Are Cookies Obsolete?

6 Comments

Mar

2010

by MrOptimization in News

Browser Fingerprinting with Multivariate Testing and Targeting - MrOptimization.com

Say hello to "Browser Fingerprinting"

Browser fingerprinting has been used in web financial applications for a while, but now it might be heading for the mainstream.

The Electronic Frontier Foundation is in a snit, so you know something interesting must be happening.

How does "Browser Fingerprinting" work?

We all load up our browsers with different settings, install different plug-ins, run them on different computers with different attributes like OS versions and screen resolutions and so on.

Each of those little items make up the lines in our browser fingerprint. When taken all together, those bits and pieces form a unique print that can be used to identify us individually.

This is the same sort of "fingerprinting" Microsoft has been using for years as part of their Windows Product Activation.

And the great thing for marketers is there can never be a "delete browser fingerprints" button.

How unique are you?

The EFF put together a Browser Fingerprint Test you can run on yourself to see how "unique" you are.

And the more you tweak your browser and install add-ons, the easier it is to uniquely "fingerprint" you.

Gentlemen, we have the technology

It's like learning you could use water to fuel your car. A head slapping DOH! moment.

All of the technology you need to do browser fingerprinting is already there in every visitor's browser.

Just add a little JavaScript and some back-end algorithmagic and you're done. Nothing to install and your visitors will never know it's there.

Legalities?

Most sites today collect a lot of this information already through analytics and other page tags. Technically, fingerprinting is no different.

Now instead of just storing all of those details for use in reports you're examining them holistically in real-time to uniquely identify visitors.

Everyone's general counsel will have different ideas on how to approach the Ts&Cs, but many privacy policies already mention this sort of thing, so you're probably already covered there too.

Are any of you using browser fingerprinting now or planning to start soon?

6 comments

Randy

It works pretty well

Sun March 28, 2010 16:07:40

We have an app at the consumer bank that uses this for fraud detection.

You're right that it works like Microsoft's activation. You can change some of the browser settings and it can still pick you out.

Danny Stephens

A lawyer in the house?

Sun March 28, 2010 17:52:01

Like to know where the lawyers come down on this.

If the information is being broadcast by the browser if someone collects or not, how can anyone complain and how could it be a privacy issue?

Dan Thompson

Pretty disconcerting

Mon April 05, 2010 11:51:55

I used the "panopticlick", and apparently my "fingerprint" is unique out of the 750,000 they've tested. To me this is pretty disconcerting.

I could see this being integrated with data aggregation techniques in the near future. The result of that could be that every website you've ever visited is neatly packaged into a database that will be sold to anyone in the world. Data aggregation is already bad enough, but if they can profile every website you've ever been to, think about how much worse it can be!

Emilio V. Morales

Not that bad

Mon April 05, 2010 11:58:08

Panopticlick, eh? Heh, subtle reference to Foucaultian Biopower?

In my opinion it's really not as bad as it's made out to be. As the web expands "finger prints" will become less and less unique. Combine this with privacy ensuring software such as Tor, and the fact that a "finger print" can easily be changed with a simple firefox add-on, and this becomes less significant than it's made out to be.