Cookies are small text files stored on a user's device when they visit a website.
They contain information about the user's preferences, browsing history and other data enabling the online experience to be personalised.
Types of cookies
There are 2 types of cookies:
🍪 proprietary cookies (first-party cookies)
- Created and deposited by the website you visit directly
- Used to improve the user experience on this specific site
- Limited to tracking Internet users only on the site where they are stored
🍪 third-party cookies (third-party cookies)
- Created and registered by domains other than the one visited
- Used mainly for commercial and advertising purposes
- Capable of tracking user behaviour across several websites
How it works
- When a user visits a site for the first time, the server sends a cookie to the browser.
- The browser stores this cookie on the user's device
- On subsequent visits, the browser sends the cookie back to the server. This enables the server to recognise the user and personalise their experience.
💥 Risks associated with cookies
Although cookies have legitimate uses, they also present risks for the security and privacy of users:
- Invasion of privacy : third-party cookies can track users' browsing behaviour on several sites, collecting personal data without their knowledge.
- Data theft sensitive : some cookies may store sensitive information such as login details, which could be exploited by hackers.
- Identity theft If hackers gain access to cookie data, they can potentially usurp the user's identity on certain sites.
- Gateway to malicious software Cookies can be used as a vector to introduce malicious software onto the user's device..
- Session hijacking : a technique known as "cookie hijacking" enables a hacker to intercept a user's cookies to impersonate them and access their accounts.
Examples of risks
- A hacker intercepting a user's cookies on a public Wi-Fi network could potentially access their online accounts
- Third-party cookies could track a user's shopping habits on several e-commerce sites, creating a detailed profile without their knowledge.
- A malicious software could exploit security loopholes in cookies to install themselves on the user's device
💉 Protection and remedies
Browser settings
- Configure your browser to block third-party cookies
- Activate the "Do not track me" option
- Delete cookies and browsing history regularly
Use of protective tools
- Install browser extensions that block trackers
- Using a VPN to encrypt network traffic
- Use up-to-date antivirus software
✔ Best practice
- Be vigilant about the sites visited and the authorisations granted
- Use private browsing for sensitive activities
- Logging out of online accounts after use
📊 Cookie statistics
- Of the 1.1 billion websites in existence, around 42 % actively use cookies
- 46 % of French people accept all cookies to save time (NordVPN study)
- Only 6 % of French Internet users systematically refuse all cookies (NordVPN study)
- Worldwide, it is estimated that more than 30 % of users regularly delete their cookies
- Third-party cookies are gradually being phased out by the main browsers, with Google Chrome planning to do away with them altogether.