Conclave Cloud is here! Get started with confidential serverless computing architecture today.
Authors: Alisa DiCaprio, Jack Fletcher, Stefano Franz, Sean Gantly
If you were designing a CBDC you might want to create a cash-like experience for users. This is just one design decision, but it’s surprisingly tricky. There are two features in particular that define the user experience with cash: it’s anonymous and it’s authenticable. Creating a token that incorporates one of these features is straightforward. Creating a token with both features together, however, poses an interesting—though solvable—challenge for blockchains that use the UTXO model.
The challenge is that if you want to spend your CBDC, the merchant wants to verify that it actually came from a central bank. To do this, they’d need to be able to trace the history of that token back to its origins. But validating the history of the token by walking back through all past transactions (called the backchain) reveals some data about how it was spent, which is not cash-like at all.
Fortunately there are a number of different solutions that fall into two categories: reissuance and sealing. We describe them below and consider how they would work in a future state where CBDC is a commonly-used unit of exchange.
If CBDC is going to be a digital form of money, we might expect that it will, like cash, change hands many times over its lifecycle. But unlike a $10 banknote which is expected to be in circulation only about 5 years before it is replaced, a CBDC could be traded around forever.
This longevity means that each CBDC could have a backchain of transactions that would grow arbitrarily long. Long backchains create an opportunity for rogue actors. Such actors might examine the behavior of public keys for a particular token. Over time, there might be sufficient data on a single public key to build up a pattern of behavior and identify spending habits.
On its own, the data held in the backchain reveals little. It consists of data about the public keys that have previously held the token since its issuance and whether all previous transfers of the token were valid. An important detail to keep in mind—this is not personally identifiable information (PII). Public key data is abstracted from a real person’s PII. This is why Bitcoin is referred to as pseudonymous rather than anonymous. There is no GDPR-violating PII in your backchain, but there is a way to track a specific public key over time.
Fortunately, this problem is well understood and has solutions. Four in fact. The table below illustrates them. We’ll go through each in turn to highlight how they address the potential problems inherent in long backchains.
Table 1: Evaluation of 4 backchain workarounds
Source: Authors’ assessment
Reissuance is the standard solution-type used today. Reissuance solutions limit the length of the backchain by burning and re-minting the original token. Reissuance mechanically solves the problem, and also allows the designer to decide how long the backchain should be. The two primary drawbacks include latency during token reissuance and the fact that the issuer maintains the data associated with the issuances.
There are two ways that reissuance can be built into a token’s lifecycle which we detail below.
The Fed’s Project Hamilton uses the most direct fix to backchain length, which is to have no backchain at all. This is accomplished by involving the original issuer in every transaction. In this case, there are never any prior transactions to verify. In a direct issuance model, the issuer is responsible for verifying that the token is real, destroying the spent token and issuing a new unspent token to the recipient, through atomic reissuance.
In a CBDC context, this would mean that the central bank would be involved in every CBDC transaction. This is already the case at the time of original issuance. The new holder receives a fresh CBDC directly from the Fed and therefore knows that it’s real. In a direct issuance model, all subsequent transactions would require the recipients to authenticate the Fed as the issuer.
This design choice is unusual in CBDC since it requires the issuer to be available and highly active 24/7/365. It also needs users to be comfortable with the issuer having involvement in every transaction. Examples of direct issuer involvement is how regular payments work today. When you pay with a credit card, Visa or MasterCard is involved in that transaction.
A second reissuance-type solution is to limit the lifespan of the token. Chain snipping is the most popular privacy-boosting method in place as it solves the problem of transactions becoming slower as backchains get longer (a notable Bitcoin problem). It is in fact called out specifically in the original Corda whitepaper.
Chain snipping keeps the backchain length short by imposing a limit on the number of transactions a token can undertake. This limit could be based on time or frequency (e.g. every 24 hours, or every five transfers). Once the limit is reached, the token is recalled by the issuer, and it is burned and reissued. Upon reissuance the token is fresh and contains no backchain data, other than proof of issuance.
