1. Nordea uses Cloudflare as a security tool e.g for managing user access when known users are trying to access a Nordea site from a shared IP address (such as hotel Wi-Fi or coffee shop Wi-Fi). Read more about Cloudflare here.
2. As an example, there might be several devices in a coffee shop sharing the same Wi-Fi network and thereby they also share IP address. There might be several infected devices/machines on the network, but if a known device is trusted (the device owner has completed a company security challenge, for example) then Cloudflare can recognise the user and grant him or her access. This also functions as a security mechanism to prevent external attacks against Nordea.
3. The Cloudflare cookie does not store any personally identifiable information.
4. The Cloudflare cookie is placed on the visitor’s device when a visitor arrives on a Nordea page where there is Cloudflare.
5. Cloudflare is not a visible component; as a visitor you cannot see it anywhere. It is set in the background and the cookie is then tied to the device.
This is a screenshot of the Cloudflare cookie (the annotated one) set by Nordea on a Nordea website. Cookies can be seen on any website with a few clicks by accessing the browser’s ‘developer tools’.
6. Cookies from Cloudflare belong to Nordea’s “Necessary” cookie category, as Nordea need them for security and access purposes and no personally identifiable information is stored.
7. For full details about cookies on Nordea (including Cloudflare) click here.