A new study found that over 145 websites listed among the top 10,000 websites in the world use device fingerprints to track users without their consent.
Isn't it spooky to find out that your every move on the internet is being tracked by website owners without your consent? Well! This might just be happening to you at this very moment. Researchers from KU Leuven-iMinds found that more than 145 websites listed among the top 10,000 websites in the world use device fingerprints to track users without their consent. What's even more spooky is that this tracking method works even when you have you "Do Not Track" option turned on in your browser. It also circumvents legal restrictions imposed on the use of cookies.
Device fingerprinting, popularly known as browser fingerprinting is a method where websites collect device properties like screen size, the versions of installed software and plugins, and the list of installed fonts to track users without using cookies. Since each set of properties is unique to its device, it serves as a "fingerprint" for the user. This is the first comprehensive study conducted on how prevalent "device fingerprinting" is.
Device fingerprinting targets either Flash, the ubiquitous browser plugin for playing animations, videos and sound files, or JavaScript, a common programming language for web applications. Through the study researchers also found that 404 of the top 1 million sites use JavaScript-based fingerprinting, allowing them to track non-flash devices like mobiles too.
Device fingerprinting can be used for various security-related tasks, including fraud detection, protection against account hijacking and anti-bot and anti-scraping services. But it is also being used for analytics and marketing purposes via fingerprinting scripts hidden in advertising banners and web widgets.
Researchers of this study developed a new tool named FPDetective, which can help users determine whether a website is device fingerprinting by searching it for suspicious scripts. Authors of the study revealed that the tool will soon be available on this website and others researchers are free to build on it.