What is Browser Device Fingerprinting?
Browser device fingerprinting is the process of identifying the device and browser used to browse the internet. This is done through scripts that collect attributes from the web browser and merged into one unique ID, similar to a digital fingerprint. These attributes include the operating system, hardware, browser version and configuration.
The most well-known method for tracking devices online is through cookies, but browser fingerprinting has emerged as an alternative to cookie-based tracking in environments like mobile apps. Since people are less likely to clear their browser cookies or reset their operating systems, it is possible to track them with a combination of data from the web, device and OS.
Invisible Signatures: How Browser Device Fingerprinting Shapes Online Experiences
As web browsers get more sophisticated to provide richer experiences, they’re also (unintentionally) creating more signals for fingerprinters to use. The user-agent header, for example, is an abundant source of entropy. Browser manufacturers are working to freeze the user-agent string to mitigate fingerprintability, but doing so would break countless websites that expect the header to be present.
While some of these fingerprinting attributes could lead to the identification of the user, most do not directly invade their privacy. The collected fingerprints are in the form of comma-separated values files (CSV) so that anyone who wants to use them can. In addition to their utility in analytics and ad tracking, fingerprints can also help detect fraudulent activity, such as account takeovers and fraud attempts like using emulators or virtual machines to spoof devices.