What are the different types of internet cookies?
Every time you visit a website, one of the first things you see is their cookie policy.
Some sites use language like:
“We use cookies to make your experience on our site better. By using this site, you agree…”
The website’s cookie policy tells you that the site is using cookies to improve your experience on that site.
But the truth is that until you dig further into the site’s cookie policy, you may not know exactly the types of cookies the site is collecting and if these cookies pose any security risks to you.
In this guide, we will break down everything you need to know about web cookies:
- What are web cookies?
- The types of web cookies and their uses
- Their benefits and risks to you the user
- How to manage web cookies
- The common ways websites use Javascript cookies and more!
What are web cookies?
Web cookies are small text files that contain bits of data stored in the browser folder on your computer’s hard drive whenever you visit a website.
When you visit a website, the site’s server creates bits of data about you which are stored on your computer. This data may contain account information, your shopping cart contents, pages you visited or even items you viewed on an ecommerce site.
The next time you visit that website, your browser sends information about your last visit to the server. This helps the website remember details about you and provide a better experience for you. For example, you add some items to your cart and close the webpage. If you visit that site again the next day, your items are still in your cart.
Types of web cookies
All web cookies are not created equal nor do they all serve the same functions. Depending on the type of cookie, it could persist on your browser as long as your session lasts, or for many months. Here are the 4 main types of cookies:
Session cookies
These are temporary web cookies that are only present as long as your web browser stays open or your session is active. Once you close your browser or your browser session becomes inactive (after a period of time), these cookies are removed from your device.
Session cookies have their uses in various websites. For example, ecommerce websites use session cookies to keep your cart items available while you peruse other product pages in search of new items you want to buy.
Persistent cookies
Persistent (Permanent) cookies last longer than session cookies. The website you visit creates this cookie and attaches an expiration date to them. By law, you can’t make persistent cookies last more than 6 months.
Websites use these types of cookies to remember information about you and provide better experiences. For example, a website can use permanent cookies to remember your login information so you don’t have to re-enter them every time you visit the site.
Third-party cookies
These cookies are created by a website you’re not visiting. These cookies are usually created by advertisers and associate you to a website where you clicked on an ad.
Third-party cookies gather data about your browsing habits. They allow advertisers to track you across multiple websites and serve ads to you wherever you go across the internet.
First-party cookies
These are the cookies created by the website you’re visiting. They are generally used to improve your experience on the site.
For example, these cookies help sites remember your language settings. When you first visit a website and change the language from English to French, the site creates a cookie to help it remember your choice. On your next visit, you see the website in the language you selected last time.
First-party cookies also perform functions like letting you add multiple items to your cart and even remember your login information.
Uses of Web Cookies
There are different ways that a website can use web cookies. They typically fall into:
User experience
Sites you visit use first-party cookies to enhance your experience and that of every visitor to their site.
When you visit a website with multiple languages and you choose Spanish, for example. The site creates cookies and uses it to remember your choice so that every time you come back, it remembers Spanish as the language you want to see the site in.
When you visit an ecommerce site, they use cookies to ensure that your experience adding items to your cart and checking out are seamless. If an ecommerce store didn’t use cookies, you will be unable to check out multiple items in one transaction.
Because a site may receive thousands to millions of visitors yearly, web cookies enable them to improve user experience for every visitor at scale.
Advertising and marketing
Third-party cookies play a huge role in online advertising and marketing.
Some advertisers use cookies that store information like age, gender and user behavior to serve internet visitors personalized ads. For example, knowing that you are a woman between the ages 25-34 means advertisers can show you ads about period apps, pregnancy products and others.
Another use in online digital marketing is retargeting. In this practice, advertisers use third-party cookies to target you with ads for a product/service you saw earlier. For example, you visit a university’s website about a postgraduate degree. Seeing ads about that University’s postgraduate programmes on every website you visit is a form of retargeting.
Analytics and web optimization
Web cookies are important in web optimization and analytics measuring.
In A/B testing, your experimentation tool uses first-party cookies to group your visitor into buckets for the different variations of your tests. It ensures visitors who see your control will not see the new variation. This helps prevent contamination in your experiments. These cookies typically only last for 30 days.
