Cookies

What is a Cookie?

A cookie is a small text containing information. While visiting a web site, cookies are sent to the Browser by the web site itself or from providers of advertising banners and pictures.
A cookie contains information about the web site visitor that is important to the owner of the visited website. This information could be: Previously bought products, products in the shopping basket, which words were looked for, passwords for this site, personal data and much more.

 Cookies are made of six different parts¹:

Only the name and value are parts of the cookie that the creating website needs to fill with content. The four other parts do not need to be filled by the website. The user’s browser will fill them in automatically.
 

Are there differences between cookies?

There are two major kinds of cookies, depending on their expiration date: The first ones are temporary cookies. Temporary cookies are erased after the session they were created in is closed. For this reason, they are also called “Session Cookies”. This erasing does not happen when the concerning website is closed but when the internet browser is closed.

The second kind of cookies is non-temporary cookies: If a cookie is needed longer than the browser is opened, the cookie is stored by the browser on the hard disk of the visitor’s computer. The next time the browser is opened, it will load all permanent cookies. In doing so, the web sites that sent the permanent cookies will be able to read them. These permanent cookies will be saved for differing periods of time. How long, depends on the producer of the cookie. A lot of non-temporary cookies are theoretically saved for many years because the expiration date is set to a far away date. ²

The mentioned storage of cookies on the visitor´s hard disk is only noticeable for the user with special options of the internet browser activated. Also, the later access of a web site to the cookies in the browser will be hidden for the user.³
To prevent cookies from misuse, a cookie can only be read from the website that created it.
 

Are Cookies dangerous?

As written before, a permanent cookie contains information about the user and is saved on the user’s computer. Cookies can be used to observate people by collecting data of the surfing behavior of the user while he is visiting a website. This is a fact that many users want to evade. Therefore, internet browsers like Microsoft Internet Explorer or Mozilla Firefox offer the option to block all cookies. Alternatively, the users can choose the option of only saving cookies when manually accepted.

The fear that cookies could fill up the whole hard disk is unfounded. This is because common browsers limit cookies to a number of 300. If there are more, the cookies least used will be erased. Since cookies have only a size of 4 Kilobyte, this leads to a maximum size of all cookies together of about 1 Megabyte. This is less than a thousandth of the space of an actual computer hard disk.

Also, fears exist that a cookie could read out information which is stored in the computer, although this information was not written on websites. To that, rumours are to read that cookies could help computer viruses to get into a system. Both points are contrary to fact. This is because a cookie is stored in a very small text only file. This kind of file is no programme and not executable. That means it is unable to act by itself.

But there is one special case where cookies are a threat. This danger is called “Cookie Harvesting”.As mentioned before, some cookies contain passwords or identify the visitor of a website. This is where a third participant is able to take in: A hacker fakes to the browser that the original website requests information. Now, this information will be sent to the unknown person. If the cookie contained enough data, the hacker pretends to be the user on the web site that the cookie was made for. Used this way, the Cookie Harvesting has wide-ranging consequences. For example, the hacker posts statements in the user’s name or buys with the user’s credit card.⁴ To evade this danger, it is recommended not to send credit card information through the internet. Also, passwords should not be saved automatically.
 

What advantages have Cookies?

We now are informed about potential dangers of cookies. But if used the right way, cookies offer a rise of value for both visitors and owners of web sites.

There are at least four arguments for using cookies as a web site visitor: First, procedures are made faster for the user because registration data does not to be written again on the following visit. Second, if a buying process is stopped, the items are still found in the shopping basket when the user revisits the page. Third, sites could be personalized to the preferences of the user. To that, advertisement that fits to the user’s interests could be chosen.

This personalized advertisement is also positive for the owner of a web site. Through this target advertisement, users are more likely to fit in the advertising target group. This leads to a higher number of clicks on the shown advertisement. Aditionally, increasing the usability by cookies means increasing the customer loyality.


A lot of cookies are used for marketing research and web marketing by marketing consultants. Cookies for marketing research are always permanently stored onto the customer’s computer. Marketing research cookies collect data of the user from all the web sites that are related to the marketing research company. Therefore, a user does not only get this kind of cookie when visiting the market researcher’s website, but also when visiting web sites of participating companies. Cookies for marketing research are used by a lot of companies that want more information about their customers than they can collect by themselves.³

Cookies are also used for Website Tracking. This assists the web site owner in two ways: First, Website Tracking with cookies could reveal so called “dead ends” where people stop clicking through the web site. Knowing this, the owner is able to optimize his web sites for future visitors. Secondly, Website Tracking with cookies allows watching if someone revisits the site or if the visitors are always new to the site. This information would help deciding if a marketing campaign like Google adwords has worked. To that, Tracking Cookies can help finding click fraud by individual persons.

 
Sources:
1: David Wahlen: The Unofficial Cookie FAQ – Version 2.6 2002, in:  www.cookiecentral.com/faq/, zugeriffen am 18.08.09
2: Krause, Jörg und Bünning, Uwe: ASP.NET Programmierung mit C#, München 2002, S. 798
3: Mayer-Schönberger, Victor: The Cookie Concept, in: www.cookiecentral.com/c_concept.htm,  zugegriffen am 04.09.09
4: Rey, Enno; Thumann, Michael und Baier, Dominik: Mehr IT-Sicherheit durch Pen-Tests, Wiesbaden 2005, S. 134-136

Picture: created by the author



Tags: Cookies, cookie, personification, market research