We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.

What are Active Cookies?

By R. Kayne
Updated May 17, 2024
Our promise to you
WiseGeek is dedicated to creating trustworthy, high-quality content that always prioritizes transparency, integrity, and inclusivity above all else. Our ensure that our content creation and review process includes rigorous fact-checking, evidence-based, and continual updates to ensure accuracy and reliability.

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

Editorial Standards

At WiseGeek, we are committed to creating content that you can trust. Our editorial process is designed to ensure that every piece of content we publish is accurate, reliable, and informative.

Our team of experienced writers and editors follows a strict set of guidelines to ensure the highest quality content. We conduct thorough research, fact-check all information, and rely on credible sources to back up our claims. Our content is reviewed by subject-matter experts to ensure accuracy and clarity.

We believe in transparency and maintain editorial independence from our advertisers. Our team does not receive direct compensation from advertisers, allowing us to create unbiased content that prioritizes your interests.

Active cookies, also known as soft tokens, might be able to help defend Internet users from pharming. Pharming is a more sophisticated form of phishing, an attack that tricks a user into thinking he or she is visiting a legitimate site of business and unwittingly giving over personal information to the thief.

In a phishing attack, the thief designs a website that duplicates a known site of business. The thief then sends spam, encouraging people to visit the site to update information or take advantage of a promotion. When users click on the link within the email, they are taken to the fake site to divulge critical information. Hence, savvy users enter website addresses manually or use bookmarks. Those who do click on email links might spot the website address as being spelled incorrectly, saving themselves from a scam. However, none of these precautions will help spot a pharming scam.

Pharming accomplishes the same thing as phishing, but with more stealth and without spam. In this case, the thief plants false code on the domain name server (DNS) itself, so that anyone who enters the correct website address will be directed by the DNS to the fake site. Surfers have no way of knowing they are not at the legitimate site, but active cookies might be able to alert them.

Active cookies are an outgrowth of standard computer cookies. A standard cookie is a bit of text code that your browser shares with a site upon visiting. The site and the browser pass the cookie back and forth transparently, while the cookie identifies your browser to the site. Depending on its purpose, a cookie holds certain information like registration, password, and in some cases, previous purchases, account information or other relevant data. The cookie makes it convenient for a user to revisit a site without having to re-enter personal information upon each visit.

Researchers at Indiana University, along with RavenWhite Inc., have developed new active cookies. Active cookies not only hold information about the user’s identification, but also an archived address of the legitimate site. When authentication takes place between the website and an active cookie, the cookie tells the browser not only to respond through the usual channel, but also to send a duplicate message directly to the archived address, bypassing any middleman. If the website server only receives one correct response from the active cookie, it triggers an alert to freeze access to the account.

Active cookies might also employ additional measures, such as providing instructions to display a unique graphic on the legitimate site. If the customer does not see his or her custom graphic, this will be an obvious tip-off that the site is pharmed. Active cookies will be initiated server-side by companies that believe they could be helpful to customers. Though active cookies can provide an extra layer of security, they aren’t perfect. Changing computers or browsers, or purging the cache where active cookies are stored, will eliminate the benefits.

WiseGeek is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Discussion Comments
By luna49 — On Oct 12, 2009

Several sites I access regularly use the unique graphic method to ensure the site is legitimate. I never knew that deleting all my cookies would cause a problem with this -- I've never had a problem in the past.

WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.

WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.