Forum Discussion
Christian_Schlegel
Microsoft
MicrosoftAdditional commonly asked Q&A related to ‘Device Fingerprinting’ in DFP continued
We're excited to keep our weekly spotlight series going on various topics within our Microsoft Fraud Protection Tech Community to help you maximize the benefits of Microsoft Dynamics 365 Fraud Protec...
Is it possible that several unrelated customers get the same device fingerprint id? And if so why?
Christian_SchlegelMicrosoft
MicrosoftYes, it is possible for several unrelated customers to get the same device fingerprint ID. This can happen due to several reasons:
- Shared Devices: If multiple customers use the same device, such as a public computer or a shared tablet, the device fingerprint ID generated will be the same for all users of that device.
- Similar Device Configurations: Device fingerprinting relies on collecting various attributes like hardware information, browser information, geographic information, and IP address. If two devices have very similar configurations and settings, they might end up with the same or very similar device fingerprint IDs
- Network and Proxy Usage: If customers are accessing the service through the same network or proxy, the IP address and some network-related attributes might be the same, leading to similar device fingerprints.
- Limited Attribute Variability: In some cases, the attributes collected might not be diverse enough to uniquely identify each device, especially if the devices are from the same manufacturer and model.
These factors can contribute to the generation of identical or similar device fingerprint IDs for different customers. If you have any more questions feel free to ask.
1.Overview of device fingerprinting - Dynamics 365 Fraud Protection | Microsoft Learn
2. Attributes in device fingerprinting - Dynamics 365 Fraud Protection | Microsoft Learn
Hey Christian
Thanks for your response.
It makes sense that in these cases we get the same or similar IDs. However, when I check some of the response JSON files, I find different True IPs, different Device Cities, different Carriers, etc., but still the same Device ID, and that doesn't make sense to me. Any idea what might be causing this?- Christian_Schlegel
Hi Flaviov, regarding your observation of different True IPs, Device Cities, Carriers, etc., but still having the same Device ID, this can be due to the following reasons:
- VPNs and Proxies: Customers using VPNs or proxies can appear to have different IP addresses, cities, and carriers, even though they are using the same device.
- Dynamic IP Addresses: Many internet service providers assign dynamic IP addresses to their customers. This means that the IP address can change frequently, even though the device remains the same.
- Mobile Networks: Mobile devices often switch between different networks and carriers, which can result in different IP addresses and locations being reported.
- Device Fingerprinting: The device fingerprinting mechanism might prioritize certain attributes over others when generating the Device ID. This means that even if some attributes like IP address and location change, the core attributes used to generate the Device ID remain the same.
These factors can contribute to the discrepancies you are observing in the response JSON files. Feel free to let us know if you have any more questions.
Hi Christian
Thanks again for the fast replay.
When you say "using the same device" do you mean they use the same smartphone model with the same browser, configs etc. or they are using actually the same device?
If the first one applies, I would expect from a device fingerprint logic that it uses the additional information as location, ip etc. and we get different fingerprints, otherwise it wouldn't be very useful.
If the later one is what you mean, 1-3 wouldn't make sense, as we know they don't use the same smartphone or computer or so.
As device fingerprints seem to be important for fraud detection, I try to figure out why we get the same Device Fingerprint for customer with unrelated data expect just some of the device information (as Platform, Plugins and Screen Resolution).
We observe this not in particular fraudulent Orders or Customers but in general.
