"Evercookies" and "Fingerprinting": Are Anti-Fraud Tools Good for Ads?
Techniques like “evercookies” and “device fingerprinting” are new and controversial in the online ad industry, but they’re widely used by firms that seek to catch cyber criminals.
Criminals, who have a powerful incentive to remain anonymous, learned long ago to thwart cookies–small text files associated with their Web browser. So anti-fraud companies began searching for more persistent identifiers.
Some firms hide other small files in several places on a person’s machine. The technology is known as a “supercookie” or “evercookie,” a term popularized by programmer Samy Kamkar this fall when he created a program that stores more than 10 such identifiers.
One anti-fraud company, California-based ThreatMetrix Inc., touts its “evercookie” approach in detecting criminals. The company does not disclose every place that it stores identifiers but says it uses browser cookies, files associated with Adobe Systems Inc.’s Flash player and local storage in HTML5, the newest version of the language used to code Web pages, said ThreatMetrix CEO Reed Taussig.