Portuguese English German

Device fingerprint introduction

Device fingerprint is a signature of a device based on many factors to identify it among all other devices. This is very dangerous from a privacy perspective as pointed by EFF's Panopticlick test, but very useful if you're a website administrator.

Protip: use an AD Block software such as uBlock not only to block ads, but to enhance privacy and protect from Malvertising (advertisement campaigns paid by cyber criminals to disseminate malware).

How is it done?

// Library: https://github.com/Valve/fingerprintjs2

new Fingerprint2().get(function(result, components){
  console.log(result); // a hash, representing your device fingerprint
                       // e.g., 4a90ed2035e69e0bd45a0c5d21f22ada

  console.log(components); // an array of FP components
                           // e.g., [ { "key":"user_agent", "value": "Mozilla/4.0" }, ... ]

Benefits for Website Administrators

As a website administrator you should be fingerprinting your users for two main reasons: debug and security.

Debug: some features may not work for certain users in specific scenarios. How do you reproduce? Ask them to tell everything they're using ... or check their fingerprint components as in the code example above.

Security: users can save 'trusted devices' in their account based on the generated fingerprint and then block login from untrusted devices.

That's it for today, thank you!

Share on Twitter Share on Facebook Share on Google Plus Share on LinkedIn Share on Hacker News

Popular Posts