[keycloak-dev] Device fingerprinting
Douglas Palmer
dpalmer at redhat.com
Tue Sep 18 16:02:08 EDT 2018
Hi everyone
I haven’t managed to find an open source solution to device fingerprinting which gives us everything we need. This library however gets us most of the way there http://valve.github.io/fingerprintjs2 <http://valve.github.io/fingerprintjs2>. It doesn’t give us enough information to distinguish between a desktop and a laptop but it will let us correlate devices and we can distinguish between a PC, a tablet and a phone. We can also get the OS, Browser and Versions from the user agent string.
I have taken a look at a few sites the track device sessions. Apple can tell the difference between an iMac, a MacBook, an iPad and an iPhone. Facebook, GitHub, Google, LinkedIn and Pinterest don’t distinguish between an iMac and a MacBook. So maybe the library above is enough.
I also came across the following article from the EFF which casts doubt on the legality of digital fingerprinting in Europe. https://www.eff.org/deeplinks/2018/06/gdpr-and-browser-fingerprinting-how-it-changes-game-sneakiest-… <https://www.eff.org/deeplinks/2018/06/gdpr-and-browser-fingerprinting-how-it-changes-game-sneakiest-web-trackers>
Does anyone have any input on any of this? Is there a better library that I have missed? Should we stick to parsing the user agent to avoid potential problems with GDPR?
Regards
Doug
More information about the keycloak-dev
mailing list