ShieldF

ShieldF reduces user fingerprinting when browsing by misinforming OS, browser and hardware attributes/properties of the device

Digital advertising is arguably the primary source of funding sustaining the current Internet. The attractiveness of online advertising for advertisers, compared to other traditional forms of publicity (e.g., TV, radio, or newspaper), is its ability to deliver personalized ads. The key point for implementing personalized advertising is the design of techniques that can identify unique users online. These techniques are used for tracking & profiling users, showing targeted or re-targeted ads, implementing attribution models to assess the performance of marketing strategies, etc. The most widely used and known techniques for this purpose are third-party cookies, advertising IDs, and fingerprinting. Third-party cookies and advertising IDs, if properly implemented with the appropriate consent acquisition, comply with the data protection regulations. Instead, fingerprinting is, by definition, an intrusive practice representing a severe threat to end-users privacy. Web browsers have developed a set of functions and APIs that allow accessing different information about the browser, the operating system, or the device. The original goal of these functions is to optimize the functionality of browsers and the user experience. Web fingerprinting is implemented through a script embedded in the HTML code of the web page. This script leverages the different functions and APIs offered by the browser to collect different attributes from the browser configuration (e.g., browser add-ons or configured languages), the OS (installed fonts), and the device (sound device or graphic card information). In conjunction, the values of all these attributes create a fingerprint of the device. If a sufficiently large number of attributes are collected, the resulting fingerprint of the device might be unique even among a large pool of devices. ShieldF is a countermeasure to fingerprinting. ShieldF reduces user fingerprinting when browsing by uninforming OS, browser and hardware attributes/properties of the device accessible with JavaScript and with high entropy without harming the user's browsing experience. Its use lead to a significant improvement in the protection offered by browsers to fingerprinting.