I am sure that if you are working in marketing you’ve heard about browser fingerprinting. I am also sure that products using this technique have been offered to you. At Uptimal we think that the best way to ensure a good decision for you, your team or your company is to have a solid knowledge of the matter.
What is browser fingerprinting?
Easily explained, a collection of your browser characteristics (browser type, operating system, plugins, timezone, screen resolution... and more!) that all together uniquely identifies your browser. To have a more comprehensive understanding, worth to check the next video about how Google Chrome is approaching fingerprinting:
We marketing people want user’s data to better spend our media budget. Traditionally this has been handled through the usage of browser’s third party cookies by uniquely identifying a user and his preferences but, as I am sure you have heard, this is coming to an end, so the industry is finding new creative ways to identify users across multiple sites.
Is it legal?
This depends on the laws of each country but taking the UE as law privacy pioneer we can see that fingerprinting is only permitted if:
a) An explicit consent of the user is given that fingerprinting is required to provide a special service and is used in this context without exception to carry out the data transfer or
b) There is another legal basis, such as the entitled interest (according to GDPR Art. 6 1 f), which, however, might no longer be admissible in Germany after the BGH ruling of the end of May. In other EU countries, the Beneficiary's Interest is already no longer regarded as permissible
So, it is and it is not - be very careful here and seek legal advice for your specific use case.
Does it really work?
Yes it does and it can't be easily erased like you would do with cookies, although users may use a set of techniques to make it partially reliable (avoid uniqueness) but, let’s face it, very few users would do that.
To see how easily identifiable is your browser you may use sites like amiunique.org - using Google Chrome I am myself (my browser) unique among 3 million fingerprints that this website has accumulated so there are very few options that my fingerprint overlaps with another user’s fingerprint and even if it does, the rate is sufficient for marketing purposes.
Safari claims to avoid fingerprinting (at least, the most common ones) but, if you’re using an iOS device and you do the same test, the result will be very similar. Additionally if you are not convinced, you can see a real demo on fingerprintjs.com.
Is it worth?
It all depends on your business and on your online presence but in general, know that 55% of the total internet share of traffic is using mobile devices and the 90% of user's mobile usage time is spent in apps, and only 10% browsing on the rest of the internet. Browser fingerprinting doesn’t work in apps as there is no browser to interact with.
If you get positive legal advice and you know or suspect your target users are mostly web users, I do not see a reason to not make use of it. On the contrary, if you mostly spend your budget on app inventory, you don’t even need to be worried.
As a final note, if you have checked the video at the beginning of this post (if you don’t, please do), it’s obvious that web browser vendors will keep fighting against this practice, therefore any tool you may use that solely relies on fingerprinting as a way to uniquely identify users, will have a very short lifetime.