Bank Website Cookies

Seeing as how we live in The Internet Age, I must fetch my statements from Big Bank’s website, rather than extract quaint sheets of paper from an envelope. Seeing as how the start of the Internet Age is over, I run a fairly well armored version of Firefox that ruthlessly suppresses ads (have you ever bought anything as a result of an Internet ad?), crushes cookies, rejects malware, and generally defends my interests.

Big Bank’s website doesn’t work without adjusting the armor and, equally unsurprisingly, those adjustments seem to depend on both their website’s current revisions and my browser / plugin / extension versions. It seems mildly odd that Big Bank would depend on the same techniques that identify advertisers and scammers and malware purveyors, but so it goes.

My most recent attempts to retrieve an account statement produced an indefinite “busy” loop instead of a PDF file, which usually means something got blocked. Big Bank outsources its statements and I’ve already whitelisted internet-estatements.com and allowed its popups, so it must be something else.

A bit of rummaging in the sump revealed cookies from several domains that didn’t get set whenever I tried to access my statement:

  • adsrvr.org
  • bigbankcardus.com
  • casalemedia.com
  • doubleclick.net
  • mookie1.com
  • serving-sys.com

Pop Quiz: which domains in that list would you trust without question?

Bonus: Explain why “mookie1.com” isn’t funny in this context.

Double Bonus: Why is a banking website dealing with doubleclick?

It seems the missing cookies came from bigbankcardus.com, as the statement PDF appeared after I whitelisted that domain and reloaded everything.

I could understand (if not enthusiastically approve of) getting advertising cookies from Big Bank’s main page, but there should be exactly none of that crap when I access my statements.

There is no point in complaining: it’s like that, and that’s the way it is.

At least they don’t require Internet Explorer