Types of Web Cookies

Reading time: 5 minutes

Cookies, or HTTP cookies, are data packets that contain information about a website’s visitors. A user’s device creates and stores these cookies when they visit most web pages. 

On our computers, cookies store information like passwords for various accounts. Cookies also store our shipping information when we ask our browser to remember it. The information stored in cookies allows us to easily navigate websites we use frequently. It also enables some websites to send us information that we need and is the most relevant to us.

We believe everyone should know the basics of web cookies — this information can help your users stay safe on the internet and protect their privacy. 

Types of Web Cookies

Website cookies, in and of themselves, are neither good nor bad. Rather, cookies all work in almost the same way, but with different purposes. Experts have divided web cookies into several different types. The most common of these are:

  1. Session CookiesSession cookies are temporary packets of information that a user’s browser stores. These cookies remain in your history as long as you have your browser open. Right after you end the session and close your browser, the browser deletes the session cookies. Because these cookies don’t remain stored anywhere, experts regard them to be the safest. 
  1. Persistent Cookies – Persistent cookies are the opposite of session cookies. As the name suggests, this type of cookie remains in a user’s web history for a considerable amount of time. Persistent cookies are stored on a user’s device to help the browser remember information like settings, preferences, or sign-on credentials that they’ve previously saved. This cookie is used to create a convenient and faster website experience for the user. The website that created them assigns the cookie an expiry date; after this expiry limit passes, the browser deletes these cookies itself.

    When a browser stores these cookies, it sends the user’s data back to a website every time they visit it. It is also sent to the website when they see an ad posted by that website somewhere else on the internet. This allows websites to track their visitors all the time, even when they are on other websites. Sites like Facebook and Google persistently use cookies to improve your experience.

    However, this type of cookie can be unsafe when browsing through a public computer, for example, at the library. When websites store data like this, it makes it accessible to hackers and scammers. This is why experts don’t regard these particular cookies as safe. Several privacy concerns can arise when you forget to delete the cookies after using any unknown devices.
  1. First-Party CookiesFirst-party cookies are small amounts of text stored in a user’s computer that are created by the website the user is visiting. By default, first-party cookies are permitted in every web browser. First-party cookies store a variety of data for the website on that specific user (including preferred language) and can only be used by the site that created them.

    These cookies allow a user to easily switch between the tabs by storing their basic information. It’s because of these cookies that users can add different items to their cart from different tabs and even different devices if they’re logged in. With these cookies disabled, a publisher would not be able to distinguish one user from another or track the user’s activities as they move from page to page. In disabled mode, these cookies can’t store anything. This means that they’d need to perform all tasks within a single tab, rather than switching between browser tabs. In such cases, opening a new tab or switching between different tabs deletes everything and they’d have to do everything again.

    First-party cookies also store a user’s password and login details for sites like Gmail and Facebook. However, these cookies are only safe on a private, personal device. 
  1. Third-Party CookiesThird-party cookies are created by domains other than the one the user is visiting. For example, when a person visits website.com and browses their pages, website.com creates a first-party cookie. Like most publishers, website.com uses online ads to monetize its content — the third-party advertising provider also creates a cookie (ads.example.net). As these cookies are not created by website.com, but by the advertising provider, they are classified as third-party cookies. Unlike first-party cookies, these can track a particular person beyond the originating site, giving advertisers a better understanding of them and how to best market to them.

    When users access a site in incognito or private mode, their browser does not load third-party cookies. And as privacy concerns mount, many browsers are taking steps to block third-party cookies. 
  1. Second-Party CookiesSecond-party cookies, a different form of first-party cookie,  are relatively new to the internet world. They are created when a website copies the contents of another website’s first-party cookies. These cookies are often created when different companies decide to share their data. You are often informed of such data-sharing policies by respected websites. Accepting these policies means you are fine with a second party storing your information from the original site. These cookies aren’t always threatening. However, users should know what companies are sharing their cookies before accepting anything.

What’s Happening with Third-Party Cookies?

The threats to internet privacy are increasing every day. This is why many users are now demanding safer mechanisms from browsers. Laws like GDPR and CCPA are restricting how cookies can be used. 

Well-known browsers like Safari and Firefox eliminated third-party cookies to ensure their users’ security. Google also shared their measures to make cookies safer for the users — Google Chrome announced it’s abandoning third-party cookies by 2022.

For now, Google’s Privacy Sandbox hopes to find a solution to protect user privacy while also helping content remain freely available, all without using third-party cookies. The company believes that their changes — even though they’re agitating publishers — will improve choice, transparency, and control for users in the long run. Most people believe that it would completely transform the online marketing landscape. 


Cookies aren’t always threatening, but as a publisher, you need to understand and work with them carefully, especially if you use cookies as a part of your website’s monetization. If you use cookies on your site, it’s important to remember to follow applicable laws (like GDPR and CCPA) to ensure you’re being compliant by protecting your users’ privacy rights. 

Recent Articles

Stay connected

Don't miss out on the latest news, events and special announcements.

By submitting this form, you agree that you've read and accept our Privacy Policy as well as to receive communications from HeaderBidding.com. You may unsubscribe at any time.

Related Articles

Stay connected

Don't miss out on the latest news, events and special announcements.

By submitting this form, you agree that you've read and accept our Privacy Policy as well as to receive communications from HeaderBidding.com. You may unsubscribe at any time.