Device fingerprinting is commonly used for tracking users. We explore device fingerprinting but in the specific context of use for augmenting authentication, providing a state-ofthe- art view and analysis. We summarize and classify 29 available methods and their properties; define attack models relevant to augmenting passwords for user authentication; and qualitatively compare them based on stability, repeatability, resource use, client passiveness, difficulty of spoofing, and distinguishability offered.

Additional Metadata
Keywords Comparative analysis, Comparative criteria, Device fingerprinting, Multi-dimensional authentication, Passwords
Persistent URL dx.doi.org/10.1145/2991079.2991091
Conference 32nd Annual Computer Security Applications Conference, ACSAC 2016
Citation
Alaca, F. (Furkan), & Van Oorschot, P. (2016). Device fingerprinting for augmenting web authentication: Classification and analysis of methods. In ACM International Conference Proceeding Series (pp. 289–301). doi:10.1145/2991079.2991091