Cross-Browser Fingerprinting: Tracking and Verification Method of the Future or Abandoned Experiment?

Dec 10, 2021

At the NDSS Symposium of 2017, three researchers from Pennsylvania’s Lehigh University presented a paper on “(Cross-)Browser Fingerprinting via OS and Hardware Level Features”, which was bound to draw the attention of news outlets specializing in cybersecurity and fraud.

Proclaimed as a 2.5-generation technique occupying the space between fingerprinting and cross-device tracking, cross-browser fingerprinting promised to improve online verification and tracking significantly, overcoming the hurdle of users choosing to have more than one web browser on the same device to evade detection of malicious activities, as well as for privacy concerns.

So, what has happened since, and has this innovation been adopted?

From Browser to Cross-Browser Fingerprinting

Utilizing stateless identifiers and thus moving beyond the stateful, server-set identifiers of cookies for tracking purposes, browser fingerprinting scrutinizes the browser configuration of a website visitor in order to identify them. Applications vary, from assessing their intentions as part of anti-fraud and anti-money laundering efforts to malicious tracking and beyond. Browser fingerprinting taps into several data points related to the user’s browser, including their browser language; browser type and version; whether they have cookies enabled; their user agent; accelerator, proximity sensor, and gyroscope, for mobile browsers; local databases; etc. 

This wealth of data points inform a user’s browser ID, from which various assertions can be made.....

Author

Hakin9 TEAM
Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023