Another area of web optimization where web cookies are used is personalization. When you are customizing experiences for different audience segments, cookies allow you to personalize at scale.
For example, cookies can tell you the geolocation of your site visitors. Using this information, you can automatically change the language of your site to the one spoken where the visitor is. Knowing that a visitor is accessing your site from Mexico, your site can automatically switch its language to Spanish.
Analytics tools use cookies to measure:
- How many people come to your website.
- How visitors interact with different pages on your site.
- How long web visitors spend on a page and more.
Benefits and concerns of web cookies
The main benefit to using web cookies is improving user experience.
Optimizing your website for better user experience increases your revenue. Finding issues and solving them keeps visitors on your site for longer, helps them solve issues and make purchases without hassle.
All of this would not be possible without cookies to analyze user behavior on your site. Nor will it be possible without cookies in your optimization tool that ensures that a visitor who sees version A of an experiment doesn’t see version B.
Like everything else, there are risks associated with web cookies. The two biggest risks are an invasion of your privacy and cookie fraud.
The ubiquity of third-party cookies from advertisers and the data they store make them a threat to your privacy.
Many sites use Google products like Analytics, Maps and others. This gives Google the ability to gather sophisticated data about your behavior on different sites for their ad network.
But it’s not just Google. Other advertisers use third-party cookies to gather information about how you behave on websites, your age, location, gender and more. All of this information is gathered without your explicit permission. This data is used to track and target you with ads across different sites.
Another risk with using web cookies is cookie fraud. This occurs when bad actors intercept the data from your browser and the website server.
Attackers can then take over your valid sessions on a website. They can also use you as a proxy to gain access and control on a site.
Keep your browsers up to date and avoid sites you do not trust. This helps you prevent cookie fraud.
How to manage web cookies
The first step to managing cookies and protecting your privacy is knowing where the cookies are stored in your browser.
The next step is deleting unnecessary web cookies and those from sources you do not recognize.
Chrome
You can manage cookies in Chrome in two ways: block all cookies or take a granular approach.
To block all cookies:
- Open your Chrome browser and click on the 3 vertical dots on the upper-right hand corner of your screen.
- Click on “Settings” in the drop-down menu.
- Then on “Privacy and Security” and finally on “Cookies and other site data”.
- By default, Chrome allows all cookies. You can change this to “block all third-party cookies” to prevent ads from following you across the web.
- You can also set your browser to clear cookies and site data when you close all windows.
In the granular approach, you can manage and disable web cookies site by site.
- Follow steps 1-3 in the above. Then scroll down to the “See all site data and permission” option and click on it.
- This shows you which websites have cookies stored on your device and you can delete these cookies from there.
Firefox
In your Firefox browser, you can manage/disable cookies for a site or by blocking cookies for every site.
To clear cookies for all sites,
- Open your Firefox browser and click on the 3 horizontal bars on the upper-right hand corner of your screen.
- Click on “Settings” in the drop-down menu.
- Then on “Privacy and Security” and scroll down until you see “Cookies and Site Data”.
- Select “Clear Data” and a new pop-up will appear.
- Make sure “Cookies and Site Data” is checked.
- Click on “Clear” and this will remove all the site cookies and data.
- You can also set your Firefox browser to clear cookies and site data when you close all windows. Simply check the box beside “ Delete cookies and site data when Firefox is closed”.
To delete cookies by websites,
- Follow steps 1-3 in the above. Then click on “Manage Data”.
- You will see a new popup window with a search bar and a menu showing you all the sites that have cookies in your device.
- To remove all the cookies stored in Firefox, click on the “Remove All” and then “Save Changes”.
- To remove the cookies by websites, you can use the search bar to find a site or scroll until you find the site you want.
- Click on the website whose cookies you want to remove. Then click on “Remove Selected” and finally on “Save Changes”.
Safari
To block all cookies in your Safari browser,
- Go to “Settings” and then click on “Privacy”.
- Find the menu option “ Cookies and Website Data” and then check the box called “Block all cookies” to disable all cookies on your device.
To remove cookies from your device,
- Go to “Settings” and then click on “Privacy”.
- Find the menu option “ Cookies and Website Data” and then click on “Manage Website Data”.
- Select one, more or all sites and then click “remove” or “remove all” to delete some or all the cookies stored on your device.
