Fingerprinting is a method for users or devices to be identified without specific user IDs. As an alternative method to the cookie, it creates a digital signature for a device, or ‘fingerprint’, using ID-less data.
Why would I need this?
Fingerprinting allows marketers or brands to approximately identify users without the need for cookies. However, it is an imperfect identification practice, relying on probability and behavioural consistencies to create digital signatures. As fingerprinting doesn’t use cookies, it can in some ways be a more consistent way of tracking. Users are less likely to change their operating systems or reset their IP addresses than they are to clear their cache and cookies.
It’s worth noting that the practice is viewed by some as unethical and both Google and Mozilla have committed to attempting to limit fingerprinting within their browsers.
How does it work?
Websites and apps collect data even without user IDs. This data is things like a user’s browser, device model, screen size and resolution, timezone, preferred language, keyboard shortcuts and more. By accessing the data and comparing devices’ attributes from one day to another, there is a high probability of recognising the same device based on identified patterns. By patching together information, marketers can make an informed estimate as to a user’s digital identity and create a ‘fingerprint’.
This highlights how the practice can be useful because of its immunity from cookies, but also its shortcomings as something that is unable to track users with any certainty of who they are. This tracking is also morally dubious because it collects people’s personal data without permission or giving them the option to opt-in or out.
Real world examples
Riding the TikTok algorithm: with great power comes great responsibility
10 performance marketers on the Chrome cookie extension
Google delays cookie demise (again) until 2024