Information Security: Defining Cookies
A Cookie is a small file, typically of letters and numbers, downloaded on to a device when the user accesses certain websites. Cookies allow a website to recognize a user’s device. Cookies are categorized in two ways, the extent of data they store and the website that places the cookie on the user's device.
A session cookie is one which is erased when the user closes the browser. Session cookies are considered to be less privacy intrusive than persistent cookies because they expire after a browser session so would not be stored longer term. For example, session cookies can be used for security when a user is accessing internet banking or to facilitate use of webmail.
Persistent cookies differs from a session cookies. A persistent cookie remains on the user's computer/device for a pre-defined period of time.
Persistent cookies are stored on a users’ device in between browser sessions which allows the preferences or actions of the user across a site (or in some cases across different websites) to be stored.
Persistent cookies may be used for a variety of purposes including remembering users’ preferences and choices when using a site or to target advertising.
First-party cookies are set by the web server of the page the user visits (the website displayed in the URL window).
Second-party cookies are stored by a different domain than the visited page's domain. This can happen when the web-page references a file, such as JavaScript, located outside its domain.
Third party cookies are cookies that are set by a domain other than the one being visited by the user. A common example is an advertising service (ex: AdSense) which creates a third-party cookie in order to monitor which websites were visited by each user.
Common Terms
(f) Terminal equipment-The device a cookie is placed on – usually a computer or mobile device
(g) subscriber-This means a person who is a party to a contract with a provider of public electronic communications services for the supply of such services.
(h) user-This means any individual using a public electronic communications service. In this context a user would be the person sat at a computer or using a mobile.
In another article on this blog, I will provide further details on cookies and privacy settings as well as cookies compliance under GDPR.
Comments
Post a Comment
all comments to this blog are moderated