What is fingerprinting?

Collecting and analyzing unique device and user data to create a distinct identifier for a user during a specific point in time, such as when someone clicks on a specific link. Marketers and app developers use fingerprinting to track user behavior, create user profiles, or attribute an install to a specific ad.

Fingerprinting is an mobile identification technique that relies on matching a “snapshot” of the user’s device at the time of the click. The snapshot collects information such as: user agent, operating system, and IP. If possible, other parameters like screen size may also be captured. This is then used to attribute installs.

For example, if a user interacts with an advertisement and gets directed to install the app, a fingerprint is taken of the user’s device. After the app is opened a similar snapshot is taken and the attribution provider scans its database of recent clicks to find matching fingerprints. Once a match is found, the advertiser gets attributed to the install.

Deficiencies of fingerprinting

Fingerprinting is very efficient when the timespan from click-to-install is relatively short—roughly within a few hours. Here’s how fingerprinting works:

  • When the user clicks a link, the network generates a web fingerprint based on ephemeral device data including IP address, OS version, screen resolution, click time, and more.
  • When the app opens for the first time after install, the network generates a corresponding app fingerprint using the same data.
  • If two fingerprints match, the user is deep linked.

Here’s the problem: these fingerprints are often so similar that 30%-40% of them get paired to a completely different user (e.g., if you’re on shared wifi or a busy cell tower, the error rate can be over 50%). Fingerprints also start decomposing as soon as they are taken, which means they become pretty much useless within an hour or two. Attribution networks typically claim to offer some sort of advanced fingerprint filtering algorithm, but you can’t make gold out of dirt — the entire process is inherently inaccurate. Before you know it, fingerprint matching errors mean Jack is walking across that bridge you built for Sarah. Unfortunately, this is a fundamental flaw and even with complex processing algorithms, it cannot be solved effectively.

It’s important that you find a cross-platform attribution solution that goes beyond fingerprinting to minimize misattribution of app install sources.

The Dark Horse of WWDC 2023: Privacy Policies Finally Get Real

At WWDC23 Apple made no privacy policy changes this year, but they have come up with an array of new things that are designed to help developers more easily comply with the policies already in place…and prevent compliance "mistakes" (whether accidental or otherwise).