Cookie consent banners are everywhere, but how do you know if they’re properly implemented? Which CMP (Consent Management Platform) does a website use? Is it integrated with Google Consent Mode? In this article, I’ll show you how to detect and verify CMP implementation without digging through code.

A CMP is a tool that manages user consent for cookies and tracking. It handles:

  • Displaying the cookie banner
  • Recording user choices
  • Blocking scripts until consent is given
  • Communicating consent state to other tools (like Google Analytics)
CMPDescription
CookiebotPopular in EU, automatic cookie scanning
OneTrustEnterprise solution, advanced compliance
UsercentricsGerman-based, GDPR-focused
TermlyBudget-friendly, good for small sites
IubendaItalian, multilingual support
Cookie NoticeWordPress plugin
ComplianzWordPress-focused solution

Why CMP Detection Matters

  • GDPR compliance - verify proper consent handling
  • Competitor analysis - see what solutions others use
  • Audit preparation - document CMP before privacy audit
  • Troubleshooting - identify consent-related tracking issues

UPER SEO Auditor - CMP Detection

The UPER SEO Auditor extension automatically detects what CMP a website uses.

UPER SEO Auditor - CMP Detection

What Will You See?

In the Trackers tab, you’ll find CMP information showing:

  • CMP detected - the name of the consent platform
  • Version - if available from the implementation
  • Integration - whether it integrates with Google Consent Mode

Detected CMP Platforms

PlatformDetection Method
CookiebotCookieConsent object, cookiebot.com scripts
OneTrustOneTrust object, onetrust.com scripts
UsercentricsUC_UI object, usercentrics.eu scripts
Termlytermly.io scripts
Iubendaiubenda.com scripts
TrustArctruste.com scripts

Many CMPs integrate with Google Consent Mode, which tells Google services (Analytics, Ads) about user consent status.

Consent Mode is Google’s protocol for consent communication:

CategoryDescription
analytics_storageAnalytics cookies (GA4)
ad_storageAdvertising cookies (Google Ads)
ad_user_dataSending user data to Google
ad_personalizationAd personalization

When a CMP properly integrates with Consent Mode:

  1. Before consent - all categories should be denied
  2. After “Accept All” - categories change to granted
  3. After “Reject” - analytics/ads stay denied
// Default state (before consent)
gtag('consent', 'default', {
  'analytics_storage': 'denied',
  'ad_storage': 'denied',
  'ad_user_data': 'denied',
  'ad_personalization': 'denied'
});

// After user accepts
gtag('consent', 'update', {
  'analytics_storage': 'granted',
  'ad_storage': 'granted',
  'ad_user_data': 'granted',
  'ad_personalization': 'granted'
});

Manual CMP Detection Methods

Method 1: Check Global Objects

Open DevTools Console and try:

// Cookiebot
typeof CookieConsent !== 'undefined'

// OneTrust
typeof OneTrust !== 'undefined'

// Usercentrics
typeof UC_UI !== 'undefined'

// IAB TCF
typeof __tcfapi !== 'undefined'

Method 2: Network Tab

Look for requests to CMP domains:

  • consent.cookiebot.com
  • cdn.cookielaw.org (OneTrust)
  • app.usercentrics.eu

Method 3: Check dataLayer

dataLayer.filter(e => e[0] === 'consent')

CMP Comparison

FeatureCookiebotOneTrustUsercentrics
Auto-scan cookies
Google Consent Mode
IAB TCF 2.2
Free tier✅ (1 domain)✅ (limited)
WordPress plugin

Common Implementation Issues

❌ No CMP Before Tracking

<!-- Wrong - GA4 loads before CMP -->
<script src="https://www.googletagmanager.com/gtag/js?id=G-XXXXX"></script>
<script src="https://cdn.cookielaw.org/..."></script>

Problem: Tracking scripts load before consent check.

Solution: Load CMP script first, use GTM consent-aware triggers.

❌ CMP Without Consent Mode

The CMP shows a banner but doesn’t communicate with Google services.

Problem: Google Ads may lose conversion data in EU.

Solution: Enable Consent Mode integration in CMP settings.

❌ Consent Mode Without CMP

gtag('consent', 'default', {
  'analytics_storage': 'granted',  // Always granted!
});

Problem: GDPR violation - tracking without actual consent.

Solution: Use a proper CMP that updates consent based on user choice.

Testing CMP Implementation

Test 1: New User (Incognito)

  1. Open site in incognito mode
  2. Open UPER SEO Auditor
  3. Check: CMP detected, trackers blocked

Test 2: Accept All

  1. Click “Accept All” on the banner
  2. Refresh UPER panel
  3. Check: GA4/GTM scripts now active

Test 3: Reject All

  1. Clear cookies, reload
  2. Click “Reject” / “Essential Only”
  3. Check: Analytics trackers still blocked
  1. Open cookie preferences
  2. Accept only “Analytics”
  3. Check: GA4 active, ads trackers blocked

Export and Reporting

CMP detection results are included in PDF export:

  • CMP platform name
  • Integration status
  • Consent Mode compatibility
  • Detected issues

IAB TCF Compliance

For advertising, many CMPs implement IAB TCF (Transparency and Consent Framework):

// Check TCF presence
__tcfapi('ping', 2, (pingReturn) => {
  console.log('TCF Version:', pingReturn.cmpVersion);
  console.log('GDPR Applies:', pingReturn.gdprApplies);
});

UPER SEO Auditor detects TCF implementation and shows the TCF version.

Summary

Detecting and verifying CMP implementation requires checking:

  1. CMP presence - which platform is used
  2. Consent Mode - is it integrated with Google
  3. Script blocking - are trackers blocked before consent
  4. Update flow - does consent state change correctly
  5. IAB TCF - for advertising compliance

UPER SEO Auditor shows CMP detection in the Trackers tab, making it easy to verify consent implementation.

Try UPER SEO Auditor and check how any website handles consent.

Sources

  1. IAB Europe - TCF 2.2 https://iabeurope.eu/tcf-2-0/

  2. Google - Consent Mode https://developers.google.com/tag-platform/security/guides/consent

  3. Cookiebot Documentation https://www.cookiebot.com/en/help/

  4. OneTrust - Consent Management https://www.onetrust.com/products/consent-management/