What are cookies?
What information is tracked by web cookies and how are cookies used?
What are persistent cookies or session cookies?
In this article, we will discuss all there is to know about web cookies.
You will get to know what they are, how they are created, what information they contain, what’s their purpose, how you can view, manage or delete them and even how they can be misused.
Are you ready?
Let’s get started…
What are cookies
A cookie is a small computer file delivered from a website server to your computer when you load a web page on your web browser.
Cookies are also known as HTTP cookies, web cookies, Internet cookies, browser cookies, tracker cookies or online cookies.
All of these terms refer to the same thing, web cookies.
The term “cookie” was derived from the term magic cookie referring to packets of data a program sends and receives in an unaltered fashion.
Cookies were first developed in 1994 intended to save website visit information.
The main purpose of the cookie is to save and track information about your interaction with the website such as your login credentials, preferences, where you left off, theme selection or other customization features.
When you visit a website, the cookie is automatically stored on your computer through your web browser.
At your next visit to the same website, the cookie will have saved your past interactions and help enhance your user experience.
This is useful for users and overall user experience whenever you visit a website.
Since the cookie remembers your preferences, login details and so on, you will not have to start from scratch every time you visit the website.
What information is contained in a cookie
Web cookies are files contained in your web browser and contain:
- The URL of the website you visited
- The cookie life
- Some random numbers
- The server name that the cookie was sent from
The information contained in a basic cookie is non-personal and does not allow to identify an individual such as a person’s identity or preferences.
However, over the years, companies have started using cookies to gather information in such a way as to create a profile about an online user.
The net result is that an individual or an identifiable person can be tracked using cookie information combined with other information.
The server or website delivering the cookie to your browser is the only server that can read the cookie and use the information found in the cookie.
The cookie of a particular website should not be able to read the cookie of other websites stored on your computer.
If that were to be the case, you are exposed to a security threat.
When are cookies created
Cookies are created at the moment you visit a website for the first time.
When you visit a web page, your browser receives packets of information allowing it to create the content of the page on your computer screen.
With the page content information, the server will also send a cookie file to your browser and stored on your computer.
If the cookie file sent is a persistent cookie, when you leave the website, the cookie file created will remain on your computer.
The next time you go on the same web page, the same cookie file gets reactivated.
If the cookie file is a session cookie, once you leave the website, the session cookie will get deleted from your computer.
With regards to the recording of the data by tracking cookies, when you hit a submit button or enter values on a webpage, the values submitted can be collected by the cookie.
How long does a cookie last
Cookie files can either last for a short period of time or persist over time.
Session cookies are created during your visit to a webpage and will only exist during the unique user session.
Once the session is over, the cookie will be deleted.
Persistent cookies will have a defined lifespan or remain permanently on your computer.
Persistent cookies will remain during a session and even after you close your session.
If the cookie has a defined lifespan, at a certain point in time it will get deleted without user intervention.
If the cookie is permanent, the cookie will last forever until the user manually deletes the cookie.
Session and persistent cookies
There are two types of cookies:
- Session cookies
- Persistent cookies
Session cookies are created temporarily in your browser when you visit a website while persistent cookies are stored in the browser for a longer duration as set by the cookie file.
Since session cookies are temporary, when you leave a website, the session cookies are deleted from your browser.
On the flip side, persistent cookies remain in your browser once you leave the website and get reactivated when you visit the same website again in the future.
How are cookies used
What are the use cases for cookies?
Session management cookies
Cookies are primarily used to enhance the user experience when visiting a website.
The web cookie will store and remember the user’s past interactions, login credentials and other website navigation information so to make the experience of the user better.
Web cookies used for session management can track the following information:
- Where online users have left off
- Shopping cart session
- Last login date
- Time on page
- Links you clicked on
- Where a user had left off on an online form
The session cookie tracks a user’s session so companies can see how users interact with their website and make enhancements.
Personalization cookies
Another important use of cookies is to help personalize a user’s experience.
When a user needs to remember information to log in to the website, the cookies can track and store usernames to help the user log in next time they come to the site.
Users can also define preferences and personalize their interaction with a website.
The cookie will remember those preferences as well so the next time, the user does not have to enter the same preferences over and over again.
When navigating hundreds of pages on the web per day, cookies are highly useful in helping us improve our overall experience and make our web navigation as personal as possible.
Web tracking cookies
Tracking cookies track users’ web navigation patterns and habits.
This is an important use case for cookies.
Web tracking cookies will store additional information about the user such as the user’s IP address allowing the cookie to specifically track the user’s computer as it navigates the web.
With a tracking cookie, every time a user accesses a page, the cookie will send details about the web page, time of access and session duration to the server who had issued the cookie.
As a result, information can be gathered about a user as to what pages they visited, for how long, in what sequence and so on.
This information can be worth millions of dollars to advertisers and e-commerce businesses looking to understand their users so they can better market and promote their products.
Third-party cookies
A third-party cookie is a cookie installed on your computer by a website but belonging to a third-party and not the owner of the website.
