What Is Device Fingerprinting and How Exactly Does It Work?

Device fingerprinting can be used to stop fraudsters from attempting to hack, break into, or spam websites as well as offer detailed insights into any customer that’s coming onto your website.

Read on to learn more about this fraud prevention technique and how it’s used to protect businesses globally.

What Is Device Fingerprinting?

It is a way to identify someone’s device using information related to its software and hardware, allowing you to reach conclusions about their intentions, as well as track their activity.

Device fingerprinting collects information about a user’s device, such as which browser they use and on which hardware, as they connect to a website, app or other server. It is done by websites and apps in order to be able to track the user’s actions and visits, and assess whether their intentions are fraudulent or otherwise harmful.

Note that there are different sub-types of device fingerprinting, such as mobile device fingerprinting and cross-device fingerprinting.

Device fingerprinting analyzes users’ configurations of software and hardware. It creates a unique ID for each configuration, in order to recognize connections between users and to highlight suspicious devices. This is called a device hash.

Cookie Fingerprints Vs Device Fingerprints

In addition to device fingerprints, anti-fraud solutions may also utilize data collected via cookie fingerprinting, a different method of gathering information about user’s preferences when entering any website. This information is stored on the user’s device and can be an accurate identifier (and a reliable signal to spot multi-accounting attempts and more), as it is highly unlikely that two different users would have the exact same cookie session. However, users can decide to opt in or out of using cookies or delete their cookie session at any point, making it very easy for users with malintent to cover their tracks.

Information collected via device fingerprinting on their hardware, software, and browser settings is stored on a server-side database, making it accessible for merchants and harder to modify or delete from the user side. While it is more likely that two separate users have matching hardware settings if they are using the exact same device model and settings, this information, combined with further data points, can still shine a light on fraudulent activities.

How Does Device Fingerprinting Work?

When users access your platform, they do it with two tools: a device with a web or mobile application and an internet connection that retrieves an IP address. This creates two data sources. They are present at signup, login, checkout, or even when browsing a page. With the right fraud detection software, we can extract useful info from these data points.

Combining knowledge about a browser and device is what we call device fingerprinting. Based on the device of the user, this might be mobile device fingerprinting, desktop device fingerprinting, etc. It gives a clear picture of how the user is connecting to your service. It helps us understand user behavior, and more importantly, flag potential fraudsters.

For example, here are just a few of the attributes that the SEON engine collects about a user’s device as part of device fingerprinting:

• device model and number
• operating system
• screen size and resolution
• flash data
• user-agent
• system language and system country
• device orientation
• battery level
• installed fonts and installed plugins
• system uptime

How Accurate Is Device Fingerprinting?

As a method, device fingerprinting has the capacity to be incredibly accurate, with the rate of accuracy increasing with the number of attributes being collected and analyzed. There are different ways in which we could answer this question:

In terms of catching fraud, device fingerprinting is a time-honored, key method. This is because the more information we have about a user’s device, the easier it is to spot red flags, such as the use of suspicious tools often employed by fraudsters, privacy browsers, as well as various types of spoofing. 

Why Do Companies Use Device Fingerprinting?

Companies use device fingerprinting to stop fraudsters and other bad actors, as well as for cybersecurity and marketing purposes. Without device fingerprinting, it would be significantly more difficult to identify and stop fraud related to multi-accounting, account takeovers, digital onboarding, payment fraud and bonus abuse, among other pain points.

Fraudsters often buy or steal long lists of card numbers and login details. To use them, they must employ a trial and error method. The repetitive nature of this process means it’s near impossible to change device every time, so instead they will do some of the following to hide their tracks:

• Clear the cache.
• Switch browsers.
• Use private or incognito mode.
• Use virtual machines.
• Use device spoofing and anti-fingerprinting tools (FraudFox, AntiDetect, Kameleo, Linken sphere, MultiLogin…).
• Use emulators to spoof mobile devices.

This is precisely where device fingerprinting can help. For example, someone, a user found to use an emulator should be considered high risk – they don’t want you to identify them, and they may be browser spoofing.

