View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

WebKit Releases Second “Cookie Blocker” Version of ITP

By CBR Staff Writer

WebKit (the browser engine used by Apple’s Safari, App Store and Mail applications) last week released a second cookie blocker iteration of its Intelligent Tracking Prevention, giving users the power to prevent a certain amount of online tracking.

The key features of this latest version include: removal of the 24-Hour Cookie Access Window, user-driven access for cookie storage via the Storage Access API, and protection against first party bounce trackers, to name a few.

The updates are just the latest in a push by many browser providers to emphasise user privacy.

Cybersecurity giant Trend Micro, for example, also recently released its Zero Browser for Apple devices, specifically designed to block various kinds of tracking, including session replay scripts, where everything you do on a website is recorded and viewable by interested third parties.

24-Hour Cookie Access Window replaced with user authentication

A key feature from ITP 1.0 was the enforcement of cookies only being accessible to sites visited regularly, (within 24 hours). This helped to prevent cookies being persisted from several websites that users may have not been aware of, due to a lack of usage.

For example, a user may have visited last year and without ITP, may still be able to track the user due to the cookies persistent expiry date.

ITP 2.0 builds upon this sentiment but differentiates by replacing the 24-Hour cookie access window with user authenticated access (the user must grant access to tracking, upon being asked by the browser).

Content from our partners
Why enterprises of all sizes must  embrace smart manufacturing solutions
European Technology Leadership: Deutsche Bank CTO Gordon Mackechnie
Print’s role in driving the environmental agenda

This helpful feature gives power to users, who are now able to work alongside the browser to prevent tracking, as opposed to offloading this responsibility primarily to the browser. This authentication is implemented using the Storage Access API, introduced into ITP 1.1 earlier this year and further integrated into ITP 2.0 as announced last week.

Protection Against Third Party Bounce Trackers

ITP 2.0 is able to intelligently identify websites that are used only to redirect users to sites ultimately enabling tracking.

The WebKit team said: “ITP 2.0 has the ability to detect when a domain is solely used as a ‘first party bounce tracker,’ meaning that it is never used as a third party content provider but tracks the user purely through navigational redirects”.

“ITP 2.0 detects such tracking behavior and treats those domains just like any other tracker, i.e. purges their website data”


Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy