What is Tracking? Explanation of its Relationship with Cookies, Risks, and Precautions
In the marketing industry, tracking refers to the process of tracking and analyzing user behavior in order to deliver web advertisements tailored to each user. In recent years, tracking on devices such as smartphones has become a hot topic, and many people are curious about what it is.
This article provides a detailed explanation of tracking, from its relationship with cookies to its advantages and disadvantages, mechanisms, and risks. It also touches on points that companies should be aware of from a business perspective, making it a useful reference for managers and security personnel.
Table of Contents
- What is Tracking?
- What are Cookies?
- Advantages and Disadvantages of Tracking
- How Tracking Works
- Risks of Tracking
- Session Hijacking
- Session Fixation
- Points to Note for Companies Regarding Tracking
- Privacy Settings on Devices
- Trends in Cookie Regulations
- Summary
1. What is Tracking?
Tracking is a term used to describe the act of following and analyzing specific objects. Extending from the meaning of tracking and analysis,
In the marketing industry, "tracking" refers to tracking and analyzing user behavior in order to deliver web advertisements tailored to the user.
The general purpose of tracking is to analyze the collected data and reflect it in appropriate advertising delivery. It is important to keep in mind that the purpose is never to steal or misuse information.
Tracking is performed based on user behavior data collected by cookies, etc.
1-1. What are Cookies?
Cookies are files that record information such as websites visited by users, data entered, and usage environment.
Thanks to this information recording mechanism, users do not need to re-enter login information or addresses when they visit the same site again. In tracking, cookie information is often used to improve advertising.
Cookies were not originally developed for tracking purposes, but have been repurposed to understand user behavior data as marketing methods have changed. It is now a common element necessary for tracking.
1-2. Advantages and Disadvantages of Tracking
There are advantages and disadvantages to allowing or denying tracking.
| Advantages | Disadvantages | |
|---|---|---|
| If Tracking is Allowed | You are more likely to see advertisements that are relevant to your interests. | Your information may be collected more than necessary. |
| If Tracking is Denied | You can use the website without worrying about data collection. | You are more likely to see advertisements that are not relevant to you. |
The advantages of allowing tracking may be perceived as disadvantages by some people. For example, if you show your smartphone to someone else, your private hobbies may be revealed through advertisements.
You can set permissions for each app to allow or deny tracking, so take measures in advance if necessary.
2. How Tracking Works
Tracking is a mechanism used unknowingly by almost all users who access the internet. Here, we will explain the mechanism of tracking using cookies.
When a user accesses a website or app, the first thing that happens is a request to the server for site information. Then, when the site information is sent from the server, cookie data is saved to the user’s browser.
When a user visits the same website or app again, the browser sends the saved cookie data to the server. At this time, the server does not just send the site information to the browser as it did the first time. A major feature is that it verifies the cookie data and identifies that the access is from a unique browser.
In this way, analyzing and tracking various types of information using data stored during the exchange between the server and the browser is the mechanism of tracking.
3. Risks of Tracking
Users who allow tracking have the advantage of seeing advertisements that are close to their interests, making it easier to purchase desired products. On the other hand, it is necessary to recognize that there are security risks associated with tracking.
Here, we will introduce two typical risks of tracking.
3-1. Session Hijacking
Session hijacking is a cyberattack in which an attacker steals another user’s session ID and hijacks the session.
A session refers to a consistent communication from when a user accesses a website until they exit. For example, if a user logs in to a website by entering their ID and password, the period until they log out and exit the webpage is one session.
In session hijacking, the session ID used to recognize the user’s session when they access the website is stolen, and communication is performed in their place.
This is a so-called spoofing act, and if session hijacking occurs, it becomes possible to take over the account or view/change personal information.
3-2. Session Fixation
Session fixation, like session hijacking, is a cyberattack technique by malicious users.
The attacker obtains a session ID from the website as a normal user and uses a trap to force the target user to use the acquired session ID. Then, when the target user logs in to the website, the attacker can also log in to the same website.
As a countermeasure against session hijacking, it is effective to avoid embedding the session ID in the URL and to discard the session after logging out.
4. Points to Note for Companies Regarding Tracking
It is important for users to be aware of the risks of tracking, but measures by companies are also essential. By taking proper measures, it is possible to prevent troubles related to tracking and avoid the risk of crime by preventing excessive tracking.
Here, we will introduce two points that companies should pay attention to regarding tracking.
4-1. Privacy Settings on Devices
In order to prevent excessive tracking and strengthen security, let’s set privacy settings on devices. The setting methods for each device are as follows:
Browser Privacy Settings
In major browsers such as Chrome, you can select to reject tracking from the privacy (or security) section in the settings. Even Safari, Apple’s browser, can suppress tracking with a function called ITP.
Privacy Settings for iOS and Android
Android allows you to set detailed permissions for apps, so set them as necessary. The Chrome app allows you to select to reject tracking from the settings, just like in the case of a browser. You can also reject tracking from the settings on iOS. Since iOS itself has a powerful tracking prevention function, always update to the latest version for security measures.
4-2. Trends in Cookie Regulations
Cookies, which are used in corporate web marketing, have been gradually subject to stricter regulations in recent years from the perspective of risks such as personal information leakage.
Under Japan’s revised Personal Information Protection Law, cookies are not personal information but "personal related information" and are not elements that can identify a specific individual. However,
It has become mandatory to obtain user consent for the acquisition and use of data using cookies. In addition, in laws for the protection of personal information around the world, there are increasing cases where cookies are considered personal information.
The way cookies should be and the handling of personal information are likely to continue to change in the future. Therefore, companies that handle cookies need to pay attention to the trends in cookie regulations and respond flexibly to changes in the situation.
Summary
Tracking has the advantage of making it easier for users to see advertisements that are of interest to them, but it also has the disadvantage of collecting their information more than necessary. In addition, since there are security risks, it is important to review the privacy settings of your device and browser.
In addition to general users, companies that utilize tracking and cookies also need to be careful in their operation. In recent years, regulations have been tightening due to the risk of personal information leakage, so it is important to pay attention to trends.
For inquiries, please contact globalsupport@jiran.com.
