/
Contact usSee pricingStart building

    About Stytch

    Introduction
    Use cases
    Device Fingerprinting
      Overview
      Fingerprints
    Verdicts
      Verdicts overview
      Allow
      Block
      Challenge
      Not Found
    Getting started
      Device Fingerprinting API
      DFP Protected Auth
    Traffic shaping
      Setting rules with DFP
      Intelligent Rate LimitingBeta
      DFP Protected Auth
    Strong CAPTCHA
      Overview
      Getting started
Get support on SlackVisit our developer forum

Contact us

Fraud and Risk Prevention

/

Guides

/

About Stytch

/

Device Fingerprinting

/

Fingerprints

Fingerprints

A fingerprint is a hashed identifier generated by collecting and combining different low-level signals to form a stable and highly unique identifier of the device accessing your application..

Stytch's Device Fingerprinting product returns multiple fingerprints and identifiers based on information gathered about the hardware, browser and network being used, in order to give you a comprehensive picture of the traffic on your application.

Usage

Rules can be set based on specific fingerprints via our Set Rules functionality in order to customize the behavior for specific devices, or signal sets. Fingerprints can also be tied to other user data to associate known hardware sets, browsers, and other attributes with your user base.

A fingerprint’s uniqueness, stability, and signal set are all factors to consider when determining which fingerprint to use for a given use case.

Fingerprints

Below is an example /lookup response where your application would consume and potentially store fingerprints, followed by a table outlining the distinct qualities of each fingerprint.

For more details on different fingerprint characterstics and usage with our /rules endpoint, see our Settings Rules with DFP Guide.

FingerprintDefinitionUse CasesUniqueness
Visitor IDThe cookie stored on the user’s device that uniquely identifies them.Having a unique identifier for a user.Guaranteed unique
Browser IDCombination of Visitor ID and Hardware Fingerprint to create a clear identifier of a browser.Detecting stolen sessions since the browser ID should only be associated with a single hardware fingerprint.Guaranteed unique
Visitor FingerprintA highly unique, cookie-less way of identifying a unique user based on a diverse set of signals.Enforcing paywalls since the visitor fingerprint will be consistent across incognito mode, or banning specific users in a cookie-less way.99.9% unique
Browser FingerprintCombination of signals to identify a browser and its specific version, on a specific device.Banning a specific user’s browser version across all profiles on multiple user accounts on a given machine.Low
Hardware FingerprintCombinations of signals to identify an operating system and architecture.Detecting proxy or location spoofing since the hardware fingerprint will be stable across different locations.Low
Network FingerprintCombination of signals associated with a specific network commonly known as TLS fingerprinting.Blocking programmatic access like Golang, Curl, or Node.Low

Usage

Fingerprints