What are Cookies? - How Cookies Work and What They DoUpdated: May 15, 2019
Online privacy is not something to be taken lightly in this day and age. And web cookies might influence the level of privacy you have when browsing online.
While browsing the internet, it's impossible you didn't come in contact with the term "cookies". You can find the term referred to simply as cookie or web cookie, internet cookie or browser cookie.
You may know that internet cookies do not refer to some kind of a sweet snack. But do you know what internet cookies actually are?
If you don't know what cookies are, we put together this post to explain what cookies are, what they do, and how you can manage the cookies in your browser.
It's important to have a basic knowledge about what cookies are as they store data about your online activity. So let's get to it.
Simply put, cookies are some files stored on your computer or device, that store a small amount of information about you. They hold information such as your online activity and data about your browser. This data is used by websites and clients to provide you with personalized pages based on your online behavior.
Cookies are sent to your computer by the websites you visit and they've been designed so websites can remember information about your online behavior (e.g. when you add an item in your cart) or remember activities such as logging in, your browsing history, and the buttons you click while surfing online.
There are more types of web cookies that are commonly used online.
Session cookies - These cookies are one of the most common and they live in the temporary memory until the browser is closed. When the browsing session ends, all the information is deleted which makes them not harmful.
Persistent cookies - These types of cookies live on users' computers until they expire or are manually deleted. These cookies are used to track users' behavior over time on a particular website.
Secure cookies - These types of cookies are encrypted so hackers can't read the data they store. They are highly used on websites where money transactions are made so they guarantee users sensitive information security.
Another way to categorize cookies is by looking at the purpose of being created.
HTTP cookies - These are the web cookies that are saved by the websites you visit so they can remember the user's interactions such as your browsing history, the links, and buttons you click, your IP address, the date and time of a website visit.
Authentication cookies - Authentication cookies are essential for the internet as they are the main method used so that websites can remember if a user is logged in into a platform and which account is being used. If it weren't for the authentication cookies, a website would not know when to request users to authenticate by logging in or when to send pages containing sensitive information. Authentication cookies' security is dependant on the websites' security, the user's browser's security and if the data stored in the cookie is encrypted. If an authentication cookie is not secured, a hacker might exploit security vulnerabilities gaining access to users' private data.
Tracking cookies - Tracking cookies and third-party tracking cookies are highly used by companies online so they can keep records of users' online browsing history to target them with personalized ads. Tracking cookies raise many online privacy concerns as they give companies the opportunity to gather lots of information about individuals, reaching the point where they know more about you than you may imagine. For this matter, the European law implemented the GDPR regulation.
The GDPR (General Data Protection Regulation) in the European law is a regulation on data protection which requires websites to clearly disclose any data collected through cookies to the users' located in the EU. Basically, any individual from the EU (or using a European IP address) when visits a site is asked if s/he approves that cookies from that particular website to be stored on her/his computer.
The GDPR regulation gives users more control over their personal data and online privacy as the requests for approval makes people more aware of the fact that websites collect information about them, behavior that many users might've not been informed about.
Along with the term of cookies, you might've also stumbled upon the term cache. While both of them are used to store data on users' computer or device, they serve different purposes.
While a cookie is used to store information about a users' online activity, the cache is used to make a web page load faster.
Simply explained, the cache is a collection of data stored on a user's computer containing site contents such as images, videos, audio, etc. so the website will load faster upon the next visit.
Another difference between cookies and cache is that cookies have a life span while cache lives on one's computer until it is manually removed by the user.
Let's go a bit more in-depth on how cookies work and what they do so you better understand their purpose.
A cookie is created and the information it contains is read by a website or a web app. Your computer only stores the cookie and sends it to the website if the website requests for it. The purpose of the cookie is so the website is able to identify the user, his past interaction with the website so it can provide the right content based on this information.
In many cases, cookies are essential to a website so it works properly. The best example is with online stores. If it wasn't for the cookies, the online shop wouldn't be able to create your shopping cart because every time you load a web page, the website would see you as a new user and would not keep track of the items you add in your cart.
While first-party cookies are stored by one particular website so it can track its users' behavior on the website so it can provide the best user experience, third-party cookies are a different story.
