About
A digital fingerprint is a string that represents a unique id of a device (browser).
The more unique is the browser, the more it has a one on one relationship with a user.
A digital fingerprint may be computed for a device:
- or it behavior (see canvas)
Articles Related
Example
The below example is a device characteristic fingerprinting that has been computed with the valve library.
Type
Characteristic
A characteristic device fingerprinting is computed by collecting characteristics of a user's device and by generating a unique string of this collection via a hash function.
Example of characteristics:
- fonts a user has installed
- the exact list of which features a user agents supports.
- the maximum allowed stack depth for recursion in script.
- features that describe the user's environment
- the user's time zone.
See example
Canvas
Canvas fingerprinting is a type of browser or device fingerprinting technique that was first presented by (2012) Mowery and Shacham in 2012 (Pixel Perfect: Fingerprinting Canvas in HTML5) -
The rendering of a canvas is heavily dependent on the device.
Algo: Render a picture on the canvas > To Base64 encoded > digest function to get the fingerprint value.
Etag
An etag is an unique identifier resource send with a HTTP request.
Because the etag is used by the browser when validating the cache in a conditional request, it could be used as fingerprint.
Implementation
Valve
Valve is a browser fingerprinting library (Valve/fingerprintjs2) that implements a characteristics fingerprinting. The example is based on it.
Browser DNA
Aloodo
- Aloodo is a tracking detection script. (designed to be blocked by all the popular Web privacy tools). You can use it to help your users learn if they are still vulnerable to third-party tracking, and start to do something about it.
See also:
- https://blog.aloodo.org/posts/track-js-script/ - track.js script, based on BlockAdBlock
panopticlick
Panopticlick, Eckersley’s “open-source” implementation of browser fingerprinting. They take:
- plugins,
- fonts,
- timezone,
- supercookies,
- cookies enabled,
- user agent,
- http accept
- and screen resolution