What Are Cross Domain Cookies and How Do They Work?
When you visit a website, you might have noticed a text box that pops up, notifying you that the website is using cookies. Some websites allow you to accept or decline this. By accepting, you allow all types of cookies into your computer. When you decline, they still inject a cookie but it is to remember in the future that you declined their cookie policy. Still, there are websites that won’t ask you if the cookie policy is okay or not. Instead, they will just say that “by continuing to browse our site you are agreeing to our use of cookies”. If you didn’t notice the notification, then you are welcoming cookies into your system. Silence means yes, even in the digital world.
This is very similar to telemarketing calls that you receive at home or at work. Some companies allow you to opt out, while other still continue to call you even when you expressed your disagreement already. These days, a cookie, specifically cross domain cookies, can do extensive market research on behalf of business owners, just like telemarketers.This article will explain what cross domain cookies are and how they work. But first, let us understand what cookies are.
Cookies are small text files that are injected into your computer when you visit a website. When you visit that particular website again, your computer sends the cookie back to the website. The result is a personalized browsing experience because the website will remember you and your preferences during your previous visit.
Take for example your shopping experience with Amazon. Let’s say that yesterday, you placed an action figure and a Star Wars shirt in your shopping cart. However, you needed to go so you weren’t able to pay for the items. A few hours later, when you log back in to Amazon, you will still see those two items on your cart. How did Amazon remember? Because they used cookies.
Another example is when you log in to Facebook, Twitter, or Instagram. The next time you log in to these sites, you will see that they remembered your username and even your password. Again, this is made possible because of cookies.
Apart from the two items on your cart, or your login information that Amazon and Google remembered, websites who use cookies also have the following information about you:
- Browsing history, at least those that are on the website you visited. So even though you didn’t put that self-help book on your cart, Amazon still knows that you were looking at it. And even when you didn’t “like” a Facebook page, Facebook knows that you were browsing through it.
- How long you spent on a particular web page.
- Your login details such as username and password.
- Any customized settings you may have on a certain website.
More than providing a customized browser experience, cookies are being used to track people so that the website (business) will know what services you are interested in, what products you like, and what pages you were looking at. A profile of you will then be created, and you will be targeted by ads of products or services that you are interested in.
Types of Cookies
There are several types of cookies, and no, we are not talking about chocolate chip cookies or fortune cookies (although we may need this in our fight for online privacy). These are listed below:
1. Session cookies are temporarily stored in your browser’s temporary files. These cookies expire when you become inactive after a pre-set amount of time, or when you close your browser. Ecommerce sites, like Amazon in our example above, use session cookies to remember the contents in your shopping cart.
2. Permanent or persistent cookies stay on your computer even when you close the browser. There are countries that have laws regarding the time by which these should be stored in the user’s system, and usually it is six months. Cookies should not last for more than this legal amount of time. Google uses persistent cookies to remember your username and password.
3. Third-party cookies are those that point to another website, and not to the website you are visiting. Facebook, for example, contains third-party cookies which are actually from advertisers who want to track Facebook users’ preferences and online behaviors. A lot of, if not all, websites use third-party cookies including Flickr, Google Maps, Google Plus, Twitter, and YouTube to name a few.
The World Before Cross Domain Cookies
The business world that we knew, say, thirty or forty years ago is unrecognizable today. Before the age of internet, successful businesses needed to do all the hard work or at least hire a lot of people to do them. They need people to do target market research, marketing, advertising, sales, and all those things that make businesses a success.
Market research back then involved creating a survey with the right questions, going door to door in your target area or calling people that you think fit your target market in order to get their answers and preferences. After that, marketers create a general profile of their target market based on the survey answers, and then ads would be developed based on that profile. All these processes would translate to a manpower of 20 people at the very least, and a time frame of six months to one year.
Cross-domain cookies fall under the third-party category. These cookies are used to track users across different domains or websites. Let’s say you logged in to your Google account, and then visited a different website without logging out. After a few minutes or hours of internet browsing, you decided to log in to your YouTube account. YouTube detects that you are logged in to your Google account, so it doesn’t ask you to log in.
How did YouTube know that you are logged in to your Google account? Because Google uses cross domain cookies that tracks its users in all domains it owns, which includes YouTube. This is the same with other corporations, no matter how big or small.
How Do I Block Cross Domain Cookies?
You may find all these details about cookies in general and cross domain cookies in particular to be alarming and even creepy. It’s like having someone looking over your shoulder while you are innocently browsing the internet. Little did you know, someone from another part of the world has so many information about you. As a matter of fact, they have enough information about you to create a profile and sell this to advertisers and business owners.
The good thing though is that third-party cookies can be erased and blocked. Here are some tips on how to do this.
Manually delete the cookies
Do this by going to the browser’s folder. Just make sure to erase these regularly as cookies are being saved every single time you visit a website.
Change the settings on your browser
Each browser has different ways to do this but generally, you need to find the Privacy settings on your browser. For Firefox and Google Chrome, the steps in blocking cookies are listed below:
Blocking Cookies in Firefox
1. Go to the Options menu in the browser.
2. Go to the Privacy tab.
3. Under the Tracking category, click on the radio button labeled as Tell sites that I do not want to be tracked.
4. Under the History category, set “Firefox will” value as Use custom settings for history.
5. Set “Accept third-party cookies:” to Never.
Blocking Cookies in Google Chrome
1. Go to Settings.
2. At the bottom of the page, click “Show advanced settings”.
3. Under the Privacy category, click on “Content Settings”.
4. A window will open where you can select “Block sites from setting any data”, and “Block third-party cookies and site data.
Use a Virtual Private Network (VPN)
There are other ways to block cross domain cookies but none of them provide a more comprehensive and holistic protection than a VPN. With the right VPN provider, cookies will be encrypted in such a way that nobody – even your ISP and the website who injected the cookie into your computer – will be able to see what’s in it.
A VPN rides in your network but creates a virtual network within your physical network. It then creates a tunnel that no one can get into. It acts as a middleman between you and the websites you are visiting so that these websites will not know it’s you. They will only see that someone using VPN is requesting a connection, but they won’t know it’s you.
Therefore, your personal details such as your IP address, browsing history, login information, just to name a few, will remain private. This is the way it should always be, anyway.
Should You Do Anything With Cross Domain Cookies?
Cross domain cookies are seemingly innocent text files that are being injected into your system without you knowing. Sure, websites have cookie policies that popup at the bottom when you visit them, but most people really don’t know to what extent the information gathered will be used.
Can these details in the cookies be used in court? Can these be used to harm you? Or are they merely used for advertising purposes? You will never know, so it is always better to be safe than sorry. This is a cliché, but it is even true in the digital world that we live in.
In order to be safe always, make sure to delete cookies regularly, tweak the privacy settings of your browser, or better yet subscribe to a VPN service such as LimeVPN. We use corporate-grade encryption, and have multiple servers all over the world, ensuring that your privacy and security are intact all the time.
