What is device fingerprinting and how do I prevent it?

Device fingerprinting is when marketers use your device’s unique fingerprint to track you around the internet.

Similar to your Social Security number, your smartphone has a unique fingerprint that sticks with your device and thus can be used to track your movements across websites and apps. Once the largest data brokers know which person is attached to which device, they can build eerily accurate profiles about you.

Marketing and advertisement techniques have been revamped in today’s digital era. The question under discussion today is how marketing and advertising agencies target people on digital platforms.

The most well-known method, which has been in use for decades after the advent of the Internet, is the cookie. These seemingly harmless things, which many internet users don’t even know about, are used to track and identify the online behavior of users through their browsers.

However, as electronic devices have shrunk in size, from desktop computers to laptops and now smartphones and tablets, the method of online targeting has changed. Online targeting is now done by a procedure known as device fingerprinting. These online practices not only breach a user’s online privacy but also make one’s online profile prone to hacking. They’re a threat to smartphone users, and everyone should be cautious of them. 

For anyone wondering how to stop device fingerprinting, read along.

What is device fingerprinting?

Device fingerprinting involves two main things, both of which are present in a smartphone or tablet. One is an operating system like Android, Apple, or Google. The other is a web browser used to visit different websites, such as Chrome, Firefox, or Opera. 

The information acquired by web browsers when they are being used includes language preference and IP address. This information is enough to identify a unique device. Device fingerprinting determines the device’s attributes on multiple days to recognize the user’s information as correctly as it can.

A lot of people tend to get confused about the difference between cookies and device fingerprinting. In simpler words, web cookies are stored on the user’s device or the client-side of the browser, while device fingerprinting is stored in a server-side database.

What type of information Is collected via device fingerprints?

Whenever the user browses on a web browser, the device finger collects a lot of information such as:

  • HTTP request header
  • IP address
  • User-agent string
  • Installed device plugin
  • User’s time zone
  • Device information like touch support, OS, language, and screen resolution to identify the device type
  • Flash plugin data
  • Installed fonts
  • Timestamps
  • Silverlight data
  • Mime-types

Why marketers use device fingerprints

Most of us connected to the Internet and apps on multiple digital devices. That generates billions of terabytes of meaningful data every day, which is then mined by marketers to connect to their audiences across digital channels.

Connecting these data dots has traditionally relied on cookies. These are small files placed on your computer that track your behavior across websites.

However, cookies are on their way out. Many users disable cookies which prevents websites to monitor their information. That is why digital user tracking is now addressed using another technique commonly known as device fingerprinting (there’s also browser fingerprinting).

Device fingerprinting is like the cookie monster but without the cookies. It’s insidious and is really effective at tracking everything you do in your digital life.

For marketers, there are many benefits of using device fingerprinting over cookies. Cookies aren’t a reliable source to track device usage, and it’s up to the user to allow cookies to run on the sites they visit. They can easily be disabled, but this isn’t the case for device fingerprinting. One of the most significant disadvantages of cookies is that online ads can easily be recognized and blocked by ad blockers. This means that cookies fall short of serving an advertising company’s purpose. 

How to prevent device fingerprinting

Device fingerprinting is very challenging to stop. However, it is an essential step to protect your privacy while browsing online. if the necessary measures are taken, one can control device fingerprinting to a great extent. 

Here are possible steps to take to stop device fingerprinting. 

1. Use a popular browser

This kind of flies in the face of the recommendation to use a privacy-focused browser. But, since those are used by fewer people, it’s easier for device fingerprinting — you’re a needle in a much smaller haystack.

Using a browser that’s used by the masses is an excellent way to avoid device fingerprinting. The more users a browser has, the less likely one is to get targeted for fingerprinting. Hence, while device fingerprinting can’t be stopped, it can be avoided. 

It’s important to make sure that the latest version of the browser is always downloaded. Each browser update comes with better security and lowers the chances becoming the target for device fingerprinting. For example, the latest Mozilla Firefox update attempts to stop fingerprinting by blocking any third-party requests coming in from companies that are known to participate in device fingerprinting.

2. Disable Flash and JavaScript

Most of device fingerprinting software run on either Flash or JavaScript. So, the best option to stop device fingerprinting is to disable both Flash and JavaScript on a device. While this is a good solution, it isn’t the easiest. Disabling Flash or JavaScript can directly affect your web browsing experience because many websites won’t open properly without JavaScript. 

So, it’s important to understand the trade-off between a seamless browsing experience and the probability of being tracked online. Some websites also have features that are run on Flash, so one may not be able to fully enjoy website animation or pop-up information pages.

3. Browsing in Private Mode

Browsing in private or Incognito mode can protect a device from online tracking. Doing this does not completely stop device fingerprinting, but it restricts the total amount of information that can be accessed via a fingerprint.

4. Use a VPN

A virtual private network (VPN) service creates a private Internet tunnel to access information online. As the name depicts, a VPN creates a virtual IP address for a device and effectively hides a user’s information. In this way, a device fingerprint won’t contain information regarding the device’s real IP address. 

As is the case with browsers, it’s also preferable to use a VPN service that is used by many. Once again, this helps disguise real information better as there are more potential servers to connect with.

5. Update your settings

Some browsers also allow you to prevent device fingerprinting in the settings menu. Well this is in perfect, you might as well set it so that you can restrict information sent from your browsing activities as well. That way, when you’re using your device to browser on the Internet, you’ll have another layer of protection.

6. Change your device ID

If you have an android phone, you can also change your device ID. That would Reset your device fingerprint and tracking would have to start fresh. Well this is definitely more of an advanced moves, it’s something to consider as privacy it is especially important to you right now. More on that here.

Next steps to protect your privacy online

Unfortunately, no matter how many internet users try, device fingerprinting cant be stopped. However, taking strict measures can minimize the chances of device fingerprinting. The goal is to duck and weave, hide and obfuscate. They have major technology sleuthing your trail, so you have to do what you can to cover your tracks!

A few other steps to protect your privacy while browsing online:

What to do if your identity is stolen

Browser fingerprinting: What is it and how to prevent it?

Start Fighting for Your Privacy!

Your personal data & contact info is likely held by thousands of companies, being bought and sold every day for marketing purposes (because of fine print when you clicked "I Agree"), just waiting for a data breach to expose your info to spammers, hackers and identity thieves on the dark web. Entrust Privacy Bee to fight on your behalf and we'll continually force marketers and data brokers to purge your info from their systems!

Signup

New law let's you protect your digital privacy!

Signup