Skip to main content
  • Customer Experience
    Customer Experience
  • Employee Experience
    Employee Experience
  • Brand Experience
    Brand Experience
  • Product Experience
    Product Experience
  • Core XM
    Core XM
  • Design XM
    Design XM

Browser Compatibility & Cookies

Was this helpful?


This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The feedback you submit here is used only to help improve this page.

That’s great! Thank you for your feedback!

Thank you for your feedback!

About Browser Compatibility & Cookies

This page details Qualtrics’ browser compatibility. It also lists all the cookies Qualtrics places on your browser when you are taking a survey; these cookies are generally meant to help keep track of survey sessions so that they aren’t repeated, or to maintain the session.

Browser Compatibility

Qualtrics is committed to providing secure, high quality products that are functional and consistent across the most popular modern web browsers. Qualtrics officially supports all of its web-based products in OEM (Original Equipment Manufacturer) supported versions of the following browsers:

  • Apple Safari
  • Google Chrome
  • Microsoft Edge (Chromium Version)
  • Mozilla Firefox
Attention: Qualtrics has ended support for the Internet Explorer browser as of June 15, 2022. This is in line with Microsoft’s decision to end support for the Internet Explorer browser.

Versions of these browsers no longer supported by their maker may not function as intended and may expose the user to inherent security vulnerabilities. Qualtrics recommends that users always use the most up-to-date version of their browser.

Qtip: Be sure to disable compatibility mode on your browser when using Qualtrics as it will run older versions of browsers on the site and could degrade your experience.
Attention: Qualtrics is dedicated to protecting all customer data using industry best standards. Users or survey participants on end-of-life browsers (e.g., Internet Explorer) may encounter the following error when accessing the XM Platform: “Internet Explorer cannot display the webpage.” We strongly recommend upgrading to a supported operating system and browser to ensure compatibility with our encryption ciphers. If it is not possible to migrate from Windows XP to a supported Operating System, it may be possible to use an alternative browser with the necessary ciphers, such as Mozilla Firefox Extended Support Release.
Qtip: If you cannot access Qualtrics, you may need to update your browser to ensure it meets industry TLS upgrades.

Storing Multiple Sessions on the Same Browser

This cookie is placed when you start a survey session on the same browser where you are working on another one.

Cookie name: Hash of the sessionID and query parameters that maps to a sessionID

Expires: Up to 1 year or when the session is complete

Starting a Survey Session with Prevent Multiple Sessions Enabled

Appears when the Prevent multiple submissions option is enabled. The purpose of this cookie is to record the survey taken and prevent the user from taking the survey again.

Cookie name: QST

Expires: 6 months

Qtip: This is a third party cookie. This cookie is always marked as Secure; SameSite=None in order to comply with common third party cookie restrictions.
Qtip: The QST cookie will always be set.

Resuming an SSO Authenticated Survey

This cookie is for surveys using an SSO Authenticator. This cookie helps inform Qualtrics what session to reload after the respondent leaves and comes back.

Cookie name: <surveyid><statedata>-reloadSession

Expires: 15 minutes

Starting a Survey Session with Allow Respondents to Continue Later Enabled

Appears when you start a session with Allow respondents to finish later enabled.

Cookie name: A hash of the url that may be appended with ‘-singleReload’

Cookie value: FS_12345678~jfe2

Submitting Survey Sessions

These cookies appear when you submit a survey session while Allow respondents to finish later and Prevent multiple submissions are enabled in the survey options.

Cookie name: QST

Cookie value: The Survey ID (e.g., SV_12345678)

Qtip: This is a third party cookie. This cookie is always marked as Secure; SameSite=None in order to comply with common third party cookie restrictions.
Qtip: The QST cookie will always be set.

Behavior of QST and session cookies: 2+ Page Survey

Whenever a survey is taken, a session cookie is dropped, with the expiration date matching with whatever is set for the incomplete survey responses setting in survey options. So, for example, if my Incomplete survey responses setting is set to 1 week, the survey will drop a session cookie that expires one week from when I clicked the survey link. This cookie allows Qualtrics to keep track of when an incomplete survey should be recorded as a response.

