Photo of Terence Eden. He has a beard and is smiling.

Stop adding email tracking links to phone numbers!

By · · 6 comments · 500 words · read ~9,231 times.

My Chinese takeaway delivery was late. Very late. I flipped open the confirmation email sent by Just-Eat to double-check I had all the details correct. At the bottom was a "click to call" link. Hurrah!

I clicked dial, and this is what filled my screen:

Phone dialler with a very long phone number.

An absurdly long phone number. Bemused, I went to inspect the link I'd clicked. This is what it showed:

Gmail showing the tel URl scheme of a link with extra tracking information in it.

The tel: URl scheme is brilliant. You can write something like:

<a href="tel:07700 900123">Call Me!</a>

And when you click on Call Me! your phone dialler will pick up the phone number and offer to place the call. Nifty!

In this case, the crappy marketing system is adding Urchin Tracking Module parameters to every link. Including the phone numbers.

tel:02083178830?utm_medium=ecrm

&utm_source=email

&utm_campaign=TRAN

&utm_content=UK_TRAN_01_0_ORDER-CONFIRMATION_E_V01

&campaign=TRAN

&adgroup=UK_TRAN_01_0_ORDER-CONFIRMATION_E_V01

&utm_term=restaurant_phone_3_3

To be clear - this is useless. The user clicks on the phone number, the device passes the URl directly to the phone dialler. An HTTP request is never made and those parameters are never sent to a server.

Now, in fairness, perhaps my Android dialler should probably be smart enough to recognise the cruft at the end of a phone number and discard it. This is Postel's Law in action.

Except... My reading of the RFC says that the dialler is handling things correctly.

If the reserved characters "+", ";", "=", and "?" are used as delimiters between components of the "tel" URI, they MUST NOT be percent encoded. These characters MUST be percent encoded if they appear in tel URI parameter values.

For example, if I wanted to dial +447... I should use tel:%2B447...

The dialler sees the unencoded ? and treats it as a delimiter. It then sees utm and assumes the letters are part of the phone number. Just like you can dial 1-800-FLOWERS, you can write tel:1-800-FLOWERS and have it go through to 1-800-356-9377.

utm medium on a telephone keypad is 886633486 - which is exactly what appeared on my phone screen.

So, if you're writing link tracking software, please make sure only to add parameter to URls where it makes sense.

In the time it took me to write this post, my meal got delivered and it was delicious!

Share this post on…

  • Mastodon
  • Facebook
  • LinkedIn
  • BlueSky
  • Threads
  • Reddit
  • HackerNews
  • Lobsters
  • WhatsApp
  • Telegram

6 thoughts on “Stop adding email tracking links to phone numbers!”

    1. says:

      This is a pretty cool idea for an extension, but I had a good laugh when I read "bare minimum permissions" in the description and it proceeded to ask me for access to "your data for all websites".

      I know that this is the only way to make this happen using Firefox's permission model, but it's still a bit more trust than I'm willing to give :/

      Reply

  4. Stavros says:

    This really looks like a bug though, nobody is doing this intentionally because there's no benefit and it just breaks functionality.

    Reply

    1. J says:

      Isn't the point of the whole blog post to point out the bug on Just Eat's website? Or did you mean a bug in something else? The dialer seems to be following the standard correctly.

      Reply

What are your reckons?

All comments are moderated and may not be published immediately. Your email address will not be published.

Allowed HTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <p> <pre> <br> <img src="" alt="" title="" srcset="">