Portuguese English German

Device fingerprint introduction

Device fingerprinting is a signature of a device based on various factors to distinguish it from other devices. From a privacy perspective, this can be very dangerous, as highlighted by EFF's Panopticlick test. However, it can be quite useful if you're a website administrator.

Protip: Use an ad-blocking software like uBlock not only to block ads but also to enhance privacy and protect against malvertising (advertising campaigns paid by cyber criminals to spread malware).

How is it done?

// Library: https://github.com/Valve/fingerprintjs2

new Fingerprint2().get(function(result, components){
  console.log(result); // A hash representing your device fingerprint, e.g., 4a90ed2035e69e0bd45a0c5d21f22ada

  console.log(components); // An array of fingerprint components, e.g., [ { "key":"user_agent", "value": "Mozilla/4.0" }, ... ]

Benefits for Website Administrators

As a website administrator, you should consider fingerprinting your users for two main reasons: debugging and security.

Debugging: Certain features may not work for specific users in particular scenarios. How can you reproduce the issue? Ask them to provide detailed information about their setup... or check their fingerprint components as shown in the code example above.

Security: Users can save 'trusted devices' in their accounts based on the generated fingerprint and then block login attempts from untrusted devices.

That's all for today, thank you!

Share on Twitter Share on Facebook Share on LinkedIn Share on Hacker News

Popular Posts