For a long time, the cookie reigned as the most popular method to track user

behavior across online platforms. But this has changed. Today, many people
set their browser preferences to disable and delete cookies by default. As
cookies become a less effective tool, organizations are pivoting towards a
different type of digital identification—device fingerprinting.

‍What is Device Fingerprinting?

Device fingerprinting is the process of collecting unique information from a

device for the purpose of fraud prevention, identity validation, and digital
advertising. Every time a user accesses a website or an app, the website
takes an impression of the device. These are used to create a unique device
fingerprint, which allows businesses to compare fingerprints across devices
and determine the level of risk on their platform. Examples of the data points
taken to determine a device fingerprint include software and hardware
attributes such as:

● IP addresses
● Wi-Fi network
● Screen resolution
● Battery information
● Device model and brand
● Operating system
● Language setting
● Time zone and GPS coordinates
● Browser information
Conceptually, the benefits of a device’s fingerprint are similar to those of a
human one. In the same way that a human fingerprint can be used to identify
and track somebody, a device fingerprint can be used to track a device as it
traverses a mobile or a web environment.

Device fingerprinting is used to stop fraud on mobile apps and web

environments. From the largest fraud syndicates to your average opportunists,
online fraudsters come in all shapes and sizes. But one thing they have in
common is that they can be identified by a device fingerprint.

Can Fraudsters Change Their Device Fingerprints?

As technology advances, it’s become much easier for fraudsters to change

their device fingerprint using malicious tools and techniques. Changing a
device’s fingerprint will make said device look different, and different devices
are more likely to be trusted than those that have been used to commit fraud
before.

For example, VPN apps are a pretty popular tool used to mask IP addresses.
Someone looking to access content unavailable in their current location could
use a VPN to change their IP address before logging onto a streaming
service. Media and streaming services also cost different amounts depending
on where someone is, so users that want to take advantage of lower prices in
another country can use VPN apps to switch their location and pay less.

Another way fraudsters can change their device fingerprint is by factory

resetting their device, which resets it to its default settings. An app would
recognize this device as a new one, therefore allowing the same user to
create another account. By factory resetting their phone each time, fraudsters
will be able to create new and fake accounts using the same device. Since
fake accounts are the root of fraud, the green light to create these accounts
exposes digital ecosystems to a host of fraud attacks, including referral and
promo abuse, content spam, and transaction fraud.

‍How Is Device Fingerprinting Used to Stop Fraud?

A device’s fingerprint can be used to stop fraudsters by determining the level

of risk at any point in the customer journey—from registration to transaction.
This is done by continuously profiling user sessions. Based on this, fraud
teams can decide to block risky devices automatically or conduct manual
reviews before making a decision. There are three key indicators that a device
fingerprinting solution should provide.

1. Device ID

A device ID is a unique string of alphanumeric characters that serves as the

identifier of the device. It’s assigned by the fraud prevention vendor and might
look something like this: b43n45734oi1208n76j5h43ou7.

The most important aspect of a device ID is that it remains the same even if a
fraudster tries to change their device’s fingerprint. Let’s say a fraudster tries to
create multiple fake accounts using the same device. The device ID will reveal
that the device is linked to multiple accounts, no matter how many times the
fraudster factory resets their device and masks their locations to appear as
new accounts.

2. Risk Indicators

Device risk indicators reveal the tools and techniques that are typically
associated with fraud. Some of the tools include app cloners, GPS spoofers,
emulators, and VPNs, and techniques can include app tampering, device
tampering, and signs of jailbreaking. When one or more of these is being used
by a certain device, they will be flagged as a risk indicator. The presence of
one or more indicators does not necessarily mean fraud is happening, but that
there is a tool in use that is typically associated with fraud.

3. Risk Score
As the name would suggest, a risk score is a numerical indicator of a device’s
‘riskiness’. It tells you the risk level of a device. This risk score is calculated
from an analysis of the type and frequency of tools and techniques used on
each device and whether the same device ID is linked to multiple accounts,
among many other factors.

Case Study: SHIELD In Action

Let's say you run an e-commerce app. You’re trying to put an end to fake
accounts because they’re being used to post fake reviews and abuse the
incentives you offer. This can hinder your financial growth, skew your
analytics, and damage customer trust. You then decide to implement a device
fingerprinting solution. It’ll work something like this:

1. A fraudster tries to create a fake account on your app.

2. SHIELD will check thousands of device data points in real time (e.g.
device name, model, screen resolution) and resolve thousands of
questions, including:

● Do any other accounts use this device to log into your platform?
● Is the device using any tools or techniques associated with risky
behavior? For example, app cloners and bots.
● Do the device’s attributes differ a lot from regular users? For instance,
logging in from a country your app doesn’t operate in.
● Has the device been used in a previous fraud attempt?
3. SHIELD’s technology returns device intelligence in the form of:

● A unique device ID.

● The names of the tools and techniques being used to create the fake
account.
● A trust score to let you know how trustworthy a device session is.
● How many users are using the device.

4. This device intelligence empowers you to take charge of your risk

decisioning. You could:

● Leverage SHIELD to block this device instantly from your platform.

● Send the user account to your fraud team for a review before deciding
to accept or reject it.

SHIELD’s Device Intelligence for Fraud Prevention

Getting a precise picture of users and devices is a key tool for preventing
fraud on digital platforms. Here at SHIELD, we partner with world-leading
enterprises, providing them with device intelligence that empowers them to
stop fraud, build trust, and drive growth. Our proprietary device fingerprinting
technology enables businesses to make precise decisions about device
trustworthiness with the global standard for device identification — SHIELD
ID.

Powered by machine learning algorithms and artificial intelligence, we analyze

thousands of device, network, and behavioral data points to return the most
comprehensive picture of risk on an ecosystem. With our technology,
businesses are able to harness accurate signals to eliminate risk blind spots,
provide superior user experiences, and accelerate growth.