You’ve no doubt heard a lot about internet cookies, or have at least seen the message pop up on a website when you first visit. Sometimes you even have to acknowledge you are ok with the site collecting your information before you can proceed. In today’s world where we are all more conscious of what data is collected about us and how it is stored, it raises the question of what exactly a HTTP, or internet, cookie is?
According to our Salesforce Consultant, Sandy Simpson, simply put, whenever you visit a website, it will ‘drop’ a cookie (a small bit of program text) into your browser settings so that the next time you visit the same site your browser will remember that you’ve been there before.
Have you ever gone to a website and filled in a form and returned sometime later and found the form has been pre-filled with your name? That’s because a cookie remembered you.
Or, the first time you logged into Facebook, you had to enter your username and password but the next time it just went straight in, no login required – and it’s probably still doing that now. That’s a cookie remembering you’ve already logged in. Clever aren’t they?
It’s often easy to take cookies for granted, especially when you use the same device and can access pages without having to continually re-enter information. However, if you get a new device or go to your browser settings and clear out all the cookies, your browser will no longer remember you’ve logged into Facebook before, for example, and the next time you go there you’ll be asked to log in all over again. This is because the cookie hasn’t been ‘dropped’ into your browser yet. Once you visit the page or re-enter your login details, the cookie will remember you moving forward.
Ok, so now we understand a little more about cookies, let’s get a bit more technical.
There are actually two different types of cookies a website can drop into your browser which, depending on your domain, may need to be adjusted to remain visible in search engines.
Third-Class Cookies (3rdCC)
These are your stock-standard, every day, run-of-the-mill cookies that a lot of websites use. As a company who works with the Salesforce CRM, we also use Pardot for creating landing pages. If you were to visit a 3rdCC, Pardot-hosted landing page, for example, the cookie that’s dropped into your browser will contain the Pardot domain of go-pardot.com
The problem with 3rdCC is that a lot of browsers, like FireFox and Safari, have now started to block web pages that use 3rdCCs as they see them as ‘unsafe’. Very soon, Chrome will be joining these ranks and will also start blocking sites that use 3rdCC so it’s potentially a very big problem.
First-Class Cookies (FCC)
These are custom cookies that pass the Trust Test with browsers. If we go back to our Pardot example, instead of using the 3rdCC of go-pardot.com, we would instead use a custom domain that is already set up. For SalesFix, that’s www2.salesfix.com.au, but for other organisations, it might be go.companyname.com or whatever other domain names they already have.
Essentially it means that when you visit a Pardot-hosted webpage, the page will drop a FCC into your browser; your browser will scan it and pass it as a trusted site and the page will load successfully the first time you visit, and every time thereafter.
So if 3rdCC are considered ‘unsafe’ by FireFox and Safari, what happens if you use them with these web browsers?
Safari and FireFox (and basically all other browsers available on the market) offer some methods to block third-party cookies. Third-party cookies are blocked when a user does one or more of the following:
- Browses the web in private or incognito mode
- Uses Safari as their web browser on Apple mobile devices, as it blocks third-party cookies by default
- Changes the cookie and tracking settings in their browsers (detailed below)
- Installs ad blockers.
Most browsers allow users to disable third-party cookies from the settings menu. Doing so will result in site ads being much less personalised, forms not pre-filling with ‘known’ information, and website account access not remembered – but apart from this, you shouldn’t be greatly impacted.
While it is often helpful to not have to log into a site you use every day, and can easily access the name of the page you visited yesterday with that product you wanted, are cookies good or bad?
Providing a definitive answer to this question is problematic as it basically comes down to personal preference. Cookies have become the ‘norm’ for internet browsing and are currently the most common method of identifying users online and providing a personalized browsing experience.
If you are after a personalised browsing experience, with website visits remembered, site access automated and ads displayed based on your browser history, then cookies are a good thing. However, if you don’t want these things and/or prefer to remain ‘unknown’ or ‘unseen’ while browsing the web, then you can simply disable cookies or use the ‘incognito’ option on your browser.
The reality is cookies aren’t ever likely to disappear as the information they provide to companies is extremely valuable. The good news is that as a cookie is a data file and not a program, they generally aren’t capturing any sensitive data about you, it is usually just an ID and site name so they can remember you next time and do all the stuff we mentioned above. Just as the choice of choc-chip or plain is a personal one, so is whether you keep or remove cookies from your settings.