Traditional DF may be struggling to keep up, but when combined with other identification signals, it can come back stronger than ever. Location is one of those signals.
The locations that a person frequently visits and the locations from which they conduct their online transactions can be incredibly strong indicators of their true identity. The pattern of movement that they take from their home, to their work, to their favorite coffee shop, to other places of interest is a highly unique one. When this location behavior pattern is combined with device intelligence, it’s unique enough to use as a new, stronger fingerprinting method.
Bringing location into the mix fills in the gaps left by traditional device fingerprinting and creates something much stronger. For example, location fingerprinting is capable of re-identifying the same device even after it’s been factory reset, a longstanding vulnerability with traditional DF.
Location fingerprinting is also unaffected by other types of device attribute manipulation like changing the screen resolution, updating the operating system, adding or deleting apps, changing the browser, and so on. Where a user lives and works is much harder to change than their device's attributes, making location fingerprinting much more resilient or ‘stickier’ than DF.
As powerful a signal as location is, it still has to be configured properly to work at its strongest. Tamper-resistance is a must-have when using location for fraud detection and prevention or for authentication. Without tamper-resistant location technology, fraudsters can use widely available GPS spoofing apps or VPNs to mask and manipulate their true location. Using multiple location signals, such WiFi, Bluetooth, and GPS combined, can help create a comprehensive picture of a device’s location that’s impossible to spoof without detection.