Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Tracking Processors: Client Fingerprint Processor

    This processor is designed to collect uniquely identifying information from requests issued by a user. This information is then compared to the information collected about other sessions in the system. If a match is identified, the two sessions are merged. This allows session association to work even if all storage mechanisms used by the other tracking processors are cleared. Some of the uniquely identifying information includes the browser plugin list, the system font list, time skew, time-zone, user-agent, system language, etc.

    Table 1: Client Fingerprint Configuration Parameters

    Parameter

    Type

    Default Value

    Description

    Basic

    Processor Enabled

    Boolean

    False

    Whether traffic should be passed through this processor.

    Exclude Rules

    Collection

    [collection:0]

    The fingerprint association rules to ignore.

    Excluded Collectors

    Collection

    [collection:0]

    The data points to prevent collection of on the client.

    Hash Fingerprint Data

    Boolean

    False

    Whether to hash the raw fingerprint data points before storing them. This prevents the recorded data from being used to obtain the original information about the client and reduces the overall storage size requirements. If collecting PII data is a concern, this is a recommended option, as it will eliminate any PII data in place of hashed versions of that data which cannot be reversed.

    Page Injection Enabled

    Boolean

    True

    Whether the fingerprint script should be injected into the requested page.

    Advanced

    Binary Resource Directory

    String

    (randomized)

    The fake directory where binary resources required by the fingerprinting script are served from.

    Data Obfuscation Key

    String

    (randomized)

    The key used to prevent easy reading of the submitted fingerprint data. This should be alphanumeric and at least 8 unique characters long, duplicate characters are allowed, but do not count toward the total 8.

    Fingerprint Scope Key

    String

    (randomized)

    The key used to store fingerprint data. If this key is changed, all previously stored fingerprint data will be lost and the system will begin collecting fresh fingerprint data.

    Fingerprint Submission Response

    HTTP Response

    text/plain 200 OK

    The response to return when a user attempts to submit a fingerprint in the background. The user will not see this response unless they are using a debug proxy.

    Fingerprint Tracking Cookie Name

    String

    (randomized)

    The name of the cookie used on the client to ensure we don't submit multiple copies of the same fingerprinting data. This can be anything, but should not overlap with a legitimate cookie being used on the site.

    Hash Fingerprint Data

    Boolean

    False

    Whether to hash the raw fingerprint data points before storing them. This prevents the recorded data from being used to obtain the original information about the client and reduces the overall storage size requirements. If collecting PII data is a concern, this is a recommended option, as it will eliminate any PII data in place of hashed versions of that data which cannot be reversed.

    Script Filename

    String

    (randomized)

    The filename to use when serving the fingerprint script to the client.

    Submission Filename

    String

    (randomized)

    The filename where fingerprint data should be submitted back to the server

    Incident: Fingerprint Directory Indexing

    Boolean

    True

    The user requested a directory index listing on the fake directory used to serve binary resources required by the fingerprinting script. Since this is a fake directory, the request represents a malicious action.

    Incident: Fingerprint Directory Probing

    Boolean

    True

    The user requested a random file within the fake directory used to serve binary resources required by the fingerprinting script. Since only files we specifically reference in the fingerprinting script should be requested, this represents a malicious action.

    Incident: Fingerprint Manipulation

    Boolean

    True

    The user submitted fingerprint data to the server which was not properly formatted. This likely means that the user was manipulating the fingerprinting data or spoofed it entirely.

    Published: 2013-11-20