For example, if you visit a website running advertisements on it, the website can deliver a third-party cookie to you relating to the advertiser who has been authorized to publish advertisements on the website.
When an advertiser’s cookie is passed on to your computer, if you visit other websites using the same advertiser, the cookie will get reactivated and track your navigation.
Since third-party cookies contain unique identifiers, when you visit different websites using the same third-party cookie, the third-party advertiser can track your web navigation and link the cookie information from different websites to create a profile about the user.
Third-party cookies are used to deliver targeted advertisements to users after they’ve visited a certain website.
Combined with social media websites collecting personal information, advertisers can combine their cookies data and social media to create a highly detailed profile about a user.
Flash cookies
Flash cookies are created by Adobe’s Flash browser add-on for multimedia.
Flash cookies are used to save state information along with user preference and session information.
Flash cookies can be used with traditional web cookies and are very difficult to find and delete.
When you delete the web cookie, flash cookies are used to recreate them.
When a cookie is recreated after it is deleted, we refer to that as “zombie cookies”.
Supercookies
Supercookies are a type of cookie using a different storage location in your browser.
HTML 5 web storage allows the browser to access storage that can be accessed for a browser session or permanent storage.
Supercookies use storage mechanisms allowing it to have a higher level of flexibility than traditional cookies and save more information than before.
Zombie cookies
Zombie cookies are a type of cookie having the ability to automatically regenerate themselves after they are created.
Zombie cookies are generally stored on multiple locations on your computer such as in the Flash Local shared object or HTML5 web storage.
So when the traditional cookie is deleted, the cookie can recreate itself using the cookie data stored on another location.
Cookie-less tracking or Web bugs
A user’s information can also be tracked without a cookie.
This can be achieved using web bugs, also known as web beacons, that ar small and invisible image files placed on a web page or hidden in an email message.
When the webpage or email message is viewed or image downloaded, the server can start tracking detailed logs of the user activity using the web bug.
The web bugs can record information such as:
- User location
- Browser version
- Window size
- Browser settings
- Browser add-ons
- Browser customizations
Using this information and combined with other relevant information, companies can achieve “device fingerprinting” allowing them to accurately identify an individual.
Managing cookies
Managing cookies can be quite challenging if you want to have full and total control.
We may have hundreds, if not thousands of cookies on our computer.
In some cases, the cookies help improve our web navigation experience and, in other cases, they are used to create profiles on us and achieve device fingerprinting.
You must look at your browser’s settings to see how you can manage or disable the cookies.
By default, browsers will often allow cookies to be installed.
If you want to block the cookies, you must specifically configure your browser to that effect.
Even if you block cookies through your browsers, supercookies and flash cookies may not be affected as they use a different storage space or can replicate themselves.
Viewing cookies on your computer
Most browsers offer you the option to view the cookies stored on your computer so you can manage them.
You will also have the option to delete the cookies if you do not wish to have them on your computer.
For instance, if you are using Google Chrome, you can view your cookies by following the following steps:
- Click on “Settings” on the parallel bars button
- Click on “Advanced” link at the bottom of the page
- Click on “Cookies and other site data”
- Click on “See all cookies and site data”
By following these steps, you can view the cookies stored on your computer.
Cookie clearing tools
To delete the cookies on your computer, you should first start by clearing the cookies using the options and settings of your browser.
However, if you want to navigate the web by blocking as many cookies as possible, you must go over and beyond your web browser settings.
Even surfing the web on the “private browsing mode” will not help you completely eliminate or block cookies.
You’ll need an application or a program specifically designed to help you delete the cookies.
The following tools can be used:
- BetterPrivacy
- NoScript
- Targeted Advertising Cookie Opt-Out (TACO)
By using these dedicated applications, you can delete or block as many cookies as possible giving you more privacy when surfing the web.
Takeaways
Web cookies are small files that are downloaded on your computer through the web browser when you navigate the web.
When you load a page on your web browser, the content of the page is delivered by a server connected to the web.
A website server delivers a cookie file bearing a unique and random numerical identifier to your computer so to track your website navigation.
Fundamentally, cookies are designed to help improve the user experience when surfing the web.
Typically, cookies track the following information:
- Domain URL
- Cookie lifetime
- Random numbers
- Server name issuing the cookie
Cookies can be session cookies or persistent cookies.
Session cookies are created when you visit a website and deleted when you finish interacting with the site.
Persistent cookies are created for a longer period of time or permanently and get reactivated every time you visit the same webpage.
Over the years, organizations have started using cookies to do more than just enhance user experience.
Advertisers may install third-party cookies on their website allowing third-parties to create a profile of the online user and deliver targeted ads for higher conversion.
Cookies are not harmful in of themselves but can be misused by companies.
Zombie cookies or supercookies can be used to track users online and perform device fingerprinting.
Such activities pose privacy concerns.
Nonetheless, cookies do have a benefit in helping us navigate the web in a more personalized manner and enhance our overall experience.
We hope this article helped define what are cookies.
Do you have any particular experience with cookies that you feel can be interesting to share?
We would love to hear from you.
Drop us a comment!