Third-party cookies are tracking cookies used by advertisers to collect data about users' online activity so they can target them with ads. Not only these tracking cookies do not belong to the website that sent them, but they can also store the browsing history of a user on multiple websites that use the same advertising company. Gathering a large amount of data on users gives advertisers the opportunity to build a complex profile of users' online activity which might raise privacy issues.
The purpose of advertisers using cookies is to give users personalized recommendations when browsing online and dis[play targeted ads based on the users' interests. It's a marketing technique meant to raise the probability of a user interacting with an ad and making an online purchase.
What makes tracking cookies raise privacy concerns is that they give one entity the opportunity to collect a large amount of information about a particular user, often without her/his consent or knowledge.
If the cookies are secured or not comes down to either the information they store in encrypted or not. If the data is not encrypted, a hacker or cybercriminal hacking your computer or device will be able to read the sensitive data and you might fall victim to having your accounts stolen, fraud or identity theft, based on what kind of information the cookies contain.
Some types of cookies are more dangerous than others when it comes to users' security. While session cookies are harmless because they delete themselves when the browser is closed, persistent cookies that live until they are deleted manually or they expire might be risky, especially if they contain sensitive data.
One example of cookies that store sensitive data are the ones created by websites such as online shops where they might hold information like account credentials, name, or credit card details. Usually, these types of cookies are encrypted, but you better make sure the website you provide sensitive information to uses encryption before you allow it to store cookies on your computer so you strengthen your online security.
All browsers give you the option to personalize how you manage the cookies stored by the websites you visit when browsing online. You have total control on deleting the cookies from your computer.
There are more cases when you should delete cookies.
The most important situation when you should be deleting the cookies is when you're using a public computer (such as a computer from your school). This will prevent other people from having access to your browsing history and, if you used the internet for online shopping, to the items you added in your cart.
Another situation when you should delete cookies is when you're concerned with your online privacy. This will stop your computer from remembering your internet preferences and browsing history.
If you delete cookies, your whole browsing history will be lost. This means that all the websites you accessed before will see you as a new user the next time you visit them. You will be logged out from all the accounts and any item stored on a website will be removed.
When you'll access a website, new cookies will be created.
You can also opt to delete cookies for only a particular website if you no longer want it to remember your activity.
Now let's see how you can delete and manage the cookies in your browsers.
- To delete cookies in Google Chrome, first, open up the Chrome browser.
- Click on the hamburger button in the upper right corner.
- Access the settings.
- Scroll down to the bottom of the page and click on Advanced.
- In the privacy and Security section click on Clear browsing data.
- From the window that pops-up you can manage the data which will be removed based on the time it's been created, if you want your whole browsing history to be deleted, the cookies, and also the cache. If you access the Advanced section, you can also opt to remove more information such as any saved autofill form data, passwords, site settings or hosted app data.
To manage what cookies websites can save from now on
In the Privacy and Security section in Chrome's Settings access Site Settings
Click on Cookies
From here, you can manage what cookies are saved in your browser.
You can choose to disable cookies saving altogether
You can choose hat the cookies to be removed upon quitting the browser
You can block third-party cookies
You can add specific websites that you don't want to store cookies
How to clear cookies for one site
To clear cookies for a specific website:
- Go to the Privacy and Security section in the Chrome browser.
- Access the Site Settings.
- Click on View all permissions and data stored across sites.
- Here you'll find all the cookies saved in your browser. Type the name of the specific site you want the cookies removed from in the Search bar.
- Click on the hamburger button next to the website and click on Clear data.
Web cookies are essential to a proper online experience most of the time. Without them, online stores wouldn't be able to track the items we add in our carts and websites won't be able to remember that we visited the site before.
Still, not all cookies are safe. Some cookies, such as third-party cookies, can raise concerns about our online privacy as they give advertisers the opportunity to create detailed profiles about us and our online activity. Other web cookies might contain unencrypted sensitive data which can put our online security at risk if someone manages to hack into our devices.
Online privacy is not something to be taken lightly in this day and age. Because of this, we, at DrSoft, are continuously trying to educate people about online privacy and security by giving our best tips and steps for a safe online experience.