Web - Browser Fingerprinting

1 - About

A digital fingerprint is a string that represents a unique id of a device (browser).

The more unique is the browser, the more it has a one on one relationship with a user.

A digital fingerprint may be computed for a device:

3 - Example

The below example is a device characteristic fingerprinting that has been computed with the valve library.


<script src="//cdn.jsdelivr.net/npm/[email protected]/dist/fingerprint2.min.js"></script>


fingerPrint = function () {
	
	// Options
	var options = {
		fonts: {extendedJsFonts: true}, 
		excludes: {userAgent: true}
	}
	
	// Hash
	Fingerprint2.getV18(options, (result) => console.log('Your computed fingerprint (ie device id) is: '+result));
	console.log("");
	// Browser Characteristic
	Fingerprint2.get(options, function (components) {
	  console.log('The characteristics used to compute this fingerprint have been:');
          // an array of components: {key: ..., value: ...}
          for (i in components){
                console.log("  * "+components[i].key+":"+components[i].value);
          }
	})
}
// A delayed function call  to ensure consistent fingerprints
if (window.requestIdleCallback) {
    requestIdleCallback(function () {
		fingerPrint();
    })
} else {
    setTimeout(function () {
        fingerPrint();
    }, 500)
}

4 - Type

4.1 - Characteristic

A characteristic device fingerprinting is computed by collecting characteristics of a user's device and by generating a unique string of this collection via a hash function.

Example of characteristics:

  • fonts a user has installed
  • the exact list of which features a user agents supports.
  • the maximum allowed stack depth for recursion in script.
  • features that describe the user's environment
  • the user's time zone.

See example

4.2 - Canvas

Canvas fingerprinting is a type of browser or device fingerprinting technique that was first presented by (2012) Mowery and Shacham in 2012 (Pixel Perfect: Fingerprinting Canvas in HTML5) -

The rendering of a canvas is heavily dependent on the device.

Algo: Render a picture on the canvas > To Base64 encoded > digest function to get the fingerprint value.

5 - Implementation

5.1 - Valve

Valve is a browser fingerprinting library (Valve/fingerprintjs2) that implements a characteristics fingerprinting. The example is based on it.

5.2 - Browser DNA

5.3 - Aloodo

  • Aloodo is a tracking detection script. (designed to be blocked by all the popular Web privacy tools). You can use it to help your users learn if they are still vulnerable to third-party tracking, and start to do something about it.

See also:

5.4 - panopticlick

Panopticlick, Eckersley’s “open-source” implementation of browser fingerprinting. They take:

  • plugins,
  • fonts,
  • timezone,
  • supercookies,
  • cookies enabled,
  • user agent,
  • http accept
  • and screen resolution

6 - Documentation / Reference


Data Science
Data Analysis
Statistics
Data Science
Linear Algebra Mathematics
Trigonometry

Powered by ComboStrap