Console indicating a survey session cookie and its expiration

If the survey remains incomplete, this cookie will stay here until it expires. However, if the survey is submitted, it will transform into the QST (Qualtrics Survey Tracker) cookie. For 2+ page survey, the QST cookie expiration date will default to 6 months after the date the survey was started.

Console indicating the QST cookie and its expiration

Behavior of QST cookie: 1 Page Survey

The QST cookie behaves slightly differently for a one page survey. Because there is only one page of the survey, the survey does not get a chance to drop a session cookie because the survey is submitted. A consequence of this is that the QST cookie that is dropped after submission has a different expiration date than for 2+ page surveys. Rather than defaulting to 6 months after the survey was started, the expiration of the QST cookie matches the setting for incomplete survey responses in survey options.

Console indicating a QST cookie and its expiration

TLS Encryption

This cookie is used for tracking clients connecting to Qualtrics using TLS1.0. Qualtrics is working to deprecate TLS1.0 in the future.

Cookie name: TRACK_TLS1_0

Cookie value: TRUE

Security

This is a temporary cookie used for security while survey taking. It is only stored as long as the browser is open.

Cookie name: XRSF-TOKEN

Cookie type: Session

Bot Manager Cookies

The cookies in this section are used to help distinguish between real website traffic from bot traffic. These cookies come from the Akamai’s Bot Manager solution being used inside the Qualtrics platform.

ak_bmsc

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used to track the progress of the session going through the standard detection workflow. When present, it is also used as the identifier instead of the IP address for bot rate control rules.

Cookie name: ak_bmsc

Expires: 2 hours

Size: approximately 300 bytes

HttpOnly set by default: true

Secure flag enabled by default: false

SameSite set by default: false

bm_mi

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used to track the progress of the session through the browser validation detection method.

Cookie name: bm_mi

Expires: 2 hours

Size: approximately 270 bytes

HttpOnly set by default: true

Secure flag enabled by default: false

SameSite set by default: false

bm_sv

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used as part of the session validation detection method and keeps track of the number of HTML pages and Ajax requests the client makes.

Cookie name: bm_sv

Expires: 2 hours

Size: approximately 200 bytes

HttpOnly set by default: true

Secure flag enabled by default: false

SameSite set by default: false

bm_sz

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used as part of the behavior anomaly detection method of Bot Manager Premier, it is also known as the short term cookie. It references the telemetry collected during the session.

Cookie name: bm_sz

Expires: 4 hours

Size: approximately 230 bytes

HttpOnly set by default: true

Secure flag enabled by default: false

SameSite set by default: false

_abck

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used as part of the behavior anomaly detection method of Bot Manager Premier, it is also known as the long term cookie. It is used to track a user’s past behavior on a protected site. It is also used to control the behavior of the JavaScript on the client side, in particular the telemetry collection process and plays a role in the Proof of Work challenge process.

Cookie name: _abck

Expires: 1 year

Size: approximately 340 bytes

HttpOnly set by default: false

Secure flag enabled by default: true (if HTTPS traffic)

SameSite set by default: false

sec_cpt

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used as part of the challenge action (Captcha, PoW, behavioral) available in the behavior anomaly detection method of Bot Manager Premier. This cookie tracks the state of the challenge process.

Cookie name: sec_cpt

Expires: 5 to 120 minutes

Size: approximately 345 bytes

HttpOnly set by default: false

Secure flag enabled by default: true (if HTTPS traffic)

SameSite set by default: false

ak_wfSession

This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used as part of the Bot Manager Standard and Bot Manager Premier workflow validation feature.

Cookie name: ak_wfSession

Expires: 2 hours

Size: Variable size

HttpOnly set by default: true

Secure flag enabled by default: false

SameSite set by default: false

FAQs