Server sending expired fbclid value in fbc parameter

Meta is flagging that our server is sending fbclid values in the fbc parameter that are older than 90 days. The issue affects approximately 9% of our total events, including AddToCart, Purchase, and PageView.

Background & Analysis

Data Source: We use a Server-to-Server (S2S) approach to pass fbc and fbp values. These values are retrieved directly from client-side cookies set by Meta.

Cookie Validity: Our tests confirm that the _fbc and _fbp cookies are correctly set with a 90-day expiration period. We cannot reproduce the error in our testing environment.

Storage & Logic: There is no secondary storage (e.g., server-side sessions, cache) for these values. We also do not perform a server-side check on the age of the fbclid value before sending it.

Questions:

Known Issue: Is this a known issue with the Conversions API or the pixel implementation?

Edge Case: Could this be an edge case where a user clicks an ad, leaves the site, and returns more than 90 days later without clicking a new ad, thus triggering a conversion with an expired fbclid?
OR
Bookmarks incl. old query click IDs?
OR
I am sharing a link with you with my click ID from today. You click on it the day after tomorrow and get my Click ID as a cookie. 90 days later it is in a cookie, but the click was 92 days ago.

Is that enough for 9%?

Timestamp Check: Does Meta use the timestamp embedded within the fbc value (format: subdomain_index.timestamp.fbclid) to verify the 90-day rule? Would implementing a server-side check based on this timestamp be a valid solution?

Further Steps: What additional checks or data should we provide to help you diagnose this issue?

Thank you for your time and assistance.

Detail Error Message:

Server sending expired fbclid value in fbc parameter

Error Message complete:
Server sending expired fbclid value in fbc parameter
Your server is sending expired fbclid value in the fbc parameter, such as value that were generated over 90 days ago, for one or more events. This may impact the attribution and optimization of your ad campaigns.

Similar advertisers who sent valid Click ID (fbc) for AddToCart saw
a 47.27% median increase
in their existing additional conversions reported.

Events affected by this issue include:

AddToCart
Purchase
PageView
View all events
9% total events affected

Hallo @FJR, it’s been a while.

Known Issue: Is this a known issue with the Conversions API or the pixel implementation?

Sometimes “false-positives” like this show up in the Events Manager, but there isn’t much that can be done.

Edge Case: Could this be an edge case where a user clicks an ad, leaves the site, and returns more than 90 days later without clicking a new ad, thus triggering a conversion with an expired fbclid?

This could be the case, yes. Because the cookie lifetime is refreshed every time the JS Pixel fires an event.

OR
Bookmarks incl. old query click IDs?

It’s possible as well.

OR
I am sharing a link with you with my click ID from today. You click on it the day after tomorrow and get my Click ID as a cookie. 90 days later it is in a cookie, but the click was 92 days ago.

It’s also possible. This happens when users share a link with Click IDs on forums or other places that target a big number of people (Reddit, Whatsapp, Facebook etc.).

If everything is properly set on the tracking side, most likely this is probably due to old fbclid being sent because of all the hypotheses you described.

Is that enough for 9%?

Unfortunately, I have no idea.

Timestamp Check: Does Meta use the timestamp embedded within the fbc value (format: subdomain_index.timestamp.fbclid) to verify the 90-day rule?

Meta does not disclose how it processes the fbp parameter. But we can imagine that uses the timestamp on the fbc value, as well as some internal mechanism to pinpoint the timestamp of when the fbclid as generated (like Google Ads does, but without using an explicit timestamp on the gclid like Meta).

Would implementing a server-side check based on this timestamp be a valid solution?

This would be a valid test. If you do it, I recommend testing it first on a separate test pixel and observing the numbers (attributed events on Meta Ads Manager etc.).
Note that the JS Pixel will collect the expired fbclid regardless of whether this value is expired or not. So you will still have the problem, but you won’t be able to overwrite the fbc value using the JS Pixel.
I wouldn’t do it personally, because the risk of messing up and not sending a valid value is not worth it. Furthermore, I don’t think that it would bring that much benefit as Meta claims.
Again, my personal opinion and I would be happy to be proven wrong.

Further Steps: What additional checks or data should we provide to help you diagnose this issue?

Starting with this server-side check based on the timestamp (as you described) is a good one.