For a CBDC, this would mean that the token would reveal only pre-set data fields in the examination. Since this data wouldn’t be PII, its examination would not reveal sensitive data. Rather, examination would provide the issuer with a snapshot of what money lay where and with whom—something that it can’t do at the moment with cash and could support monetary policy analysis.
If we combine chain snipping with regularly changing the public key of the holder, we add an additional source of security. Key rotation is a common method of system resilience even outside of blockchain. It works by regularly changing the public key assigned to the real individual. This rotation ends any connection between the past activity of a user with their future activity and is configurable in how often the rotations take place.
Used together, these mechanisms would mean each CBDC would collect only a fixed number of transactions, and will likely record multiple identities for any single holder that uses the CBDC more than once. As a solution to privacy from other users it is robust, but does require a level of trust in the issuer of the CBDC as they require key information in order to perform the reissuance to the new holder.
The two solutions in this category address privacy in a completely different way. They allow arbitrarily long backchains, but seal them by using secure verification techniques. Zero Knowledge Proofs (ZKPs) do this using software, while secure enclaves provide a similar flow using hardware.
Sealing solutions like these would undertake this technical assurance work of verifying a token’s history without revealing the backchain. For a CBDC this would allow users to have confidence that the token they received is legitimate and also provide considerable protection from private information being revealed, even at the level of the system operator, such as a central bank.
The reason that this category of solutions might be attractive is because the issuer might prefer to keep a long backchain history for analytical purposes (such as AML auditing). It might also be important in the event of some future hack or outage where a history of transactions could help in recovery. Additionally, the issuer does not need to be available for reissuance 24/7. Finally, there is the ability to keep data private from payment networks while also sharing it with regulators or auditors.
The first solution in the sealing category is Zero-Knowledge Proofs (ZKP). ZKPs are a software-based privacy-enhancing technique that enables a prover (the holder of the CBDC) to convince a verifier (the merchant) that a statement (e.g. the holder has verified the backchain of their token) is true while revealing no information (e.g. backchain data) except that the statement is true.
ZKPs work by creating proofs derived from knowledge of system data, which is never revealed. This is done by turning transaction validity functions into the smallest possible mathematical operations, creating an arithmetic circuit. These proofs can then be verified as authentic by a verifier.
For a CBDC, using a ZKP would mean that the backchain could continue to exist, but the potentially privacy-revealing data could be replaced with a ZKP (hash). This means that when validators go to examine the backchain, they see only proofs of valid transactions.
Despite their relative nascence in the market there are known drawbacks to ZKPs. These include performance (e.g. speed) and limited market testing. Today, ZKP performance is slower than reissuance solutions, though the absolute degree depends on processing power. There are ongoing efforts to address performance speed. For example, there is active research into recursive proofs, which could result in instant verification. ZKPs are also relatively new in the market so additional benefits and drawbacks may become known as time progresses. For now, there are applications in music royalties for example.
There are also non-technical drawbacks to newer solutions like ZKPs. ZKPs cannot be applied to any computational problem directly. The problem first needs to be converted into an algebraic circuit. While most computational problems can be converted into algebraic circuits, doing so requires dedicated, specialized teams.
The second type of sealing solution includes hardware-based secure enclaves. Secure enclaves are relatively common today as they are a standard piece of hardware in both Android and Apple mobile wallets. Because of their established place in the market, we have a clearer idea of how a path to CBDC production would look.
In spirit, secure enclaves are similar to ZKPs in that they increase security by intervening in the validation process. Much like with ZKPs, this would provide both the users and system operators of CBDC with the kind of technical assurances that the system would work safely, with the added advantage of having all transaction data only examined in a secure enclave, meaning that none of it can be revealed. In a CBDC solution, this might provide a unique advantage to the offering, with the CBDC providing the privacy-focused solution for digital payments, akin to cash, but on a digital platform.
Two differences mean that they might be deployed slightly differently. The first difference is that secure enclaves are separate from the issuer. This means that every node on the network runs their own secure enclave, in a similar way to how every iPhone runs on its own. This is needed because every participant only trusts their own enclave.
