Why Shopify Marks Logged-In and Cross-Device Orders as Direct

TL;DR

A cross-device or different-browser purchase lands as Direct in Shopify because attribution rides on a single per-device cookie, not on the logged-in customer ID. The shopper clicks an ad on their phone, comes back on a laptop, signs in, and buys. The laptop has no referrer cookie, so the Last non-direct click model finds no non-direct source and credits Direct. Logging in does not rescue it: Shopify says storefront data includes cross-device reporting, but it does not document a login-based stitching key for the per-order source. This is a structural property of single-cookie attribution, not a bug and not something a tracking app rewrites. What a tracking app can change is whether GA4, Meta, TikTok, Google Ads, and Reddit still match that buyer on their own side using a persistent identifier carried in a server-side event.

Key Takeaways

• Shopify storefront attribution uses one per-device cookie to identify the visitor and a second cookie for the session, so a different browser or device looks like a brand-new visitor with no referrer.
• The default marketing model is Last non-direct click over a 30-day window. When a session has no non-direct referrer, there is nothing to credit, so the order becomes Direct.
• Logging in does not merge the cross-device journey in Shopify's per-order source attribution. Shopify states storefront data includes cross-device reporting since March 1, 2023, but never documents the join key.
• Five conditions push an order to Direct: a new browser, a new device, cleared cookies, an expired 30-day window, and a session with no cookie consent.
• No software changes Shopify's native Direct label. WeltPixel Conversion Tracking is read-only with respect to Shopify's source attribution.
• A tracking app can still keep GA4, Meta, TikTok, Google Ads, and Reddit crediting the conversion by sending server-side events that carry a persistent identifier, so the buyer matches even when the browser story breaks.

How does Shopify decide an order is Direct?

Shopify's storefront attribution reads the referrer recorded on the session that ends in a purchase, then applies a model. Marketing-activity reports default to Last non-direct click, and reports that combine sales metrics with marketing dimensions default to Last click. In Shopify's own words, the model "gives 100% of attribution credit to the last channel that the customer interacts with before making a purchase, excluding direct visits. If a customer's journey contains only direct traffic, then their order is attributed as direct, as there's no non-direct source to attribute to." [1]

That last clause is the whole article. Direct is not a real channel. It is the fallback bucket Shopify uses when a converting session has no non-direct referrer it can read. The lookback is 30 days: if a visitor does not buy within 30 days of a session, the stored first-interaction referrer is reset. [1] So two things have to survive for an order to get credited to a real channel: a referrer cookie on the converting device, and a purchase inside the 30-day window. Break either one and the math collapses to Direct. This is the same fallback logic that produces a high Direct share for plenty of legitimate orders, covered in how Shopify attribution works.

Why does logging in not fix cross-device attribution?

Here is the part that surprises most operators. You would expect a signed-in customer ID to stitch the phone session and the laptop session into one journey. In Shopify's storefront source attribution, it does not.

The reason is the cookie. Shopify's own discrepancies documentation describes the mechanism plainly: "One cookie identifies the device (the visitor). Another cookie keeps track of the length of the session." [2] The identity that drives attribution is per-device and per-browser. A laptop that has never seen your store has no visitor cookie carrying the phone's ad referrer. When the shopper signs in and checks out, Shopify processes that laptop session on its own, with no referrer to inherit, so Last non-direct click finds no non-direct source and credits Direct.

Login happens at the account layer, not the attribution layer. Shopify states that since March 1, 2023, storefront data includes cross-device reporting, but it does not publish how it stitches sessions across devices, and it does not document the logged-in customer ID as the per-order source-attribution key. [3] So the honest framing is narrow: Shopify asserts cross-device reporting exists at the aggregate level, while the per-order Direct label you see on an individual cross-device purchase is the expected output of a per-device cookie. Do not assume signing in repairs the source on that order. The contrast with GA4, which does expose a login-based identity layer, is the next section.

Where does GA4 handle this differently?

GA4 has an identity stack that Shopify storefront attribution does not. Shopify's native model is roughly equivalent to GA4's device-only layer: one first-party browser cookie. GA4 stacks three more layers on top of that.

GA4's reporting identity can resolve a user "By User-ID, device ID, then modeling" in its blended setting. [4] User-ID lets you attach your own persistent logged-in ID to "connect their behavior across different sessions and on various devices and platforms." [5] Google Signals adds a cross-device view for users signed in to Google with Ads Personalization on. [6] And behavioral modeling estimates activity for users who decline consent. The device-ID layer at the bottom "gets its value from the client ID property of the _ga cookie," [7] which is the same single-cookie limitation Shopify lives with. The difference is the three layers above it.

This is why GA4 can sometimes credit a real source on an order Shopify shows as Direct: it has a login-based and a Google-account-based way to recognize the same person across devices, where Shopify's storefront attribution has only the cookie. GA4's own model mechanics, and where they diverge from last-click, are in GA4 attribution models on Shopify. One caution: User-ID is a GA4 capability you configure, not something every Shopify tracking setup sends. Whether your GA4 actually has it active is worth checking before you assume GA4 is recovering anything.

