Most e-commerce sites use a payment processor that redirects users away from their domain to complete payment. PayPal, Stripe Checkout, Klarna, Afterpay, and similar services all work this way. The user leaves your site, completes payment on the processor's domain, and returns to your confirmation page.
From GA4's perspective, this return visit from the payment processor's domain looks like a new referral. A new session starts. The session source is now paypal.com or checkout.stripe.com — not the Google Ads campaign, email, or organic search that originally brought the customer to your site. The purchase event fires in the new session, and the payment processor takes the attribution credit.
How GA4 handles referral sessions
GA4 creates a new session whenever a user arrives from a new source — including when they return from a payment processor. By default, GA4 does not know that paypal.com is part of your checkout flow rather than an independent referral source. It treats the redirect back the same way it would treat any other external referral.
The result in your acquisition reports looks like this:
| Session source / medium | Sessions | Purchases | Revenue |
|---|---|---|---|
| google / cpc | 4,200 | 18 | £1,440 |
| paypal.com / referral | 312 | 294 | £23,520 |
| klaviyo / email | 1,800 | 6 | £480 |
| (direct) / none | 2,100 | 12 | £960 |
In the above scenario, PayPal appears to be driving the most revenue by a significant margin — while Google Ads and email look nearly worthless. The reality is that those 294 PayPal purchases were driven by your actual marketing channels. PayPal is simply the payment method, not the acquisition source. Your campaign data is nearly useless for budget decisions.
How to fix payment processor attribution in GA4
Step 1: Add payment processors to your referral exclusion list
GA4's referral exclusion list tells the tag not to start a new session when a user arrives from a specific domain. When a domain is on the exclusion list, GA4 continues the existing session rather than creating a new referral session — preserving the original attribution.
- Go to Admin → Data Streams and select your web data stream
- Click Configure tag settings
- Click List unwanted referrals
- Add all payment processor domains you use. Common ones to add:
paypal.comcheckout.stripe.comklarna.comafterpay.comclearpay.co.ukpay.google.comapple.com(for Apple Pay redirects)
- Save the changes
Step 2: Implement cross-domain tracking if needed
If you are using an embedded payment flow where the checkout page is on a subdomain (such as checkout.yoursite.com), you may need cross-domain tracking rather than referral exclusions. Cross-domain tracking tells GA4 to treat multiple domains as a single continuous session.
In GTM, open your GA4 Configuration tag and add your checkout subdomain to the Cross-domain measurement settings. This ensures sessions are not reset when a user moves between your main domain and checkout subdomain.
Step 3: Verify the fix in DebugView
After implementing referral exclusions, test a complete checkout flow while GA4 DebugView is open. Walk through from an ad click or email link, add a product to cart, complete checkout via your payment processor, and arrive at the confirmation page. The source/medium should remain as the original channel throughout — including when the purchase event fires.
How to detect if you have this problem
Open your GA4 acquisition report and change the primary dimension to Session source / medium. Sort by revenue or conversions. If you see paypal.com / referral, checkout.stripe.com / referral, or any payment processor domain in the top sources for purchases, you have a referral attribution problem.
GA4 Health Check's automated audit checks your referral exclusion list against a set of known payment processor domains and flags any that are missing. It is one of the checks in our Configuration module — surfaced in your PDF report with the specific domains to add.
Run a GA4 audit to check your referral exclusions →