The second difference is that it is a hardware solution. Secure enclaves work by running a validation process on encrypted data to generate a proof that the token is valid. This can be achieved via one of two modes. One mode inspects the token’s entire backchain to make the assessment, and the other builds upon the trusted chain of attestation to only examine the most immediate transaction. In either mode, this work is done within the secure enclave. Secure hardware enclaves therefore provide no method for the revelation of data, either about the identity or activity of previous CBDC holders. This method also provides an additional layer of protection of data in use from inappropriate leaks or hacks—even from those running the physical hardware.
A potential drawback of secure enclaves is latency. The more things that a network is asked to do, the greater the chance that it will take more time to do it. However, another may be the appeal of technical solutions themselves—and more importantly, which entity is staking their trusted reputation on the performance of them. In some nations, the central bank might be highly trusted and well placed, but in others that may not be so, meaning that local market taste might dictate who is capable of providing the assurances that advanced technologies like ZKP and secure enclaves provide.
The most appropriate privacy-boosting technique for a CBDC can’t be decided in the abstract. It is only one design decision among a myriad of decisions that will need to be considered. And each country has different risk preferences, regulations and consumer demands.
Given our current state of knowledge, in 2022, we’d expect to see all 4 solutions used in various future CBDC issuances. Today, reissuance solutions are commonly used in token-based operational flows and we expect that to continue. But sealing solutions offer different functionality that may also appeal to central banks as these become more common and standardized.
Today, we’re at the point where the standard implementations already do not store GDPR-type data in transaction histories. This is accomplished by either adopting a hybrid or indirect model of retail CBDC, or, if the central bank prefers a direct model, by implementing prudent measures, such as data abstraction and secure storage of personal data. This is an important start that can only be made even more secure through the use of additional measures such as those described here.
Share
Sign up for our flagship newsletter, The R3 Ledger, to receive the latest R3 news, updates and content. View all our newsletters here.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie | Duration | Description |
---|---|---|
__cfruid | session | This cookie is set by the provider Cloudflare. This cookie is used for load balancing and for identifying trusted web traffic. |
__cfruid | session | This cookie is set by the provider Cloudflare. This cookie is used for load balancing and for identifying trusted web traffic. |
__cfruid | session | This cookie is set by the provider Cloudflare. This cookie is used for load balancing and for identifying trusted web traffic. |
_biz_flagsA | 1 year | A Cloudflare cookie set to record users’ settings as well as for authentication and analytics. |
_biz_pendingA | 1 year | A Cloudflare cookie set to record users’ settings as well as for authentication and analytics. |
_biz_sid | 30 minutes | This cookie is set by Bizible, to store the user's session id. |
_ga | 2 years | This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. |
_ga | 2 years | This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. |
_ga | 2 years | This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. |
_ga_1ECB5XX5W0 | 2 years | This cookie is installed by Google Analytics. |
_ga_1ECB5XX5W0 | 2 years | This cookie is installed by Google Analytics. |
_ga_1ECB5XX5W0 | 2 years | This cookie is installed by Google Analytics. |
_gat_UA-87760032-2 | 1 minute | This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites. |
_gat_UA-87760032-2 | 1 minute | This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites. |
_gat_UA-87760032-2 | 1 minute | This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites. |
_GRECAPTCHA | 5 months 27 days | This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks. |
ARRAffinity | This cookie is set by websites that run on Windows Azure cloud platform. The cookie is used to affinitize a client to an instance of an Azure Web App. | |
ARRAffinity | 1 year | This cookie is set by websites that run on Windows Azure cloud platform. The cookie is used to affinitize a client to an instance of an Azure Web App. |
ARRAffinity | 1 year | This cookie is set by websites that run on Windows Azure cloud platform. The cookie is used to affinitize a client to an instance of an Azure Web App. |
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-advertisement | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category . |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
JSESSIONID | session | Used by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests. |
JSESSIONID | session | Used by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests. |
JSESSIONID | session | Used by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