When exactly does an order fall to Direct?

The trigger conditions are mechanical and worth memorizing. Each one severs the link between a real referrer and the converting session.

Cookie consent matters more than people expect. Shopify counts a session "only when visitors consent to cookies through your cookie banner," so a converting session without consent has no referrer attached to begin with. [8] A logged-in shopper hits several of these at once: they are the people most likely to return on a different device, days later, after the window or the cookie has lapsed. That is why high-repeat and account-driven stores see more cross-device Direct than a one-visit impulse-buy store does. The same lost-identity problem on the platform side shows up as GA4 unattributed orders.

Verify the pattern on your own store

You can confirm this in about five minutes with one real order.

1. In Shopify Admin, open Orders and pick a recent order from a known returning or logged-in customer.
2. Scroll to the Conversion summary on the order page. It shows the first-visit origin, total visits in the last 30 days, and days between first and last visit. [9] Note whether the recorded journey matches how that customer actually found you.
3. Go to Analytics → Reports → Sessions by referrer for the same window and find where Direct sits relative to your real channels. [10]
4. If you run GA4, open Explore, filter to the transaction_id that matches the Shopify order, and read its session source.
5. Compare. When Shopify shows Direct but GA4 shows a real source, you have just watched a per-device cookie lose the journey that GA4's identity layer kept. When both show Direct, the source was genuinely unrecoverable on that session.

This makes the abstraction concrete: you are not looking at broken tracking, you are looking at a converting session that arrived without a referrer.

What can a tracking app actually change here?

Keep two systems separate, because conflating them is where bad expectations come from. The first is Shopify's own source attribution, which produces the Direct label. The second is the conversion matching that happens inside GA4, Meta, TikTok, Google Ads, and Reddit.

No software rewrites the first one. WeltPixel Conversion Tracking does not touch, relabel, or reduce Shopify's native Direct count. It reads Shopify's order signals but never sets the store's referrer or sales attribution. If your goal is a lower Direct number in Shopify Analytics, there is no app fix; the lever is UTM discipline on links you control and reading the per-order Conversion summary for the multi-visit context.

What WCT changes is the second system. It carries persistent identifiers into server-side conversion events sent from the Shopify order webhook: a GA4 client_id, and the logged-in customer ID hashed as an external_id for Meta, TikTok, and Reddit, plus the Google Ads click-ID and hashed user-data path. Because those events fire server-side, they reach each platform even when the browser pixel never did, and they give each platform a stable key to match the buyer on. So the cross-device purchase that shows Direct in Shopify can still be credited to its real campaign inside Meta or Google Ads, where the budget decisions actually happen. The question to ask is which problem you are solving: a report label, or lost conversions in your ad platforms. Only the second is solvable, and that is the platform-side lever.

FAQ

Does logging in connect a shopper's journey across devices in Shopify?

Not in Shopify's per-order storefront source attribution. Attribution rides on a per-device browser cookie, so a different device has no referrer to inherit. Shopify says storefront data includes cross-device reporting at the aggregate level since March 1, 2023, but it does not document the logged-in customer ID as the per-order source key.

Why does Shopify show Direct when GA4 shows a real source for the same order?

Shopify's native attribution has only a single per-device cookie. GA4 adds User-ID, Google Signals, and modeling on top of its _ga device cookie, so GA4 can sometimes recognize the same person across devices and credit a source where Shopify cannot.

Can WeltPixel Conversion Tracking lower my Direct order count in Shopify?

No. WCT is read-only with respect to Shopify's native source attribution and does not change the Direct label. It improves conversion matching inside GA4, Meta, TikTok, Google Ads, and Reddit so those platforms keep crediting the buyer even when Shopify shows Direct.

What is the difference between Direct and Unknown in Shopify?

Direct means the journey had no non-direct referrer to credit, such as a typed URL or a referrer-less session. Unknown means the referrer did not fit any known case, for example Do Not Track, a proxy or firewall, or a shortened URL. They are separate buckets.

Keep the conversion even when Shopify shows Direct

Shopify will label cross-device and logged-in purchases as Direct, because that is how a single per-device cookie works, and no app rewrites it. The cost is not the label; it is the conversion that quietly drops out of your ad platforms when the browser pixel misses. WeltPixel Conversion Tracking sends every Shopify order to GA4, Meta, TikTok, Google Ads, and Reddit server-side, carrying the GA4 client ID and a hashed logged-in customer ID, so each platform can still match the buyer and credit the right campaign.

Install WeltPixel Conversion Tracking on the Shopify App Store

Sources

1. Shopify Help Center: Marketing reports and attribution models
2. Shopify Help Center: Customer discrepancies
3. Shopify Help Center: Analyze your marketing performance
4. Google Analytics Help: Reporting identity
5. Google Analytics Help: User-ID for cross-platform analysis
6. Google Analytics Help: Activate Google Signals
7. Google Analytics Help: Device ID
8. Shopify Help Center: Analytics fields
9. Shopify Help Center: Conversion summary
10. Shopify Help Center: Acquisition reports