The latest update to Chrome is now blocking ALL cross-site cookies that are missing the sameSite attribute in the header, which includes all cookies set by Site Builder (for example, JSESSIONID from netsuite.com or your checkout domain). There are zero results in help or suiteanswers for samesite or cross domain cookies, so I wonder if they even know about the issue. Any functionality that depends on these cookies is now failing in Chrome, and soon in Firefox.

I think we may be seeing issues with 3D Secure verification related to this. Google Chrome users running Chrome/84.0.4147.135 are not being recognised by the system when returning after 3DS verification. Where the script log usually shows the logged in user, the field is blank. I'm only noticing this because we have a very bespoke checkout process and I log a lot of detail in the order submission process.