Friday, August 14, 2009

Device Fingerprinting

I was just reading the web another day, when I came across this term. I thought it meant fingerprinting, but then I re-read it and understood that it was different one. So I set out to know what it meant and hence here is an article which will throe light on this issue.

A proper definition for device fingerprinting is to know all the details, i.e. both the hardware and software details of a remote computing device. This information can be collected without users consent and hence as been termed as breach into the user's privacy. But this can be used to provide breakthrough in cyber crimes.

There can be two types of device fingerprinting. Passive fingerprinting will result in the obvious querying of client as a transaction is made. But active fingerprinting, involves installing some executable code on the client’s system and then collecting the details. This is intruding the system directly.

There are two requirements for fingerprinting, but neither of them van be achieved. One is called diversity and the other stability. Diversity means that every device must have a unique fingerprint, which is not possible. One can achieve diversity by collecting a number of parameters about the device but then stability will be compromised. Stability means that the device's parameters must be stable over time.

Though this can be termed illegal, this methodology when used properly can be very helpful to combat cyber crimes!

1 comment:

  1. A device fingerprint is a compact summary of software and hardware settings collected from a remote computing device.