Mobile Advertisers’ Supercookies Invade Your Holiday Shopping

Cookies make web browsing convenient by saving our user names and passwords as well as other unique identifiers about us from one web session to the next. Cookies are also a treat for marketers as they uniquely identify visitors and when combined with web traffic logs, provide advertisers your focused browsing habits and specific buying interests. Online retailers rely heavily on cookies to customize their websites so shoppers see ads and products that are tailored to their interests. So when cookies aren’t enough, mobile advertisers target online holiday shopping with supercookies. These same supercookies are invading your privacy, but are they unstoppable?

Mobile ad blockers are no match for supercookies

First revealed back in 2011 by researchers at Stanford University, supercookies are cookies that cannot be erased by normal means. They were first being used by websites like Hulu and MSN. In 2014, The Washington Post revealed that some telecommunications companies were tracking their customers with supercookies by injecting code into network traffic without consent. The firms eventually allowed users to opt-out and drop supercookie mobile tracking to placate customers. Ever since Apple enabled ad blocking apps in their app store, advertisers have been looking for more robust and stealthy ways to track activity. Here again, supercookies find themselves indispensable since they cannot be disabled simply by blocking mobile ads and all too often, are enabled by default in your mobile device.

Supercookies throw off shopper and advertiser relationship balance

Many shoppers trade anonymity and privacy for convenience in their shopping. This online shopping experience is fine so long as there is a give and take and some degree of transparency. Shoppers allow retailers to ‘observe’ their online shopping patterns by sending them targeted ads in trade for the convenience of not having to remember usernames and passwords. Everyone is happy unless the deal feels lopsided or one party is not forthcoming about what they’re doing.

Even your private browsing mode cannot avoid supercookies

Today, most of our favorite websites utilize supercookies to track users with unique data packages specifically designed to circumvent the privacy filter on both desktop and mobile browser.  Supercookies cleverly take advantage of alternate storage areas in our browsers allowing unique pieces of code to be permanently stored.  This code is difficult to remove and allows retailers to learn your browsing habits even if you block your cookies or delete them altogether.  So even when your browser is set to ‘private’ or ‘incognito’ mode, you are not free from supercookies.

Protecting your privacy by managing your supercookie diet

There are a few things you can do to protect your online privacy and manage your diet of supercookies.  Some programs allow you to save specific desired cookies used for trusted banking or stock trading sites and also selectively delete undesirable cookie and supercookie tracking. Cookies are one thing but until advertisers and carriers are more transparent in their data collection efforts, we will continue to see all types of resistance to supercookies.

Scott Schober

Scott Schober
CEO | Author | Speaker | Cyber Security & Wireless Expert 
at Scott Schober LLC

Scott has lectured and presented extensively regarding cybersecurity and corporate espionage at numerous conferences around the globe. He has recently overseen the development of several cell phone detection tools used to enforce a “no cell phone policy” in correctional, law enforcement, and secured government facilities. He is regularly interviewed for leading national publications, and major network television stations including Fox, Bloomberg, Good Morning America, CNN, CCTV, CNBC, & MSNBC. He is the author of “Hacked Again” and writes, “In a modern digital world no one is safe from being hacked, not even a renown cybersecurity expert.”