A “cookie” is a small piece of information (a text file), which a web server can store temporarily with a web browser. Once the cookie is stored, the site’s web server can later retrieve that information for that browser.
For example, when a person browses through an “online shopping mall” and adds items to a “shopping cart” while continuing to shop, your browser stores a list of the items that have been added to the cart so that the user can pay for all of the items at once when he is finished shopping. It’s much more efficient for each browser to keep track of information like this than have web server remember who bought what, especially if there are thousands of people using the web server.
When browsing the web, any cookies that are sent to a browser are stored in the computer’s memory. When the browser is closed, any cookies that haven’t expired are written to a cookie file so they can be reloaded next time the browser is used.
Online banking uses a different kind of cookie known as a session cookie, a non-persistent cookie, or a pre-expired cookie. These cookies are placed temporarily and are never stored to the user’s computer memory. Instead, these pre-expired cookies are used as part of the stringent security measures in the Internet Banking product. As the end user navigates through Internet Banking a pre-expired cookie is set each time a page is viewed. Because the HTML page they are viewing is not “cached”, it must always be re-retrieved from the server.
The pre-expired cookies keep the session alive until the end user logs out properly or times out of Internet Banking. Once this occurs, the end user must login with their User ID and Password to gain access again. This ensures that another user using the same computer cannot access the previous session.