The idea of client-side "cookies" existed even before CS:GO. I remember in CS:S the server was able to change game variables set on the client. I wrote a script for a CS:S server that would fingerprint a cheater by setting an obscure game variable to a unique value and so being able to identify the player through that even if they had a different steam id and ip. It seemed to work well for a long time for getting rid of the most common cheaters but of course the most commited and capable ones with RE skills will always be ahead of the game.