viewed_cookie_policy | 1 year | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
viewed_cookie_policy | 1 year | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
viewed_cookie_policy | 1 year | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Cookie | Duration | Description |
---|---|---|
__cf_bm | 30 minutes | This cookie, set by Cloudflare, is used to support Cloudflare Bot Management. |
_biz_nA | 1 year | This cookie, set by Bizible, is a sequence number that Bizible includes for all requests, for internal diagnostics purposes. |
_biz_uid | 1 year | This cookie is set by Bizible, to store user id on the current domain. |
bcookie | 2 years | This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page. |
bcookie | 2 years | This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page. |
bcookie | 2 years | This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page. |
lang | session | This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website. |
lang | session | This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website. |
lang | session | This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website. |
language | This cookie is used to store the language preference of the user. | |
language | 1 year | This cookie is used to store the language preference of the user. |
language | 1 year | This cookie is used to store the language preference of the user. |
lidc | 1 day | This cookie is set by LinkedIn and used for routing. |
lidc | 1 day | This cookie is set by LinkedIn and used for routing. |
lidc | 1 day | This cookie is set by LinkedIn and used for routing. |
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Cookie | Duration | Description |
---|---|---|
_BUID | 1 year | This cookie is used to store a universal user ID to identify the same user across multiple clients' domains. |
_BUID | 1 year | This cookie is used to store a universal user ID to identify the same user across multiple clients' domains. |
_BUID | 1 year | This cookie is used to store a universal user ID to identify the same user across multiple clients' domains. |
_gcl_au | 3 months | This cookie is used by Google Analytics to understand user interaction with the website. |
_gcl_au | 3 months | This cookie is used by Google Analytics to understand user interaction with the website. |
_gcl_au | 3 months | This cookie is used by Google Analytics to understand user interaction with the website. |
_gd_session | 4 hours | This cookie is used for collecting information on users visit to the website. It collects data such as total number of visits, average time spent on the website and the pages loaded. |
_gd_svisitor | 2 years | This cookie is set by the Google Analytics. This cookie is used for tracking the signup commissions via affiliate program. |
_gd_visitor | 2 years | This cookie is used for collecting information on the users visit such as number of visits, average time spent on the website and the pages loaded for displaying targeted ads. |
_gid | 1 day | This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form. |
_gid | 1 day | This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form. |
_gid | 1 day | This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form. |
_hjAbsoluteSessionInProgress | 30 minutes | No description available. |
_hjAbsoluteSessionInProgress | 30 minutes | No description available. |
_hjAbsoluteSessionInProgress | 30 minutes | No description available. |
_hjFirstSeen | 30 minutes | This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions. |
_hjFirstSeen | 30 minutes | This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions. |
_hjFirstSeen | 30 minutes | This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions. |
_hjid | 1 year | This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. |
_hjid | 1 year | This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. |
_hjid | 1 year | This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. |
_hjIncludedInPageviewSample | 2 minutes | No description available. |
_hjIncludedInPageviewSample | 2 minutes | No description available. |
_hjIncludedInPageviewSample | 2 minutes | No description available. |
_hjIncludedInSessionSample | 2 minutes | No description available. |
_hjIncludedInSessionSample | 2 minutes | No description available. |
_hjIncludedInSessionSample | 2 minutes | No description available. |
_hjTLDTest | session | To determine the most generic cookie path that has to be used instead of the page hostname, Hotjar sets the _hjTLDTest cookie to store different URL substring alternatives until it fails. |
_uetsid | 1 day | This cookies are used to collect analytical information about how visitors use the website. This information is used to compile report and improve site. |
_uetsid | 1 day | This cookies are used to collect analytical information about how visitors use the website. This information is used to compile report and improve site. |
_uetsid | 1 day | This cookies are used to collect analytical information about how visitors use the website. This information is used to compile report and improve site. |
_ym_d | 1 year | This domain of this cookie is owned by Yandex.Matrica. This cookie is used to store the date of the users first site session. |
_ym_d | 1 year | This domain of this cookie is owned by Yandex.Matrica. This cookie is used to store the date of the users first site session. |
