Device Fingerprinting

How is Device Fingerprinting Integrated?

The first step is to integrate SEON’s code into your platform. This is done either via Javascript, iOS SDK, or Android SDK. This code lets us collect parameters about the user, and reveals them through the SEON interface.

SEON uses device fingerprinting to collect information on user devices and make more informed decisions. Learn more about how you can use device fingerprinting in fraud prevention here.

Javascript Snippet and SDK

The Device Fingerprint tool collects the information using a lightweight JavaScript snippet or SDK embedded on the web platform or mobile application of our client.

SEON’s lightweight JavaScript snippet can be easily embedded on your web application to uniquely identify devices.

Our SDKs enable seamless integration with your mobile applications for iOS and Android platforms.

SEON’s Scoring Engine can use any collected and generated data fields for the scoring algorithm. Custom rules can be created based on them, or they can be added to black/white lists. Machine learning and heuristic rule creation module is also taking into algorithm these data fields.

List of collectible parameters

Cookie Hash
Generated ID of the browser cookie session. If 2 users share this, it’s certain they are using the same browser and device. If the browser’s cookie and cache is being cleared, a new cookie hash will be associated with the device.
Browser Hash
A string of numbers and letters created to map data related to a user’s browser. In a way, it serves as the browser’s ID, used to identify the browser and user by the party who created the hash to begin with. This also means that it can help tell whether two users are accessing a website from the same browser.
Device Hash
A generated string of characters that contains information about the device and its user (e.g. local date and time, operating system version and type, GPU, screen data and more). Each hardware configuration (but not each individual device) has a unique ID. This helps find connections between seemingly different users. In mobile devices, the device hash serves as a unique identifier.

JavaScript SDK

iOS SDK

Android SDK

Collected Parameters
from Browsers

Collected Parameters
from iOS Devices

Collected Parameters
from Android Devices

Cookie hash
Browser hash
Unique device hash / identifier
Timezone of browser and IP
Operating system detection
Useragent information
Private browsing detection
Operating system, browser languages
Screen size of device, browser, windows
Installed fonts and generated hash
Installed plugins and generated hash
Battery level
GPU information
Browser features: flash, java etc.
Canvas device fingerprint
Audio fingerprint
WebRTC IPs
DNS: Geo + ISP

Unique device hash / identifier
Accessories information
Audio information
Battery information
CPU information
Advertising Identifier (ADID)
Device name
Device orientation
Unique Device Identifier (UDID)
iCloud ubiquity token
iOS version data
Jailbreak status
Emulator detection
Kernel information
Boot information
Network configuration
Pasteboard data
Memory information
Proximity sensor data
Local language
Local timezone
Screen brightness
Screen resolution
System uptime
Storage information
MAC address
Wifi SSID
TCP/IP Fingerprint
Passive SSL/TLS handshake analysis

Unique device hash / identifier
Android ID
Android version data
Audio information
Battery information
Build information
Carrier information
CPU information
Device name
Storage information
Emulator detection
Root status
Kernel information
Boot information
Network configuration
Pasteboard data
Memory information
Proximity sensor data
Local language
Local timezone
Screen brightness
Screen resolution
System uptime
MAC address
Wifi SSID
TCP/IP Fingerprint
Passive SSL/TLS handshake analysis

What else does SEON's device fingerprinting track?

Our scoring algorithm recognizes suspicious tools, setups and settings on desktop and mobile devices. We base this on specific characteristics our data science team discovered with fraud and bot attempts. This gives you more accuracy in detecting fraud.

Some of the device characteristics we assign varying levels of risk score include:

Browsers specifically designed to get around many existing fraud solutions such as Indigo, Sphere, Linken Sphere, GoLogin, Accovod, Ghost Browser, Kameleo, Cydec, MultiLogin, AntBrowser, ClonBrowser, XLogin, VM Login, Ads Power, Incogniton, Undetectable, HydraProxy, Che Browser, Octobrowser, and Dolphin{anty}:

Browsers commonly used by fraudsters SEON can detect.

Privacy browsers such as Tor, Brave, and DuckDuckGo
Browser spoofing
Browser version age
Rare browser environments
Browser anti-fingerprinting extensions such as AdBlock Plus, AdBlocker Ultimate, AudioContext Fingerprint Defender, Canvas Blocker, Canvas Fingerprint Defender, CyDec Platform Anti-Fingerprinting, Disconnect, DuckDuckGo Privacy Essentials, Fingerprint Spoofing, Ghostery, Font Fingerprint Defender, Privacy Badger, Script Safe, WebGL Fingerprint Defender, DOM blockers:

Unpopular screen resolutions
Common combinations of bots, automation, or testing tools such as Selenium, Headless Chrome, Headless Firefox, PhantomJS
VM environments such as VMware and VirtualBox

Combination of suspicious browser profiles:
- The riskiness of the browser
- Device, font, WebGL, or canvas hashes
- Number of audio inputs and outputs plus video inputs in the browser

Associating specific and higher scoring levels for unusual setups allows you to detect fraudsters and unnoticeable large-scale attempts by bots. You also have the flexibility and control to fine-tune this risk scoring.