Published June 18, 2018

What is Device Fingerprinting?

Device fingerprinting is a technique used to forensically identify an electronic device on the internet. Device fingerprinting can identify unique mobile devices and computers by their distinct characteristics with a reasonable degree of certainty. According to the research by the Electronic Frontier Foundations, 0.0003% of device fingerprints are not unique. That equates to three out of every million devices.

Device fingerprints are built using information gathered about the hardware and software utilized by a website visitor. Hardware details are combined with the browser information to paint a picture that forms the core of the device fingerprint.

Every device has unique characteristics, like the fonts installed, browser plug-ins, and the way they react to pieces of a website’s code. While it is possible that some of these factors may change over time, enough of them normally stay the same to allow a device to be identified reliably.

Identifying characteristics contained within each fingerprint include:

  • internet history
  • device type
  • device capability
  • operating system
  • user login

…and many other attributes. When combined with device data, users can be identified as they move from device to device, and factoring in user information as part of a device fingerprint increases its power and accuracy. Although a complicated and multilayered process, device fingerprinting is a tool that can be extremely valuable to an eCommerce merchant.

The most common and basic form of fingerprinting employed on the internet is cookies. These mostly harmless small text files contain information sent by a website that identify the session, user, and/or device. Cookies can be used for user authentication as well as tracking websites a visitor has been to. For example, when a user visits a restaurant’s website and is then later presented ads for that restaurant, most likely a cookie was used to track them.

By combining cookie data and user attributes, device fingerprints can track a user as they move from a smartphone to a desktop computer and back. This technique is called “cross-browser tracking”. It does not only apply to users that change devices but also to those that move between applications and browsers on the same device.

These fingerprints become valuable tools to help eCommerce merchants identify different risks for fraud. When a device fingerprint reveals that a user is masking their device identity or component values do not match what one would expect o find, this can be a key indicator that the user isn’t genuine. Also, the velocity at which a device recurs as a visitor to a particular website can be an indicator of a bot or malware infected device.

With NS8 Protect and NS8 TrueStats, device fingerprinting is used to assess users from advertising campaigns all the way to the storefront. By considering over 170 different attributes, various characteristics can be tracked and analyzed to help identify fraudulent traffic and reduce suspect orders.

NS8 Protect

Protect your storefront from advertising fraud and the other revenue killers.

Learn More