What Is Device Fingerprinting? Identifying Online Fraudsters In 2018

Online fraud has been an enormous problem for many industries over the years, including the ad industry. With fraudsters coming up with new ways to avoid detection every year, how can authorities ever hope to detect fraudsters and do something about it?

Thankfully, in recent years there has been some vast improvements in fraud detection technology. Although these methods aren’t necessarily limited to just the advertising industry, many other industries and organisations such as banks are using them to track down fraudsters on a regular basis.

Known as device fingerprinting, this technique involves a range of smart and sometimes complicated code to identify these fraudsters and track what they do. But how does it work, and how does it help stop fraud? Well, we’re here to take a look at everything to do with device fingerprinting and how it’s helping industries combat the rise in online fraud.

From understanding the techniques and technology behind device fingerprinting to how businesses use the data, here are all the key points you need to know.

How Does Device Fingerprinting Work?

fingerprint on a keyboard

As mysterious as it may sound, device fingerprinting isn’t that complicated or difficult to understand as a concept. Just like a detective would collect fingerprints at a crime scene, the same applies to online users. But as you can imagine, it’s done much differently.


Without getting too technical about the whole process, every time a computer visits a website, they leave clues behind about what device they are using. These clues can be collected and used to create a profile of what device a user is using.

This is helpful in a number of scenarios such as when there are multiple devices connected to the same IP address, or when you need to determine what type of website to load for a specific device. With this information, businesses can also track what kind of users are visiting their site and use the data to improve their marketing efforts, website design, and security.

Many different types of software and online services use a form of device fingerprinting already, probably without you even realising. If you have Google analytics installed on your website, then you already use a type of device fingerprinting to detect which users are visiting your site from a desktop, mobile or tablet. Without being able to tell what device users are visiting your website on, you’d just have a generic list of users. This means you wouldn’t be able to make changes to your site or understand what type of users you are receiving.

With this basic concept of device fingerprinting in your mind, you’re probably wondering how websites get this important data from the user in the first place. After all, you can’t expect users to give you the information, freely right? Luckily there are various techniques developers use to identify the exact characteristics of an individual user which anyone can use freely.

Device Fingerprinting Methods

fingerprint information

 

When it comes to detecting the characteristics of a user, there are usually several different ways to do it. These detection techniques can vary in speed and accuracy meaning their use will depend on what the developer is trying to achieve. Some developers even go as far as creating their own detection techniques from scratch to make sure it’s as accurate and reliable as possible.

Although there are many different ways to detect what type of device someone is using, there are a few frameworks that have recently popped up which allow developers to identify users much faster.

Frameworks such as ClientJs and FingerprintJs allow developers to implement detection techniques directly into their code and software without having to create them from scratch. Not only does this save them a huge amount of time, but it also makes it easier as not everyone is a natural pro in device fingerprinting. By using these frameworks, developers can use the data collected to improve their software by doing things such as blocking certain devices to displaying device-specific content (e.g. mobile versions).

But online fingerprinting isn’t just limited to detecting the device of the user. An almost endless list of other variables can also be identified such as the user’s:

  • Screen resolution
  • Browser version
  • User agent
  • Local timezone
  • CPU architecture
  • List of plugins
  • Language

With so much data available to developers, putting it to good use can help catch fraudsters and improve the experience of users. By utilising this technology, many businesses can often save themselves a lot of money.

Device Fingerprint Examples

fingerprint wallpaper

Now you understand how businesses collect individual data from users, wouldn’t it be good to have a real-world example?

To see an example of device fingerprinting at work, head on over to AmIUnique.org. On this site, the website utilises various fingerprinting techniques and methods to detect what you are running on your PC. From looking at the detailed information tab, you can see things such as your user agent, list of plugins, screen resolution and use of AdBlock. They might not seem like anything useful to you, but to developers, this is a treasure trove of valuable information.

How Does It Stop Fraud?

Device fingerprinting is a crucial tool when it comes to fighting online fraud. Without device fingerprinting, it’s incredibly hard to track users and determine if they are unique or the same person.

This problem mainly arises when many computers are connected to the same IP address such as a library, or mobile network. If 100 computers are using the same IP address to connect to the internet, how can you tell as a website owner, which computer out of the 100 different ones is connected?

From the webmaster’s view, if they check their analytics, they’ll just see the same IP address again and again, when in fact, it could be different devices from the same network. This is how device fingerprinting and other fingerprinting methods give webmasters an important insight into who’s visiting their site.

By giving each device a unique ID, a webmaster can see exactly how many unique devices are visiting their site, even if they are behind the same IP address.

Here at PPC Protect, we use device fingerprinting to help us identify fraudsters repeatedly clicking ads. By being able to identify individual users regardless of their IP address, we can quickly tell when a fraudster is trying to avoid detection. Thanks to device fingerprinting, we identify these fraudsters and block them before they cost you a lot of money.

To see how much money PPC Protect can save you, sign up for our free 30-day trial below. With no credit card required and installation taking a matter of minutes, what have you got to lose? Fight back against fraudsters and get the most out of your AdWords budget.