CyberSource Device Fingerprint and the GDPR
BlogCyberSource device fingerprint is a security method that uses data points collected from hardware and software configurations to identify devices and browsers. The data is normalized and then analyzed to create a unique fingerprint, often called a device hash. This fingerprint is used to verify the identity of a device or browser and can be compared against previous fingerprints for detection of suspicious activity. This is a powerful and effective fraud prevention technique that works well when combined with other fraud management methods, like email authentication, to provide a layered defense against fraudsters.
The biggest benefit of device fingerprinting is its ability to reduce chargebacks by verifying the identity of a device and ensuring it is safe to use for online purchases. This helps prevent unauthorized access to customer accounts, even if the user has the password and one-time code for multifactor authentication (MFA). It also helps combat IP address spoofing, where criminals try to hide their location or make it appear that they are using a trusted device by changing the source IP address.
Understanding CyberSource Device Fingerprinting: A Primer
Device fingerprinting is also useful for detecting bots, which are automated programs that perform malicious actions such as scraping data or attacking websites with Distributed Denial of Service (DDoS) attacks. Device fingerprinting can help differentiate legitimate user interactions from bots by analyzing a combination of attributes such as the operating system, language settings, installed fonts and plugins, screen resolution and more.
As a privacy-sensitive technology, device fingerprinting must be implemented responsibly and in compliance with regulations designed to protect end users’ personal information. In this article, we’ll review cybersecurity use cases for device fingerprinting, how it relates to user privacy and the impact of the GDPR on business use of this technology.