Since it was impossible to “follow” a user based on log files, Lou Montulli invented the HTTP cookie in 1994. This enabled website owners to place a small text file on a user’s hard disk and recognize him again when another page of the site is requested, the basis for building a web store, for example. Until today, cookies are a basic means to recognize users although they have several disadvantages:
- They can be deleted, and they are deleted.
- They do not represent a user but a user account on a single machine.
Cookies are differentated into 1st party and 3rd party cookies. The webserver visited by a user is allowed to set a 1st party cookie; if the web page includes a reference that tries to set a cookie from a different web server, this would be regarded as a 3rd party cookie; 3rd party cookies often are blocked. As a consequence, advertising companies have a huge interest in setting 1st party cookies.
A year after the introduction of cookies, JavaScript entered the world; initially called Livescript, it was renamed due to the collaboration with Java’s inventor, SUN Microsystems, and it was supposed to add the ability to run small programs in a web browser apart from the rather static HTML documents.
Before we dive further into the advantages of JavaScript, let’s have a look at pixels. Pixels, usually, are the smallest entity on a screen, and the reason why they are so interesing is that they do not create too much traffic when they are sent over the web. In the early days when every bit was expensive to push through the networks, such a pixel was a great way to measure web traffic on a web server by including the pixel from a another server that counted the requests. However, only the information that is accessible in a typical log file can be logged, the only advantage is that users who have no access to log files can use their advantages, mostly receiving reports but not raw data. This is called page-based tracking, although the tracking still happens on a server but it is triggered from a page.
With the introduction of JavaScript, tracking via a pixel became more sophisticated, and just by virtue of the first pixels being a pixel, these pieces of JavaScript that are used for tracking are still called pixels, even if they don’t make use of a pixel graphic. The anatomy of a JavaScript pixel looks like this: A user’s browser requests a web page from a server, the server delivers the page to the browser, the page contains some JavaScript that is executed after the page has been loaded. The JavaScript requests a pixel or another resource from a tracking server that then tracks the user… by using JavaScript, however, more information is available than is available via a log file; JavaScript has access to information such as the screen size, the screen color depth and much more. This information can also be used for fingerprinting.
Another huge advantage of JavaScript pixels is that they do not log requests by bots since most of these bots do no interpret JavaScript. And, JavaScript also offers the possibility for external domains to set a 1st party cookie. Google Analytics sets 1st party cookies as well as many marketing company pixels that are placed on publisher sites in order to collect as much data as possible about users, not needing to piggybag a cookie.
Next: Fingerprinting