End-User Device Identification Data

Advanced Authentication Service › Getting Started with Advanced Authentication › Risk Evaluation and Fraud Detection › Data Used for Risk Evaluation › End-User Device Identification Data

End-User Device Identification Data

The following sections describe the device identification and analytics techniques that the Advanced Authentication service uses.

Machine FingerPrint (MFP)

Machine FingerPrint is the data that is gathered from the end user’s device. Machine FingerPrint is also referred to as Device fingerprint or PC fingerprint in industry terms. The device data that is collected is used to generate a risk profile of the device in real time. The data that is collected includes:

Operating system name and version
Browser information (such as name, UserAgent, major version, minor version, JavaScript version, and HTTP headers)
Screen settings (such as height, width, and color depth)
System information (such as time zone, language, and system locale)

When the end user tries to access a protected resource, the Advanced Authentication service matches the corresponding MFP stored in its database with the MFP calculated from the incoming data. If the match percentage is equal to or more than a preconfigured value (set at the time of service initialization), then the login attempt is considered to be coming from a known, and therefore safe, source.

Note: The MFP is not available during the end user’s first transaction attempt. The Advanced Authentication service uses the MFP for risk evaluation only on subsequent transaction attempts from the same device.

Device ID

The Device ID is an identifier that the Advanced Authentication service generates and sets on the end user’s system to identify and track the device used by the end user for subsequent logins and transactions.

The Device ID can be stored in one of the following formats:

A Flash Shared Object (FSO), which is a file stored with a .sol or .ssl (if SSL is being used for communication) extension. It is available in the Flash Player directory of the user's profile. This type of identifier is common across most browsers.
A browser cookie, which is an HTTP-based object whose extension and storage location depend on the browser used by the end user.

When an end user is evaluated for the first time, the Advanced Authentication service generates a unique Device ID and sets it on the user’s system. During subsequent login attempts by the end user, the Advanced Authentication service checks whether the Device ID on the user’s system matches the Device ID stored in the Advanced Authentication store. If the two Device IDs match, then the transaction attempt is considered to be coming from a known, and therefore safe, device.

Note: The Device ID is not available during the end user’s first transaction attempt. The Advanced Authentication service uses the Device ID for risk evaluation only on subsequent transaction attempts from the same device.

DeviceDNA

DeviceDNA uses both MFP and Device ID for more accurate information analyses. To improve the accuracy of the risk evaluation process, more data is collected when the DeviceDNA technique is used than in the case of MFP. The following are examples of some of the data items collected:

System information (such as platform, CPU, fonts, and MEP)
Browser information (such as vendor, VendorSubID, and BuildID)
Screen settings (such as buffer depth, pixel depth, DeviceXDPI, and DeviceYDPI)
Plug-in information (such as QuickTime, Flash, Windows Media Player, ShockWave, and Internet Explorer plug-ins)
Network information (such as IP address and connection type)