KONEK™ is currently in its commercial pilot release and is only available to select users if your financial institution sent you an invitation to sign up for KONEK. Stay tuned for more information as to when KONEK is available to all users.
KONEK Cookie Policy
Introduction
This Cookie Policy is meant to provide you with information about how Interac Corp. (“Interac”, or “we”, “us” and similar terms) utilizes cookies when you are using our KONEK service and associated sites (“Sites”) along with their purposes, and how you may control them, if applicable. Cookies allow us to collect information about you and your usage of our Sites for identity verification, authentication, fraud prevention and data analytics purposes. You may manage our use of non-essential cookies by using the Cookie Management Tool. For information about how we process personal information collected by cookies and web tracking technologies, please also see our Privacy Policy.
Note that we also use other technologies such as pixels, web beacons, and device fingerprinting for the above purposes.
What is a Cookie?
A cookie is a small file that is passed from a website to an end user’s computer or mobile device. The cookie is used to save information about the interaction between your computer or mobile device and the website you are visiting. The cookie file is automatically stored by your browser (e.g., Google, Safari, Internet Explorer, or Firefox) on the local hard drive, and it can later be retrieved by the website. Cookies are also used to keep track of your preferences and works in progress (such as items in an online shopping cart). You can learn more about cookies and web tracking from the Office of the Privacy Commissioner of Canada. We use cookies and other similar technologies that are both created and implemented by Interac and by third-party service providers. The technologies that we use on our Sites, and the purposes for which they are used, are listed in the sections below.
What Cookies do We Use and Why?
1. Essential Cookies
These cookies are essential to the functionality of our Site in order to enable basic Site features (including storing user’s login state, identity verification, authentication, fraud prevention, and storing privacy settings chosen by the user). Essential cookies do not gather information about you that could be used for marketing purposes and do not remember your navigational information on the Internet. Since they are essential for the function of our Sites, by using our Sites, you agree to their use for the above purposes.
The following chart outlines the current essential cookies used across our Sites that may be updated from time to time:
Essential cookies set by us
Title | Category | Type | Description |
---|---|---|---|
USER_JWS | essential | persistent | This is a user token for trusted devices. It allows us to help identify the user, trusted device, capture first name, and whether a user opted in for biometric authentication or not. |
SKIP_WEBAUTHN_TRUST_COUNTER | essential | persistent | This is used to keep track of the number of times a user has skipped the option to enable biometric authentication, allowing us to manage the number of prompts we send to your trusted device. |
PBB_UI_TOKEN | essential | session | This is a UI token used to call Core KONEK Services. |
ADDRESS_CHANGED | essential | session | This is a flag to indicate that the address provided from FI has been updated in KONEK profile. |
OTC_VERIFIED | essential | session | This is used to ensure that one-time passcode prompts are limited to one instance per session. |
FORCE_SIGNOUT | essential | session | This is used to force user sessions to end if we determine there are any critical errors or issues. |
AUTH_METHOD | essential | session | This tracks the authentication method used by the user (e.g., FI login, Partner FI login, Biometrics). |
PERSONAL_DETAILS | essential | session | This is used to temporarily save the user’s personal details while they are updating their details form. |
SET_DEVICE_VISITED | essential | session | This is a used to ensure that users are only prompted to enable biometric authentication one time during a particular session. |
ACCEPT_COOKIES | essential | session | This is used to track a user’s cookie preferences. |
DEVICE_ID | essential | session | This provides a unique ID for each device and browser, in order to provide the intended and correct experience (e.g., trusted vs untrusted user flows). |
WEBAUTHNTRUSTED | essential | session | This allows us to determine if users have a trusted device or not, and provides the correct experience based on that determination. |
CORRELATIONID | essential | session | This is a unique session ID that is generated for the Checkout SDK (software development kit). It is used to sort, identify, and refer to logs tied to a group of critical information associated with a particular checkout session and leveraged for debugging and issue identification and resolution. |
TMX_SESSION_ID | essential | session | This is a third-party cookie that saves an ID in order for us to identify a specific session. This session ID is provided by ThreatMetrix. See “Essential cookies set by our third-party service providers” below. |
TEMP_EMAIL | essential | session | This allows us to present an experience prior to your account and profile being registered and trusted via financial institution login. This is specific to Return Users Sign-In on a trusted device using an email address. |
OIDCCODE | essential | session | This allows us to optimize how errors are displayed for KONEK users; here, specifically when an error is encountered during an attempt to login via a financial institution. |
MERCHANT | essential | session | This is essential for the checkout flow process. We need to know the merchant’s URL so that KONEK can communicate with the merchant’s SDK. |
USER | essential | session | Temporary user data synced with in memory to avoid additional calls during browser refresh within same session. |
CHECKOUT | essential | session | Temporary checkout related data synced with in memory to avoid additional calls during browser refresh within same session. |
ACCEPT_NONESSENTIAL | essential | session | Store user preference for non-essential cookie. |
We use Google Tag Manager to quickly update tags on our Sites in order to facilitate the installation of Google Analytics. Google Tag Manager does not set cookies. It is an essential tool for the proper functioning of our Sites and therefore it cannot be de-activated. Learn more about Google Tag Manager.
Essential cookies set by our third-party service providers
Title | Category | Type | Description |
---|---|---|---|
BindId (Webauthn) | essential | session | Used by BindID for biometric authentication and registration. |
ThreatMetrix | essential | session | Used by ThreatMetrix for user device profiling and fraud prevention. |
2. Non-Essential Cookies
We use reporting and analytics tools to collect information about how visitors use our Sites. These non-essential cookies provide us with anonymous, aggregated data. The following chart outlines the current Reporting and Analytics Cookies used across our Sites that may be updated from time to time.
Title | Category | Type | Description |
Google Analytics | analytics | persistent | Google Analytics is used to help track and determine how visitors interact with our Sites. |
How Can Users Control and Delete Cookies?
Cookie Consent Banner on Our Sites
When you access our Sites, our Cookie Consent Banner will be displayed, and you can choose to “Accept all” cookies. Alternatively, you may choose to “Manage” Cookies and be taken to our Cookie Management Tool where you can manage our use of non-essential cookies by checking or unchecking the checkbox. When you choose to enable non-essential cookies, you consent to all future non-essential cookies, updates and upgrades we make from time to time. If you choose not to allow non-essential cookies, it may have an effect on your browsing experience. Please be aware that you may disable non-essential cookies at any time. The Cookie Consent Banner will display when (i) your device accesses our Sites for the first time or (ii) your device accesses our Sites for the first time after deleting cookies in your browser. You may access the Cookie Consent Banner, Cookie Management Tool and the Cookie Policy when you click the “Privacy Policy” link at the bottom of each page of our Sites. Please note that if you are using a shared device, you may have to delete cookies in your browser for the Cookie Consent Banner to appear. You cannot decline consent for the use of essential cookies (as listed in the table above) that are used to ensure the functionality and/or maintenance of our Sites.
Your Browser Settings
Through certain web browser settings, you may have the option to disable the cookies and technologies to control the tracking of your online activities. Please note, however, that disabling a cookie or category of cookies may prevent the Cookie Consent Banner from properly displaying and may not delete an existing cookie or category of cookies from your browser unless manually deleted through your browser function.