Web - Browser Fingerprinting

About

A digital fingerprint is a string that represents a unique id of a device (browser).

The more unique is the browser, the more it has a one on one relationship with a user.

A digital fingerprint may be computed for a device:

Example

The below example is a device characteristic fingerprinting that has been computed with the valve library.

Type

Characteristic

A characteristic device fingerprinting is computed by collecting characteristics of a user's device and by generating a unique string of this collection via a hash function.

Example of characteristics:

  • fonts a user has installed
  • the exact list of which features a user agents supports.
  • the maximum allowed stack depth for recursion in script.
  • features that describe the user's environment
  • the user's time zone.

See example

Canvas

Canvas fingerprinting is a type of browser or device fingerprinting technique that was first presented by (2012) Mowery and Shacham in 2012 (Pixel Perfect: Fingerprinting Canvas in HTML5) -

The rendering of a canvas is heavily dependent on the device.

Algo: Render a picture on the canvas > To Base64 encoded > digest function to get the fingerprint value.

Implementation

Valve

Valve is a browser fingerprinting library (Valve/fingerprintjs2) that implements a characteristics fingerprinting. The example is based on it.

Browser DNA

Aloodo

  • Aloodo is a tracking detection script. (designed to be blocked by all the popular Web privacy tools). You can use it to help your users learn if they are still vulnerable to third-party tracking, and start to do something about it.

See also:

panopticlick

Panopticlick, Eckersley’s “open-source” implementation of browser fingerprinting. They take:

  • plugins,
  • fonts,
  • timezone,
  • supercookies,
  • cookies enabled,
  • user agent,
  • http accept
  • and screen resolution

Documentation / Reference


Powered by ComboStrap