What are JavaScript cookies?
In JavaScript, you can create, modify, read and delete cookies using the document.cookie property.
Cookies in Javascript are not really different from web cookies as Javascript provides a framework for interacting with web cookies on the client side. Since your browser sends data to a web server, you can manage web cookies using Javascript on the browser side.
Because the cookie is deleted when you close your browser, you can prolong the life of the web cookie by adding an expiry date in UTC.
Common use cases for JavaScript cookies
Just like regular web cookies, you can use JavaScript cookies to:
- Save user preferences when they visit your website. For example, you can use JavaScript cookies to save a user’s preference for dark mode on your site. This way when they return to visit your site, you will show them a site in dark mode.
- Track how users behave on your site. This can be useful in your optimization efforts. For example, you can track where visitors are dropping off in their customer journey on your site. This provides an opportunity and avenue for optimizing their journey.
- Manage visitor’s sessions on your site. When a visitor arrives at your site/application, their browser cookies exchange information with your server. Because servers handle each request independently even if they’re coming from the same user, cookies are essential in letting the server know that all of these interactions are coming from one user.
- Personalize experiences for all users. Because of the information stored on cookies, you can personalize experiences for multiple users at once. For example, you can bucket users from Quebec into a cohort where your site appears to them exclusively in French.
The future of web cookies
Will you be able to use web cookies on your site in the future?
The answer isn’t a straightforward yes or no. It is more of an “it depends” on what you use cookies for.
If you run a site that uses third-party cookies or data in any form, you will need to find alternatives as browsers phase out their use. Google is the current holdout as they have pushed their phase out of third-party cookies on Chrome to 2024.
You can still use first-party cookies as they are not being phased out. Trying to disguise your third-party cookies to look like first-party cookies will not work as browsers are wise to this trick. Apple’s ITP restricts the lifetime of first-party cookies that have CNAME cloaking to just 7 days.
Before you look for alternatives to cookies, you need to understand the underlying reason why third-party cookies are being phased out — a lack of trust from your web visitors.
Juliana Jackson, Senior Data and Optimization Specialist at MediaMonks, agrees:
“Customers want to feel safe online knowing that their personal data is secure and private, being confident that their data is not abused, and having the ability to control their data.
Companies are used to collecting data about their users without having a clear purpose for what to do with that data. I hope that the increase in privacy regulations will also serve as an education piece for companies to focus more on behaviors, empathy, and building reliable and purposeful data collection mechanisms.
The privacy regulations, browser changes, and the users' need for control don't only affect optimization; it affects how you run and maintain an online business. Optimization is just a part of a very big picture.”
That being said, here are some alternatives to web cookies you can use in your marketing, advertising, and a/b testing and optimization efforts.
When it comes to optimizing and personalizing experiences for your visitors, moving your efforts server-side eliminates the need for cookies. In Kameleoon, for example, you can still effectively bucket your users for experiments by using a server-side snippet. This keeps your data accurate whilst respecting the privacy of your visitors.
If you’re in advertising, contextual targeting is still available to you. Using this method, you show ads to visitors based on the content of a page they’re visiting. For example, if someone visited a page about museums in San Francisco on a travel site, you can show them ads about museum tours in the same location.
Another alternative is cohort-based advertising. By grouping web visitors into cohorts based on interests, browsing habits, hobbies, and other characteristics, you create a group you can effectively serve ads to.
Browser fingerprinting is another technique you can use in place of web cookies. Because a user’s device provides unique information when they visit a website, you can use this information to improve the experience for that user on your website.
Using a consent management platform (CMP), you can collect and manage personal information and consent from your site visitors to enhance user experience and other activities.
To Summarize (TDLR)
Web cookies are fundamental to the operation of modern websites and businesses. They make it easier for you to scale customer experience optimization for all visitors to your site.
Despite their immense benefits, cookies can be co-opted by bad actors and share information you do not consent to with third-parties. This makes it imperative for you to monitor, manage and remove cookies that come from websites you visit while you traverse the internet.
Web cookie management keeps your information private and prevents ads from stalking you while you browse the web.
If you’re on the hunt for an experimentation tool that helps navigate the complexities of a cookie-less world, check out our Data Accuracy page.