The confidentiality of data in the online environment has become a growing concern for users in recent years. This is because many of the companies operating in this space choose to collect as much data about users as possible, being able to identify them more easily in order to show them relevant ads. Thus, all sorts of methods of anonymizing the activity appeared, from blocking ads to removing cookies. Other companies choose to offer “private” browsers, which cannot be tracked as easily. However, a team of researchers found that all these methods of protection could be useless, as there is a new method of tracking: by identifying the graphics card of the device.
You can only be identified by the “fingerprint” of the video card or graphics chip on your PC or phone
According to a new study conducted by universities in Israel, Australia and France, it seems that each graphics processor (GPU) has a unique “footprint”, which can be easily identified and tracked on the Internet. Thus, it is enough for advertising companies to use this unique identifier in order to create a personalized profile for each computer, thus serving “targeted” ads even when the classic tracking methods are blocked.
The study reveals that this tracking method offers 67% improvement over traditional methods, ie it can identify a user much easier than using traditional methods, such as cookies.
The method of identifying the graphics card involves using a visual element on a site running under WebGL. This allows the site to measure the time it takes to process that item. Because each graphics card is different in manufacture, even all of them are of the same model, with the same components, small variations between them may offer different processing times. These times are then recorded and integrated into an algorithm that creates this “signature” of the device, which is then used to track the user.
The method was tested on a sample of 2,550 different devices, with 1,605 different processor models, and the results proved to be very accurate. The method works on both PCs and mobile devices and does not require the use of other sensors. Basically, you don’t have to give extra permissions when accessing a webpage.
source: archive, via Gizmodo