What are the Cookies?

In the 21st century, where information is the new gold that moves the world and the Internet is a medium through which companies can easily reach their potential customers, cookies play an important role in learning about people's consumer habits and preferences in order to offer them personalised products and solutions.

What are they and how do they work?

A cookie is a text file saved by an internet browser in the user's hard drive or a memory segment with information regarding a website that has been visited, such as the actions carried out on the website, for example. Cookies stored on the hard drive do not contain sensitive user information such as passwords or account numbers. Those that need to record sensitive information are stored in the memory, and therefore once they are no longer being used or the computer is turned off or restarted, they disappear.

All the websites you visit ask you to accept cookies but, given that we are never safe from the threats of the internet, it is important to know what it is we are accepting when we say we do not mind that a site saves cookies on our browser. If you are not in agreement with the conditions described, you can always avoid their installation by rejecting the consent request.

What are they used for?

Cookies are used for different purposes, the main ones being:

  • Some "tell" brands and companies about our internet habits so we can receive offers, ads and content in accordance with our interests.
  • Others are used to customise the service provided.
  • To control traffic and remember pages we have visited.
  • To ensure security for the site and the user.
  • To remember our information on a webpage.

Types of cookies

According to the administrator:

  • Own cookies: they are managed by the webmaster of the website itself and their purpose is to facilitate the management of the website (e.g: shopping cart).
  • Third-party cookies: they are managed by an entity other than the webmaster of the website and generally for data analysis purposes (e.g., browsing, preferences, etc.).

According to the type of connection:

  • Session cookies: the information contained in them is used while browsing the website.
  • Persistent cookies: the information contained in them is used at any time.

According to their purpose:

  • Technical cookies: designed to monitor the traffic of a website.
  • Customisation cookies: designed to maintain a user's configuration on a website, in order to maintain a personalised browsing experience adapted to the user.
  • Analytical cookies: designed to track users' behaviour on the website, their tastes and habits, identify the profile of the typical visitor...
  • Advertising cookies: designed for the promotion of products and services on the websites to users.

Do they entail a risk?

Cybercriminals may carry out fraudulent actions through the use of cookies:

  • Theft of data on browsing habits collected in the cookies. Cybercriminals use them to produce misleading targeted advertising and thus redirect the user to fraudulent businesses.
  • Theft of session cookies (credentials) due to failures in the software or web browser protocols.
  • Credential theft using "session hijacking" or "cookie theft" techniques: the cybercriminal enters a modified cookie in the browser of the user who has previously accessed a website controlled by them. When you access a page that requires authentication, the modified cookie is passed off as the legitimate cookie, thus obtaining the credentials.

To avoid these risks, and in accordance with the General Data Protection Regulation (GDPR), you can configure the use of cookies from the web pages. In addition to reviewing the configuration, you should also adhere to the following good practices to ensure safe surfing and to protect your privacy:

  • Keep your browser updated, as well as any add-ons and plug-ins installed.
  • Delete the browsing data from time to time, as well as cookies.
  • Disable the password reminder option so that they are not stored in the browser.
  • Set your browser to incognito or private mode when using a public device.
  • Use an anti-virus programme and run a scan of the equipment on a regular basis.
  • Read the messages or notifications that appear when you visit a website before you click.
  • To correctly configure the use of cookies on a website you can do this from your browser, under the "Privacy and Security" option in the "cookies and site data" section.

Examples of use

How are cookies used in online shopping baskets?
When a user adds an item to their shopping basket, it is stored in the cookie. When the user completes the order and moves on to pay, the items are recovered from the cookie and the total amount due is calculated.

In the same way, when a user visits a gardening website, for example, and stops to browse gardening books, this action is registered in the cookie. Once the user returns to the same or a similar page, the cookie data is collected and the user will be shown advertising about similar books.

Cookies are very useful for both users and organisations as they simplify the browsing experience. Their management and programming by the websites must be well secured because, otherwise, if they present vulnerabilities, they can be used by potential attackers to commit fraud and/or cause damage.


You might be interested in