JavaScript device fingerprinting works by using bits of information about a user’s device to create an identifier – much like how the game Clue uses clues to narrow down a list of suspects. This can be done by looking at how a device processes images (Canvas fingerprinting), audio (WebGL fingerprinting), and internal or linked media devices (media fingerprinting).

To make a fingerprint, a piece of software is loaded into a browser to collect the data that will form the identifier. Usually, this includes the operating system, browser type and version, screen resolution, installed fonts and plugins, time zone, and other characteristics that make up a unique device profile.

JavaScript Device Fingerprinting: Tracking and Security Insights

This can be done with JavaScript or with other tracking methods such as cookies and pixel tags. The device fingerprint is a key element in how companies can track the users of a website and target them with relevant ads that will increase conversions or engagement. It also raises significant privacy and fairness concerns as people may be unaware of the amount of data about them being collected online.

For fraud detection, fingerprinting can help spot fraudsters if the device is a different one than usual or uses a proxy to spoof their location or other information. IPQS’s Device Fingerprinting can be deployed on a site or embedded in mobile apps to identify high risk activity like bots, VPN use, or other malicious behavior. Our main product, Identification, and its Smart Signals are built to recognize all of the most common device profiles and adapt as browsers change – without disrupting visitors.