5 Use Cases for Device Fingerprinting Against Fraud 

While the most widely known use case for device fingerprinting are analytics and ad tracking, the technique can be used effectively to mitigate fraud. Let’s look at this in more detail.

• Bonus & promo abuse: Data gathered through device fingerprinting can help you determine whether the bonus offer is going to a legitimate customer. You can spot users who share a similar device and password or even filter those who try to spoof their data using privacy-enhancing tools.
• Multi-accounting attempts: By creating device or browser IDs connected to each user account based on device fingerprinting data, it’s easy to see when multiple users are accessing your platform from the same device.
• Account takeovers: Device fingerprinting is highly effective in preventing users from logging in with unknown devices or browsers. It can also detect suspicious emulators or virtual machines fraudsters often use.
• Chargebacks & friendly fraud: Combined with digital profiling and IP analysis, device fingerprinting data can help you verify customers’ identities and intentions and spot chargeback & friendly fraud attempts. 
• Bot attacks: Device fingerprinting examines installed plugins, web browser version, browser window size, screen resolution, and more while also highlighting emulators and virtual machines for better bot management.

How SEON Can Help with Device Fingerprinting

SEON can extract 500+ different parameters from a user’s device, examples of which you can see below as well as, in more detail, in our API Reference.

SEON’s device fingerprinting solutions can be deployed by API or as part of an end-to-end fraud prevention platform. The first step would be to insert the necessary code into your platform. This is done via Javascript, iOS SDK or Android SDK. This code lets us collect parameters about the user, and identify them through the SEON interface.

Note that different integration methods enable different parameters.

For instance, the device and browser screen size isn’t relevant for connections via smartphones and tablets. Similarly, it’s important that the Android SDK extracts info about the device manufacturer, since they are so many of them that it is an identifying feature. Conversely, with iOS, it’s always Apple.

Here are some of the hundreds of data points collected by the SEON engine for device fingerprinting. This list is constantly added to and enriched.

Key Features of SEON’s Device Fingerprinting Solution

One of the most important features of a device fingerprinting tool is the generation of specific hashes to catch fraudsters with more accuracy. You can think of them as unique IDs created based on specific parameters.

• Cookie hash: Creates an ID for each browser session. Clearing the browser cookies and cache and visiting again will generate a new hash. But if multiple users share the same hash, we know that they are clearly using the same browser and device.
• Browser hash: Generates an ID by combining data from the browser, operating system, device and network. This hash remains unchanged even if the user clears their browser cookies and cache, or browses privately. However, a device with multiple browsers installed, or even different browser versions, will generate different hashes.
• Device hash: Offers identification based on the device hardware (e.g HTML5 canvas, audio fingerprinting, GPU, screen data, and so on). While many users can share the same device hash (for instance two iPhone 7 Safari users), this allows us to detect remote desktop connections, virtual machines and emulators. For instance, fraudsters’ favorite tools such as AntiDetect, FraudFox, and Multilogin each generate the same device hash, so every one of their users has the same device hash, making it obvious they are doing so. Moreover, fraudsters using extensions that spoof HTML5 canvas will have very unique IDs – and should therefore be flagged as high risk.

As you can see, they each have their pros and cons.

However, all these hashes become a near-flawless screening tool when they are leveraged together. Fraud analysts can easily create customer profiles that are precise and reliable, or even implement rules that isolate suspicious hashes automatically.

Conclusion

Gleaning a precise picture of your users’ devices can help you improve your fraud detection rate in a significant way. Device fingerprinting is a powerful tool you can use to block bonus abuse, multi-accounting, account takeovers, and more. However, all this data is only helpful if you know how to leverage it. 

SEON’s end-to-end fraud prevention and detection solution helps you combine device fingerprinting with other powerful tools, such as digital profiling and machine learning, to strengthen your fraud-fighting front and give your fraud managers peace of mind.

Frequently Asked Questions

You might also be interested in reading about

• SEON: What Is Browser Fingerprinting & How Does It Work?

Learn more about:

Data Enrichment | Digital Footprinting | Fraud Detection and Prevention

Sources

• Twitter: Chric Blec Tweet on Track DeFi Activity
• Privacy Regulation: Recital 47 EU GDPR