates (password/personal info change).

    Thank you

  11. Posted May 25, 2017 at 9:43 am | Permalink

    Hi Georgi,

    Could you please provide more info about how to do this “Sure, you can extract the data with some work using the MCF reports or the Attribution Modeling tool, ” ?


    • Posted May 25, 2017 at 9:50 am | Permalink

      Hello Gabriel,

      This would take way more time and space than a comment section allows. You can refer to the relevant GA documentation, online courses, etc.