The Double Edged Sword: Identifying Authentication Pages and their Fingerprinting Behavior
Asuman Senol, Alisha Ukani, Dylan Cutler, Igor Bilogrevic
Abstract
Browser fingerprinting is often associated with cross-site user tracking, a practice that many browsers (e.g., Safari, Brave, Edge, Firefox, and Chrome) want to block. However, less is publicly known about its uses to enhance online safety, where it can provide an additional security layer against service abuses (e.g., in combination with CAPTCHAs) or during user authentication. To the best of our knowledge, no fingerprinting defenses deployed thus far consider this important distinction when blocking fingerprinting attempts, so they might negatively affect website functionality and security.
Topics & Concepts
SWORDComputer scienceAuthentication (law)Computer securityWorld Wide WebUser Authentication and Security SystemsAuthorship Attribution and ProfilingDigital and Cyber Forensics