Skip to main content
Skip to article
  • Qualtrics Platform
    Qualtrics Platform
  • Customer Journey Optimizer
    Customer Journey Optimizer
  • XM Discover
    XM Discover
  • Qualtrics Social Connect
    Qualtrics Social Connect

Browser Compatibility & Cookies

Was this helpful?


This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The feedback you submit here is used only to help improve this page.

That’s great! Thank you for your feedback!

Thank you for your feedback!

About Browser Compatibility & Cookies

This page details Qualtrics’ browser compatibility. It also lists all the cookies Qualtrics places on your browser when you are taking a survey; these cookies are generally meant to help keep track of survey sessions so that they aren’t repeated, or to maintain the session.

Browser Compatibility

Qualtrics is committed to providing secure, high quality products that are functional and consistent across the most popular modern web browsers. Qualtrics officially supports all of its web-based products in OEM (Original Equipment Manufacturer) supported versions of the following browsers:

  • Apple Safari
  • Google Chrome
  • Microsoft Edge (Chromium Version)
  • Mozilla Firefox
Attention: Qualtrics has ended support for the Internet Explorer browser as of June 15, 2022. This is in line with Microsoft’s decision to end support for the Internet Explorer browser.

Versions of these browsers no longer supported by their maker may not function as intended and may expose the user to inherent security vulnerabilities. Qualtrics recommends that users always use the most up-to-date version of their browser.

Qtip: Be sure to disable compatibility mode on your browser when using Qualtrics as it will run older versions of browsers on the site and could degrade your experience.
Attention: Qualtrics is dedicated to protecting all customer data using industry best standards. Users or survey participants on end-of-life browsers (e.g., Internet Explorer) may encounter the following error when accessing the XM Platform: “Internet Explorer cannot display the webpage.” We strongly recommend upgrading to a supported operating system and browser to ensure compatibility with our encryption ciphers. If it is not possible to migrate from Windows XP to a supported Operating System, it may be possible to use an alternative browser with the necessary ciphers, such as Mozilla Firefox Extended Support Release.
Qtip: If you cannot access Qualtrics, you may need to update your browser to ensure it meets industry TLS upgrades.

Storing Multiple Sessions on the Same Browser

This cookie is placed when you start a survey session on the same browser where you are working on another one.

Cookie name: Hash of the sessionID and query parameters that maps to a sessionID

Expires: Up to 1 year or when the session is complete

Starting a Survey Session with Allow Respondents to Continue Later Enabled

Appears when you start a session with “Allow respondents to finish later” enabled.

Cookie name: A hash of the url that may be appended with ‘-singleReload’

Cookie value: FS_12345678~jfe2

Expires: 5 minutes

Submitting Survey Sessions

This cookies enforces the “Prevent multiple submissions” setting in survey options. It only appears once a survey session has been submitted.

Cookie name: QST

Cookie value: The Survey ID (e.g., SV_12345678)

Expires: 6 months

Qtip: This is a third party cookie. This cookie is always marked as Secure; SameSite=None in order to comply with common third party cookie restrictions.
Qtip: The QST cookie will always be set.

Behavior of QST and session cookies: 2+ Page Survey

Whenever a survey is taken, a session cookie is dropped, with the expiration date matching with whatever is set for the incomplete survey responses setting in survey options. So, for example, if my Incomplete survey responses setting is set to 1 week, the survey will drop a session cookie that expires one week from when I clicked the survey link. This cookie allows Qualtrics to keep track of when an incomplete survey should be recorded as a response.

Console indicating a survey session cookie and its expiration

If the survey remains incomplete, this cookie will stay here until it expires. However, if the survey is submitted, it will transform into the QST (Qualtrics Survey Tracker) cookie. For 2+ page survey, the QST cookie expiration date will default to 6 months after the date the survey was started.

Console indicating the QST cookie and its expiration

Behavior of QST cookie: 1 Page Survey

The QST cookie behaves slightly differently for a one page survey. Because there is only one page of the survey, the survey does not get a chance to drop a session cookie because the survey is submitted. A consequence of this is that the QST cookie that is dropped after submission has a different expiration date than for 2+ page surveys. Rather than defaulting to 6 months after the survey was started, the expiration of the QST cookie matches the setting for incomplete survey responses in survey options.

Console indicating a QST cookie and its expiration

Security

This is a temporary cookie used for security while survey taking. It is only stored as long as the browser is open.

Cookie name: XRSF-TOKEN

Cookie type: Session

Secure File Access

Allows a user to access a previously uploaded file when resuming a session.

Cookie name: ‘SFA’

Cookie value: SessionID

Expires: 6 months

Auth Session Cookie

Keeps track of a user’s logged in status after passing an authenticator with the “Require respondents to authenticate again if they resume their session later” authenticator setting enabled.

Cookie name: ‘reauth-<hash of session ID and authenticator flow ID>’

Cookie value: <signed-login-token>

Expires: 1 hour

PreviewDC Cookie

Used to keep track of state while interacting with a preview link.

Cookie name: ‘previewDC’

Cookie value: <internal Qualtrics ID>

Bot Manager Cookies

The cookies in this section are used to help distinguish between real website traffic from bot traffic. These cookies come from the Akamai’s Bot Manager solution being used inside the Qualtrics platform.

ak_bmsc

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used to track the progress of the session going through the standard detection workflow. When present, it is also used as the identifier instead of the IP address for bot rate control rules.

Cookie name: ak_bmsc

Expires: 2 hours

Size: approximately 300 bytes

HttpOnly set by default: true

Secure flag enabled by default: false

SameSite set by default: false

bm_mi

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used to track the progress of the session through the browser validation detection method.

Cookie name: bm_mi

Expires: 2 hours

Size: approximately 270 bytes

HttpOnly set by default: true

Secure flag enabled by default: false

SameSite set by default: false

bm_sv

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used as part of the session validation detection method and keeps track of the number of HTML pages and Ajax requests the client makes.

Cookie name: bm_sv

Expires: 2 hours

Size: approximately 200 bytes

HttpOnly set by default: true

Secure flag enabled by default: false

SameSite set by default: false

bm_sz

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used as part of the behavior anomaly detection method of Bot Manager Premier, it is also known as the short term cookie. It references the telemetry collected during the session.

Cookie name: bm_sz

Expires: 4 hours

Size: approximately 230 bytes

HttpOnly set by default: true

Secure flag enabled by default: false

SameSite set by default: false

_abck

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used as part of the behavior anomaly detection method of Bot Manager Premier, it is also known as the long term cookie. It is used to track a user’s past behavior on a protected site. It is also used to control the behavior of the JavaScript on the client side, in particular the telemetry collection process and plays a role in the Proof of Work challenge process.

Cookie name: _abck

Expires: 1 year

Size: approximately 340 bytes

HttpOnly set by default: false

Secure flag enabled by default: true (if HTTPS traffic)

SameSite set by default: false

sec_cpt

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used as part of the challenge action (Captcha, PoW, behavioral) available in the behavior anomaly detection method of Bot Manager Premier. This cookie tracks the state of the challenge process.

Cookie name: sec_cpt

Expires: 5 to 120 minutes

Size: approximately 345 bytes

HttpOnly set by default: false

Secure flag enabled by default: true (if HTTPS traffic)

SameSite set by default: false

ak_wfSession

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used as part of the Bot Manager Standard and Bot Manager Premier workflow validation feature.

Cookie name: ak_wfSession

Expires: 2 hours

Size: Variable size

HttpOnly set by default: true

Secure flag enabled by default: false

SameSite set by default: false

FAQs