Cookies. They sound so innocuous, reminding us of sweet treats and tea dunking. So innocuous that we all click the ‘accept cookies’ button on every single website we visit without thinking about what we are actually doing.
So, what are cookies? And should we be more discerning when accepting them?
What are cookies?
Cookies are little pieces of data, which identify your computer, perhaps the username and password and can be used to better serve you with more appropriate websites and advertisements as well as improve your general online experience.
There are three types of cookies:
- First party persistent cookies: These are cookies which are in your device’s memory and can remember logins and passwords for specific sites. They are on the device until you remove them – even once the browser has been closed.
- Session cookie: This is more common form used today and is associated with the websites that you visit. These are used to track and personalise each user’s internet experience. However, they stop working once the browser is closed.
- Third-party or tracking cookies: These cookies are also stored on your device but remain active whenever you are online, even when not on the website they originated from, recording your behaviour on multiple websites
What are cookies used for?
Cookies can be a really useful addition to your internet experience. Imagine you have just filled a shopping basket with dozens of items only to accidentally shut the page. Cookies mean that when you open the page again your basket items have been saved. Cookies also prevent you from having to sign into every website you visit every single time.
Essentially, they can be very convenient.
However, convenience comes at a cost. And data is valuable.
Using the shopping site as an example again, cookies are able to track what you have looked at on the page, and obviously what you have bought and use this information to target you with ‘similar’ items you may also like to purchase. They also use the data of what you looked at to personalise other targeted third-party advertisements.
So, essentially cookies provide session management meaning you don’t have to login every time and then personalisation and tracking to ensure you have more targeted advertisements when online.
What do cookies know about you?
Although cookies don’t generally have the information which could identify you, they do have information about your browsing and internet habits. Some of the things they know about you include:
- Your login information for certain websites
- Shopping cart items for multiple websites
- Your preferred language
- Your location
- A unique ID for your personal web browser which tracks your activity and sends it to advertising platforms
- What websites you visit and for how long
- Your optimum browsing time of day
- Search queries
- Purchases
- Device information
It may seem very disjointed information but from this they will know who you bank with, whether you have children or a pet, where you travel to and what your hobbies are.
Are cookies a security risk?
Third-party and tracking cookies can be considered as invasive and many anti-virus software packages will actually identify them as spyware. Despite this they are common and are not generally illegal.
Whereas many websites ask you to consent to cookies before accessing the site, third-party or tracking cookies can also be found in advertisements, social media like/share buttons and comment sections and web analytics.
As soon as you open a page with one of these cookies – even if you don’t click share or the advertisement, data about your activity is being sent to the server from which it originated. Therefore, if you open a page with ten advertisements and you click on none of them you could generate ten cookies which are tracking your sessions and sending the data back to the creator.
Tracking cookies are regularly used on Google, Twitter, Facebook, Doubleclick, AddThis and Yieldmanager. Some particularly troublesome third-party cookies are known as zombie cookies which are permanently installed on a user’s PC and are difficult to get rid of once they are there.
Although they are not necessarily a security risk to your computer and the data held on it, the information they hold could be. Should your PC or work network be infiltrated by a hacker they could hijack cookies and gain access to your browsing sessions.
What can you do about cookies?
Cookies are an optional part of your online experience, and when accessing websites in the UK and EU you can decline them when asked. Or, if they're sneaky they won't outright say decline but instead give you the option to 'tailor' your cookies - by clicking into this the majority of these options will already be turned off and from there you can decline the rest. But you can do more from your device at source:
- Decline: Under your PC/laptop/devices settings there will be a privacy option which allows you to uncheck the cookie boxes. You can still search the internet, but it may not be as streamlined as you would have if cookies were allowed.
- Remove: On your favourite browser if you go into settings, privacy, and internet options you can clear/remove cookies. However, this could make some websites harder or slower to navigate. Here's how for several popular browsers:
- Cookie settings in Edge – CLICK HERE
- in Firefox – CLICK HERE
- in Chrome – CLICK HERE
- in Safari – CLICK HERE
What next?
If you are worried about cookies, and whether your data is secure get in touch with the team at SupportWise and we can help keep your PC/device safe.