What's Device Fingerprinting?

Imagine this. A user clears their cookies, switches to incognito mode or connects to a VPN and your webapp still recognizes them. That’s what device fingerprinting is. The official definition is that it’s a technique used to identify and track unique users by collecting specific data points from their browser, hardware, and operating system. This article explains how it works and how it fits into your security stack. The Problem with Cookies Cookies were the original device identifiers but there’s a downside to them. Some browsers block them by default, incognito mode bypass them entirely not to mention that some users delete them. As traditional methods lose effectiveness device fingerprinting has surged as the alternative. It doesn’t store anything on the user’s device, only read what’s there. How a fingerprint is built Device-fingerprinting services create fingerprints based on a combination a number of data points. These include but not limited to: IP address HTTP Request Headers U