Browser Fingerprinting: A Breakdown

Scott CooperJust like you are unique as an individual, just as no two snowflakes are alike, even your Web browser has its own identifiable qualities. According to the Electronic Frontier Foundation, “When you visit a website, you are allowing that site to access a lot of information about your computer’s configuration. Combined, this information can create a kind of ‘fingerprint’ — a signature that could be used to identify you and your computer.”

The information gathered that makes up your browser fingerprint includes: browser type used, plug-ins installed, system fonts, and the configuration and version information from your operating system. The possible implications of this means it’s possible that cookies or an IP address would no longer be needed for identifying a unique individual or machine. The browser fingerprint could be a substitute for that as a means to identify.

I visited a research project of the Electronic Frontier Foundation called Panopticlick, which creates a fingerprint for your browser, then lets you know how unique your browser appears, and how much information is shared. I tested my own computer using two different browsers and both appear to have unique fingerprints among the 1,241, 361 other ones tested so far. This makes sense, that even on my own machine, the two fingerprints are different because I use those two browsers in different ways for assorted tasks, and don’t have the same plug-ins for both.

Some are concerned about their browser fingerprints being used in a harmful way to track people and their activity when they don’t want to be. But your browser fingerprint has already been used for years by site analytics software to accurately measure Web traffic, plus provide visitor platform and browser statistics.

There are other ways that sites can use your fingerprint in positive ways, like checking your plug-in list to warn you if you lack something necessary to view the site, or (as mentioned in previous Lunch Pail posts) to display an optimized page or experience for a particular browser version or mobile device. Fingerprints have even been proven useful in the detection and prevention of online identity theft and credit card fraud.

The use of fingerprinting by companies, in my opinion, is a good thing as long as it is for just and ethical reasons. If a company is going to identify me to personalize my online experience while making it optimized as well, then I’m ready to ride that train.

One Comment

  1. Posted November 2, 2010 at 1:49 pm | Permalink

    A well balanced article. Browser Fingerprinting can be a very effective tool for preventing fraud.

    As you say it is inevitable that variations of device fingerprinting will eventually be used by marketers for short-term behavioral targeting.

    One of the ways that privacy concerns can be abated is if the collection and tracking of a fingerprint is only done when the user explicitly opts-in to a transaction (e.g buy, submit, login) and agrees to privacy policy and terms of service that limits the usage of that data to fraud prevention.

%d bloggers like this: