Unique device identification

Question

We are developing in-house web-based application for viewing data reports while targeting on smartphones and tablets  Our customer asked us for possibility that only certain devices could access the content  Hence we use technologies based on javascript HTML5 we are no capable of reading unique ID like IMEI or device uuid  The idea is to be able to automatically create time-independent fingerprint of device with above mentioned technologies   The question is are we able to create unique device fingerprint with javascript HTML5   The clue might be information available or known by browser  e g  http   browserspy dk

User · Answer

You can use this javascript plugin

https://github.com/biggora/device-uuid

It can get a large list of information for you about mobiles and desktop machines including the uuid for example

var uuid = new DeviceUUID().get();

e9dc90ac-d03d-4f01-a7bb-873e14556d8e

var dua = [
    du.language,
    du.platform,
    du.os,
    du.cpuCores,
    du.isAuthoritative,
    du.silkAccelerated,
    du.isKindleFire,
    du.isDesktop,
    du.isMobile,
    du.isTablet,
    du.isWindows,
    du.isLinux,
    du.isLinux64,
    du.isMac,
    du.isiPad,
    du.isiPhone,
    du.isiPod,
    du.isSmartTV,
    du.pixelDepth,
    du.isTouchScreen
];

User · Answer

I have following idea how you can deal with such Access Device ID  ADID   Gen ADID  prepare web-page https   mypage com manager-login where trusted user e g  Manager can login from device - that page should show button  quot Give access to this device quot  when user press button  page send request to server to generate ADID server gen ADID  store it on whitelist and return to page then page store it in device localstorage trusted user now logout   Use device  Then other user e g  Employee using same device go to https   mypage com statistics and page send to server request for statistics including parameter ADID  previous stored in localstorage  server checks if the ADID is on the whitelist  and if yes then return data  In this approach  as long user use same browser and don t make device reset  the device has access to data  If someone made device-reset then again trusted user need to login and gen ADID  You can even create some ADID management system for trusted user where on generate ADID he can also input device serial-number and in future in case of device reset he can find this device and regenerate ADID for it  which not increase whitelist size  and he can also drop some ADID from whitelist for devices which he will not longer give access to server data  In case when sytem use many domains subdomains te manager after login should see many   quot Give access from domain xyz com to this device quot  buttons - each button will redirect device do proper domain  gent ADID and redirect back  UPDATE Simpler approach based on links   Manager login to system using any device and generate ONE-TIME USE LINK https   mypage com access-link ZD34jse24Sfses3J  which works e g  24h   Then manager send this link to employee  or someone else  e g  by email  which put that link into device and server returns ADID to device which store it in Local Storage  After that link above stops working - so only the system and device know ADID Then employee using this device can read data from https   mypage com statistics because it has ADID which is on servers whitelist

User · Answer

It looks like the phoneGap plugin will allow you to get the device s uid    http   docs phonegap com en 3 0 0 cordova device device md html device uuid  Update  This is dependent on running native code   We used this solution writing javascript that was being compiled to native code for a native phone application we were creating

User · Answer

You can use the fingerprintJS2 library  it helps a lot with calculating a browser fingerprint   By the way  on Panopticlick you can see how unique this usually is

[javascript] Unique device identification

Examples related to javascript

Examples related to jquery

Examples related to html