_ym_d | 1 year | This domain of this cookie is owned by Yandex.Matrica. This cookie is used to store the date of the users first site session. |
_ym_isad | 20 hours | This domain of this cookie is owned by Yandex.Matrica. This cookie is used to collect information about the user like his characteristics, behaviour on page and targeted actions. |
_ym_isad | 20 hours | This domain of this cookie is owned by Yandex.Matrica. This cookie is used to collect information about the user like his characteristics, behaviour on page and targeted actions. |
_ym_isad | 20 hours | This domain of this cookie is owned by Yandex.Matrica. This cookie is used to collect information about the user like his characteristics, behaviour on page and targeted actions. |
_ym_uid | 1 year | This cookie is by Yandex.Metrica. This cookie is used to set a unique ID to the visitor and to collect information about how visitor use the website. Thus it help to track the user and the collected informationn is used to improve the site. |
_ym_uid | 1 year | This cookie is by Yandex.Metrica. This cookie is used to set a unique ID to the visitor and to collect information about how visitor use the website. Thus it help to track the user and the collected informationn is used to improve the site. |
_ym_uid | 1 year | This cookie is by Yandex.Metrica. This cookie is used to set a unique ID to the visitor and to collect information about how visitor use the website. Thus it help to track the user and the collected informationn is used to improve the site. |
attribution_user_id | 1 year | This cookie is set by Typeform for usage statistics and is used in context with the website's pop-up questionnaires and messengering. |
browser_id | 5 years | This cookie is used for identifying the visitor browser on re-visit to the website. |
CONSENT | 16 years 5 months 12 days 10 hours | These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video. |
CONSENT | 16 years 5 months 12 days 10 hours | These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video. |
CONSENT | 16 years 5 months 12 days 10 hours | These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video. |
pardot | past | The cookie is set when the visitor is logged in as a Pardot user. |
pardot | past | The cookie is set when the visitor is logged in as a Pardot user. |
pardot | past | The cookie is set when the visitor is logged in as a Pardot user. |
sid | 1 year | The sid cookie contains digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time. |
uid | 1 year | This is a Google UserID cookie that tracks users across various website segments. |
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Cookie | Duration | Description |
---|---|---|
_fbp | 3 months | This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website. |
_fbp | 3 months | This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website. |
_fbp | 3 months | This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website. |
anj | 3 months | No description available. |
anj | 3 months | No description available. |
anj | 3 months | No description available. |
ANONCHK | 10 minutes | The ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well. |
bscookie | 2 years | This cookie is a browser ID cookie set by Linked share Buttons and ad tags. |
bscookie | 2 years | This cookie is a browser ID cookie set by Linked share Buttons and ad tags. |
bscookie | 2 years | This cookie is a browser ID cookie set by Linked share Buttons and ad tags. |
fr | 3 months | The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin. |
fr | 3 months | The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin. |
fr | 3 months | The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin. |
i | 10 years | The purpose of the cookie is not known yet. |
i | 10 years | The purpose of the cookie is not known yet. |
i | 10 years | The purpose of the cookie is not known yet. |
IDE | 1 year 24 days | Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile. |
IDE | 1 year 24 days | Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile. |
IDE | 1 year 24 days | Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile. |
MUID | 1 year 24 days | Used by Microsoft as a unique identifier. The cookie is set by embedded Microsoft scripts. The purpose of this cookie is to synchronize the ID across many different Microsoft domains to enable user tracking. |
MUID | 1 year 24 days | Used by Microsoft as a unique identifier. The cookie is set by embedded Microsoft scripts. The purpose of this cookie is to synchronize the ID across many different Microsoft domains to enable user tracking. |
MUID | 1 year 24 days | Used by Microsoft as a unique identifier. The cookie is set by embedded Microsoft scripts. The purpose of this cookie is to synchronize the ID across many different Microsoft domains to enable user tracking. |
NID | 6 months | This cookie is used to a profile based on user's interest and display personalized ads to the users. |
NID | 6 months | This cookie is used to a profile based on user's interest and display personalized ads to the users. |
NID | 6 months | This cookie is used to a profile based on user's interest and display personalized ads to the users. |
