There are many debates about types of internet cookies and what they’re used for. Since Google announced it would phase out third-party cookies on Chrome by the end of 2023, we started to hear a lot about “good” and “bad” cookies. Nevertheless, cookies are an essential technology that helps the Web function the way it does.
Let’s find out about 7 types of web cookies and cookie alternatives.
Table of Contents:
- First-Party Cookies
- Second-Party Cookies
- Third-Party Cookies
- Session Cookies
- Persistent Cookies
- Secure Cookies
- Zombie Cookies
- Cookie-Based Authentication
- Alternatives to Web Cookies
But first, let’s refresh our knowledge about what cookies are in the first place?
What Are Cookies on the Web?
Web or internet cookies are small bits of text kept on a web browser. These text files allow the website itself or the website’s browser to collect user data and enable user-specific features such as personalization and tracking.
Computer cookies are usually stored on the user’s web browser. The server creates a cookie with a unique ID stored on the user’s web browser. The browser sends this cookie back to the web server each time there’s a new request, allowing it to display specific information for each user.
What Are Cookies Used For on Websites?
Web cookies exist for 3 main reasons:
- Session management–cookies help publishers’ websites recognize users without asking them to authenticate.
- Personalization–cookies help display targeted ads, set frequency capping, and help with reporting.
- Tracking–shopping stores might suggest products similar to those the user viewed.
Let’s continue with 7 types of internet cookies!
1. First-Party Cookies
What are first-party cookies?
First-party cookies are stored on a website (domain) a user has visited directly.
Publishers use these cookies to collect analytical data and optimize website functionality, like remembering the language preferences.
First-party cookies are active by default and will not go away any time soon. This is because they are essential to perform key website features.
2. Second-Party Cookies | Do They Exist?
Second-party cookies do not exist; however, there is second-party data.
This data essentially is someone else’s first-party data. When the first-party data is segmented and transferred from one company to another, it becomes second-party data.
For instance, a hotel chain would share or sell its first-party data to a trusted restaurant chain.
3. Third-Party Cookies
What are third-party cookies?
Third-party cookies are placed by other domains and not the ones a user visited directly. This happens when a user visits a website that has a third-party cookie file, for example, in the form of an ad. Third parties use these cookies for tracking, ad serving, and retargeting.
Web browsers like Safari and Firefox are blocking third-party cookies by default already. In the image below you can see that Safari blocks all cookies and website data and prevents cross-site tracking.
What are the differences between first-party and third-party cookies?
Sometimes first-party cookies can also be used in a third-party context. For example, a third-party service like a widget or a chatbot can leave its first-party cookie on the publisher’s website.
This is usually done to enable functionality like leaving a comment or liking content and can be subsequently used for cross-site tracking.
4. Session Cookies
What are session cookies?
Session cookies, also known as non-persistent cookies, are like a memory of websites. They retain information about the users’ visits only until they close the browser, i.e., they expire immediately after the session. Session cookies enable the publisher’s website to track users’ activity across pages within a given session.
For example, if not for session cookies, items placed in the e-commerce store’s cart would disappear every time a user refreshes the page or proceeds to checkout. This is because websites tend to treat each new page request as from a new user.
5. Persistent Cookies
What are persistent cookies?
Persistent cookies, also known as permanent cookies, usually have an expiration date set by the publisher. Users’ devices store them, and they remember the information users set, such as language preference, settings, login details, etc.
These cookies are sometimes called tracking cookies. This is because they track users’ behavior on the website over an extended time.
In Chrome Developer Tools Menu, persistent cookies have an expiration date, whereas session cookies are marked as ‘session’.
6. Secure Cookies
What are secure cookies?
Secure cookies will only be present on a website with an HTTPS protocol. This ensures encrypted connection and prevents cookie theft.
As seen from the graph, 95% of websites across the web today are utilizing HTTPS protocol to enable secure and safe browsing.
Encrypted Traffic Across Google
7. Zombie Cookies
What are zombie cookies?
Zombie cookies, also known as evercookies and supercookies, are not actual cookies. They are small bits of code, usually in the form of an image, local shared object, or HTML5 Web storage. They recreate themselves as regular cookies even after the original cookies have been deleted, hence the name zombie cookies.
Although not a separate cookie type, cookie-based authentication is the most common method web servers use to understand whether a user is logged in or not. This method used the HTTP cookies to authenticate the user’s request and maintain session information on the server.
Alternatives to Web Cookies
Publishers’ first-party data will become extremely valuable with the end of third-party cookies. Publishers will be able to leverage this data to help advertisers target their audiences more accurately and efficiently.
But it’s also the perfect time to remind your users why you need to show them ads and how website monetization allows you to support the great content you put out.
Contextual advertising, which doesn’t rely on cookies and trackers, will also be in trend when third-party cookies eventually go away.
Moreover, the industry leaders are already developing other solutions like Unified ID and data-clean rooms. These technologies rely on a neutral cookie identifier that allows real-time trade among DSPs, DMPs, and SSPs and performs in a third-party context.
Experts also suggest that subscription models and other website monetization strategies will be on the rise.
Users’ growing demand for greater privacy and various privacy regulations such as GDPR, CCPA, and PDPA have led publishers and advertisers to look for alternative ways to connect with their audience.
Publishers need to focus on their content strategy and build a long-term relationship with their users. Going forward, website optimization and overall user experience will be the main ranking and growth factors.