A cookie is a unique piece of text code that is sent from a website server to the browser of the webuser accessing the website. When that webuser returns to that website the cookie is then sent back to the website's server.
Cookies are used to authenticate web users, to track data sessions and to maintain specific information about the web user, like surfing habits and shopping cart contents amongst others.
What are cookies used for?
Cookies can be used to track data of a user’s navigation website. Tracking the navigation of an online shopper in an eStore, can help a website owner make their marketing strategy more targeted.
If an online shopper’s tracked navigational data reveals that they make a cosmetic purchase everytime they visit the eStore, it would make sense to present them with a banner showing cosmetic offers when they log in.
Cookies can also be used to grant access to a login page for a user already authenticated by the website server. If the user’s browser presents the cookie to the website server and the user is authenticated, then there’ll be no need for them to enter log in details.
This means your eCustomers won’t have to remember their log in details when logging in from the same computer that they signed up on.
Websites that have a large base of users can offer each member a personalized interface and navigation, through cookie tracking. If each member’s personal choices have been stored in the cookies in their webrowsers, every time they log in, their personalized interface and navigation settings can be loaded.
Google recently released email accounts that each email account holder can personalize, and they use cookie tracking to load each member’s profile accordingly.
Cookies also allow tracking to take place across websites. As in online marketing where impressions, clicks, leads and sales can be tracked through from affiliate websites through to merchants websites.
What is cookie hijacking?
Cookie hijacking is when a third party intercepts a cookie in order to access the sensitive information contained inside the cookie.
Cookie hijackers target unencrypted data sessions using packet sniffing software to access the information contained inside the cookie.
Transport Layer Security (a https protocol) can be used to send encrypted cookies across a secure channel, which would make them inaccessible to most cookie hijacking attempts.
Another method used by cookie hijackers is cross-site scripting, where the hijackers make the user’s webrowser send the cookies to servers that should not receive them.
Cookiemonster attacks are when the hijackers target high volume traffic webservers. Many high volume traffic webservers use authentification for login pages but send data over unsecured channels due to performance reasons. Cookiemonster attackers intercept these cookies when they are traveling across an unsecure channel.
What is cookie poisoning?
In order for a cookie to work effectively, it should remain unchanged from the time it was stored in the user’s web browser to when it is sent back to a website’s server.
When the information inside the cookie gets altered in any way, this is what is known as cookie poisoning.
Cookie hijackers would often poison cookies in order to carry out fraudulent activities. A prime example of cookie poisoning is when cookie hijackers alter purchase amounts of shopping carts in effort to cheat eMerchants out of money owed for purchases.
Many online merchants have moved to only storing a special session code in the cookie, to reduce the susceptibility to cookie poisoning. This allows the cookie to access sensitive payment information that is stored in a secure location on an internal server.
Many internet privacy experts believe that the expiration time of cookies should be kept as short as possible, as the longer it takes for them to expire the more susceptible they become to cookie poisoning.