personalization_id | 2 years | This cookie is set by twitter.com. It is used integrate the sharing features of this social media. It also stores information about how the user uses the website for tracking and targeting. |
personalization_id | 2 years | This cookie is set by twitter.com. It is used integrate the sharing features of this social media. It also stores information about how the user uses the website for tracking and targeting. |
personalization_id | 2 years | This cookie is set by twitter.com. It is used integrate the sharing features of this social media. It also stores information about how the user uses the website for tracking and targeting. |
test_cookie | 15 minutes | This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies. |
test_cookie | 15 minutes | This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies. |
test_cookie | 15 minutes | This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies. |
uuid2 | 3 months | This cookies is set by AppNexus. The cookies stores information that helps in distinguishing between devices and browsers. This information us used to select advertisements served by the platform and assess the performance of the advertisement and attribute payment for those advertisements. |
uuid2 | 3 months | This cookies is set by AppNexus. The cookies stores information that helps in distinguishing between devices and browsers. This information us used to select advertisements served by the platform and assess the performance of the advertisement and attribute payment for those advertisements. |
uuid2 | 3 months | This cookies is set by AppNexus. The cookies stores information that helps in distinguishing between devices and browsers. This information us used to select advertisements served by the platform and assess the performance of the advertisement and attribute payment for those advertisements. |
VISITOR_INFO1_LIVE | 5 months 27 days | This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website. |
VISITOR_INFO1_LIVE | 5 months 27 days | This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website. |
VISITOR_INFO1_LIVE | 5 months 27 days | This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website. |
YSC | session | This cookies is set by Youtube and is used to track the views of embedded videos. |
YSC | session | This cookies is set by Youtube and is used to track the views of embedded videos. |
YSC | session | This cookies is set by Youtube and is used to track the views of embedded videos. |
yt.innertube::nextId | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
yt.innertube::requests | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
Cookie | Duration | Description |
---|---|---|
_an_uid | 7 days | No description available. |
_clck | 1 year | No description |
_clsk | 1 day | No description |
_hjSession_1646283 | 30 minutes | No description |
_hjSessionUser_1646283 | 1 year | No description |
_uetvid | 1 year 24 days | No description available. |
_uetvid | 1 year 24 days | No description available. |
_uetvid | 1 year 24 days | No description available. |
6suuid | 2 years | No description available. |
AnalyticsSyncHistory | 1 month | No description |
AnalyticsSyncHistory | 1 month | No description |
AnalyticsSyncHistory | 1 month | No description |
ARRAffinitySameSite | No description available. | |
ARRAffinitySameSite | 1 year | No description available. |
ARRAffinitySameSite | 1 year | No description available. |
bEkAYwpdRGcM | 1 day | No description |
bEkAYwpdRGcM | 1 day | No description |
bEkAYwpdRGcM | 1 day | No description |
BIGipServer~magenta~mag-c-http-http-xhttpd-http-xhttpd-http-80 | session | No description |
DCMpagecount | session | No description |
DCMpagecount | session | No description |
DCMpagecount | session | No description |
debug | never | No description available. |
gaCookie | 2 years | No description available. |
gaCookie_gid | 1 day | No description available. |
LEAfgqMGWpwUs | 1 day | No description |
LEAfgqMGWpwUs | 1 day | No description |
LEAfgqMGWpwUs | 1 day | No description |
li_gc | 2 years | No description |
li_gc | 2 years | No description |
li_gc | 2 years | No description |
lpv413292 | 30 minutes | No description |
lpv413292 | 30 minutes | No description |
lpv413292 | 30 minutes | No description |
m | 2 years | No description available. |
metrika_enabled | session | No description available. |
metrika_enabled | session | No description available. |
metrika_enabled | session | No description available. |
muc_ads | 2 years | No description |
SM | session | No description available. |
STYXKEY_formcomplete | 9 months 26 days | No description |
UserMatchHistory | 1 month | Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. |
UserMatchHistory | 1 month | Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. |
UserMatchHistory | 1 month | Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. |
vary | 1 month | No description |
visitor_id413292 | 10 years | No description |
visitor_id413292 | 10 years | No description |
visitor_id413292 | 10 years | No description |
visitor_id413292-hash | 10 years | No description |
visitor_id413292-hash | 10 years | No description |
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Cookie | Duration | Description |
---|---|---|
SRM_B | 1 year 24 days | Used by Microsoft Advertising as a unique ID for visitors. |