Web Cookie Tracking Explained
Ready to Start Your Career?

Web Cookie Tracking Explained

Gabriel Schrams profile image
By: Gabriel Schram
March 2, 2021

Cookies are small files containing uniquely identifiable data for web users. They are typically used to identify an individual's computer as it relates to a specified network. Cookies are established when a user connects to a network server. The unique identifiers stored in cookies help servers render more specific data to those accessing the network.

Cookies are strong utilities at the disposal of web servers because they can improve the user's overall experience. However, cookies are also a vulnerability in that they can contain valuable information. A major issue is how cookies are being used to track users. Added to this threat surface is how often users interact with cookies. Major websites that use cookies include Google, Facebook, Amazon, YouTube, and Wikipedia. Most online shopping platforms or online services use cookies to personalize the user experience. The volume of online activity from the start of the COVID-19 pandemic has increased; many users are still unaware that cookies are even being used on some of their frequented websites. Cookies in web browsers can be a useful performance tool but have been exploited to track large user data quantities.

Types of cookies

Cookies can be separated into several categories with specific characteristics:

  • Session- these are cookies that are only used during a single session of web browsing. They are stored in a computer's RAM and are deleted when a web browsing session has ended.
  • Persistent- cookies that remain on a computer after the session expires. They will remain stored until they expire if they do.
  • 1st Party- these cookies are created directly on the website or web application being used. This could be good or bad based on the integrity of the application being used.
  • 3rd Party- cookies generated by websites other than the one being directly accessed. Most often, these are linked to advertising. This type of cookie is considered the most problematic due to user privacy invasion and the selling of their data, often without permission.

Why Track Cookies?

Cookies were designed to track users, among other practical applications. Specifically, cookies make it easier for users during some authentication processes. Cookies can store login information in some applications, making it easier for users to log in. While this is convenient, storing insecure login credentials is a major security concern. Session management and personalization are further examples of double-edged swords within cookie use. While personalized web browsing can make for an overall improved user experience, many of these saved preferences are also a violation of user privacy. Online targeted ads have become specific to what each consumer is more likely to want or click on. While this can be seen as a good thing, it raises the questions of who found this information and how. Cookies have also played their part in the takeover of online shopping. Nearly every shopping website uses cookies to save the state of their customers' shopping carts.

Can Cookie Tracking be Prevented?

While cookies can improve the overall user experience, users can disable cookies under their browser's privacy or security settings. However, Google has made big efforts to obliterate the use of third-party cookies. This movement is true with many browsers and websites; they now issue warnings to users about their cookies. Safari and Mozilla already have extremely tight restrictions on third party cookies. The legislation is being passed, such as the California Consumer Privacy Act (CCPA) and General Data Protection Regulation (GDPR), which also contributes to preventing user privacy invasion caused by cookies.

Cookies track user preferences and occasionally their login information. However, this correlates to a much better user experience. 3rd party cookies exploited cookies' potential, but web applications are on track to eliminate their use. Cookies are fundamentally generated to personalize and save information to streamline users' experience for a website or web application. Awareness of when cookies are being used is important in keeping information secure and user experience positive.

References Davis, K. (2020). The death of cookies and the threat to digital marketing. Retrieved from https://martechtoday.com/the-death-of-cookies-and-the-threat-to-digital-marketing-243342 Kaspersky. (2021). What are cookies? Retrieved from https://www.kaspersky.com/resource-center/definitions/cookies N.A. (2020). Tracking cookies and the GDPR | cookiebot. Retrieved from https://www.cookiebot.com/en/tracking-cookies/

Schedule Demo
Build your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry