Web tracking and device fingerprinting are activities or practises that are often tools for profiling visitors or users. Use of those techniques might be legitimate, however often are performed without consent or knowledge of the subject.
Web tracking is a practice of web service providers or third parties to analyse users' behaviour and engagement with the service. Web based tracking could be performed using cookies, device fingerprinting methods or scripts (Samarasinghe and Mannan, 2019). Usually web tracking is used to provide visitor of the website with more personalised content based on previous activity, to serve visitors with targeted advertisement, or even to sell visitors' data to third parties (Norton, 2022). The other variation of web tracking is obtaining data for service improvement purposes. It is strictly service focused and allows to identify patterns of service usage or difficulties that visitors encounters often.
Device fingerprinting is an invasive tracking technique. Fingerprinting software tends to capture large amount of data related to visitor's device. With numerous parameters tested, a configuration could be unique and software could almost certainly determine identity of visitor. Fingerprinting could be performed in a stealth manner by capturing data that visitor has to send with every request for example IP address, browser make and version, operating system, default language and more. This method is also performed on server-side therefore can not be detected or blocked. More aggresive fingerprinting method executes program - usually embedded JavaScript - to capture possibly large set of data including screen resolution, browser add-ons or even set of fonts installed on device (Mozilla, 2022). Fingerprinting is used oftenly as a substitute to cookies or other technologies that are easy to disable or requiring consent, what makes it a tool used mostly for illegitimate purposes.
Profiling refers to gathering and analysing user charakteristics and data. Number of different factors associated with user may be included in process of profiling - interests, preferences, habits and more. Profile could consist of static data, for example nationality or gender; dynamic data is also frequently present - current needs and areas of interest (Cufoglu, 2014). User profiling allows to categorise, assess capabilities and needs. Completing individual profile allows to deliver targeted advertisements or content. Users profiles could be also sold to third parties and used to commit cyber-crimes, for example information that person is customer of a specific shop could lead to successful scam or phishing attack.
In conclusion, there are numerous advantages of mentioned techniques for both, service providers and consumers, however there are also serious risks regarding data protection, privacy and vunerability to cyber attacks. It is often impossible or very difficult to detect or prevent malicious use of those but society already started adapt to new risks, rising awareness and introducing legislation in control of public cybersecurity.
References:
Samarasinghe, N. and Mannan, M., 2019. Towards a global perspective on web tracking. Computers & Security, 87, p.101569.
Norton, 2022. Internet tracking: How and why we’re followed online. [online] Us.norton.com. Available at: <https://us.norton.com/internetsecurity-privacy-internet-tracking.html> [Accessed 12 April 2022].
Mozilla, 2022. What is fingerprinting and why you should block it. [online] Mozilla. Available at: <https://www.mozilla.org/en-US/firefox/features/block-fingerprinting/> [Accessed 12 April 2022].
Cufoglu, A., 2014. User Profiling - A Short Review. International Journal of Computer Applications, 108(3), pp.1-2.
Comments
Post a Comment