Android device fingerprinting is one of the main methods used by marketers to track users across apps. However, Apple recently made it more difficult for mobile ad networks and other third parties to track iOS users with the release of iOS 14.5 that requires apps to get permission before tracking. In addition, it changed its developer terms of service to combat the technique and add an additional anti-tracking clause.

This new restriction on iOS device fingerprinting will require developers to explain the reasons for every API (application programming interface) that they use to access signals from a device. This includes a wide range of information such as the active keyboard, disk space properties, file timestamps and system boot time. While some of this data may not seem personal or private, it can be combined to create a unique device fingerprint and identify the user even without their consent.

Beyond Cookies: How Mobile Device Fingerprinting Revolutionizes User Identification

The good news is that some apps already use a small set of well-defined properties that are highly specific and hard to discover. This makes it possible to build a device fingerprint detection solution that works with the most commonly used SDKs and detect the majority of the popular fingerprinters.

It is important to look for a device fingerprinting solution that creates unique risk profiles based on a wide range of attributes. This way you can find risks related to secondary packaging, Android emulators (including cloud simulators), virtualization tools and offer wall software. In addition, ensure that the solution is robust and complies with data protection standards such as GDPR and CCPA.