What are Internet Cookies and how do they work?

  • Post author:

You must have received at least one Internet Cookie notice popup while browsing internet. Usually these notices inform you that they are storing and accessing Internet Cookies on your local machine so that they can offer relevant content as per your browsing characteristics and better browsing experiences.

In this blog, you will learn about Internet Cookies, how they work, and whether you should provide your consent to web cookies popup notices on a browser or not. So, let’s start with…

What is Internet Cookie?

Internet Cookies or Web Cookies are text files stored on client’s local storage by websites to provide the seamless browsing experience for you and help the web host understand you as an individual visitor and/or consumer. It was named Cookie because of resemblance with Magical or Fortune Cookies. Like Fortune Cookies, it also contains some piece of information inside.

Cookie was invented in 1994 by a young Software Engineer and Internet pioneer Lou Montulli. Lou, while working on an e-commerce website for Netscape platform, faced issue with web server space. He observed that Shopping cart was consuming a lot of Server Space. Back then in 1994, Web Server Spaces used to be costly and Lou wanted to store user’s shopping cart data on user’s desktop instead of Server. This is how internet cookie was invented.

However, internet cookies earned popularity for completely different purposes like providing inputs for advertisers, identifying individual shopping characteristics, storing user sessions and many more.

Types of Internet Cookies:

Cookies serve multiple purposes and can be designed with multiple ways. We can categorize them into four different types.

1- Session Cookie (HTTP cookie)-

Session cookie lasts till browser session continues. Once browser is closed, Session Cookie automatically gets deleted. Purpose of Session cookie is to track the progress, so that end users don’t have to enter the same information again and again.

2- Third-party Cookie-

Third-Party cookies are stored into browser when a third-party web platform gets access using some activities like online sharing and third party sign-in.

Let’s understand this by an example of login using social platforms like Facebook and Google. When you perform such sign-up or sign-in, Google or Facebook automatically stores a third party cookie.

Third party cookies are considered as most unsafe cookies because they might steal client’s information like browsing trends, login details or credit card information. You should consider disabling them in your browser.

3- Marketing Cookie-

Marketing cookies are used by web page who serve advertisement for third parties. Marketing cookies are less invasive, and solo purpose of these cookies is to provide relevant advertisement.

4- Secure Cookie –

These are HTTP Cookies with secure attribute set. Secure cookies have the scope, limited to secure channels, typically HTTPS. Latest Chrome and Firefox versions forbid insecure channels (HTTP) to create any cookie with the ‘Secure’ directive.

However, any sensitive information should not be stored in cookies with secure directive, as this flag can’t offer real protection. The purpose of secure flag is limited to notifying the web to grant access only for secure channels.

Difference between Cookie and Cache.

Although cookie and cache may appear together in a discussion but there is significant difference between cookie and cache storage. Cookie stores information such as login details, shopping preferences, visiting frequency details etc. to generate the user’s web characteristic.

Difference between Internet Cookies and Cache

For example, you visit a site like Quora and after some time you get what you needed and close the browser. Now, when you visit Quora again after some time, you don’t have to login again. Quora will identify your machine because it stored a login related cookie in your browser.

On other hand, cache memory is used by sites to store media files to enhance the browsing speed. You must have observed low speed when you visit any website for the first time (or after clearing the browser cache memory) but next time same website loads faster. This is because the media files related to website is already stored in your devise as cache memory and same website is using it to save the time and better browsing experience.

Why websites show cookie notice?

If you are a website owner and produce contents that might be relevant to UK or European Region, you should consider notifying user about cookies storage and access. Your website is required under the EU’s General Data Protection Regulation (GDPR) to let users from inside Europe, control the activation of cookies and trackers that collect their personal data.

Website shows cookie - notice

Your cookie notice depends on all the kind of cookies you are storing on client’s desktop. For example, if you are using Google AdSense to display ads on your website, you must mention the same in your cookie notice and end user should have option to accept or deny.

In case you are managing just a blog. A simple blog might not use any third party that might create any cookie or any login/registration. Even in such cases few cookies are stored on local machine and you should display a dialogue box notice about cookie.

How to check data stored in cookie?

You can check what information a website is storing and accessing using cookie. You need to open the website in chrome and press F12. Alternatively, you can right click and select the option Inspect Element as well. You need to navigate to Navigate subtab to see the Cookie option.

I have visited amazon.in and checked the cookies stored by Amazon in my local machine. See the screen capture below.

How to check information inside cookie

You can see that Amazon is storing information like Currency, Visit Count and some encrypted id-value pairs which later, they will consume to define my internet characteristics. Expiry Date time and size of a cookie can also be checked here.

You can also check if cookie stored by Amazon is HTTP only cookie (not created by local machine), Secure cookie and SameSite (not a third party) cookie.

secure httpOnly and SameSite cookie

Are Internet Cookies safe?

Internet Cookies are much safer now as compared it used to be few years back. Browsers are updating their verification and validation mechanism to discard the suspicious activities related to cookies. But you should always be careful while visiting a site.

Is cookie Safe

There are few vulnerabilities related to internet cookies, you should keep in your mind.

  • Do not click on any link that you do not trust. There have been cases in the past where hacker builds malicious links with payment URL and succeed to steal the money using active internet banking session cookies. Although online backing is much safe now a days, but you should stay alert.
  • Hacker might access e-commerce website cookies and alter the details like Address or Contact number.
  • User generally request data from server and server returns it in HTML or plain text format along with some cookies. A third party can manipulate the cookie and request for login details from server.

While visiting a website, you should always check if connection is secure by clicking the lock icon beside the URL.

How to disable Browser Cookies?

Usually cookies help you with a better and smooth browsing experience. But sometimes they make you feels like you are being watched because internet is storing all the information about your browsing patterns, how long you stay online, how frequently you visit a website. All these personal details are store in the form of Internet Cookies.

If you are a person who prefers safety over good browsing experience on internet, you can opt either partially to load the cookies or not to accept any cookies at all. Browser provide the facility to opt out of Cookies’ consent.

  • You can add sites in the Block list to stop them from using cookies in your local Machine.
  • You can Block Third Party Cookies which is unsafe.
  • You can block all sites from storing and reading cookies from your local machine.

Google Chrome Cookie Setting:

If you are using Google Chrome, you can follow these steps to control the cookie settings.

1- navigate to Chrome Setting.

google-chrome-menu-settings

2- Search for ‘Cookies and Site Data’ in search bar of setting page.

Google Chrome Cookies and Site Data Setting

Firefox Cookie Settings:

If you are using Mozilla Firefox, you can control cookies setting by following below steps.

1- Go to navigator menu and select options.

Firefox Cookies Setting-1

2- Navigate to Privacy & Security section’s Custom option and opt for Cookies as per your convenience. 

Firefox Cookies Setting

Alternatively, you can clear the browser cookies after certain activity or certain time. This will also help you get rid of all the unnecessary vulnerable cookies.

Wrapping Up

Websites rely on Cookie, small piece of information, to identify the user and his preferences so that they can serve the user with relevant contents, ads and help in seamless browsing experience.

Internet giants like Google and Microsoft are constantly putting efforts to make Cookies safer and trustworthy media for better services for end user as well as web hosts. It is much safer than it used to be few years back and getting continues enhancements.

Internet Cookies can be of many types and few of them might be unsafe for private data but most of them stores and access only information relevant to marketing or browsing experience enhancement. You can delete them from your browser anytime. In other words, you always have the control of the information you want to share in the form of cookie and you have authority to delete them or opt out of sharing these information any time as per your convenience.

Leave a Reply