Identification accuracy and confidence

Fingerprint Identification uses many browser details and server techniques to create a unique and stable visitor ID. These details include screen size, operating system, IP address, fonts, and other browser data. By themselves, these may not be accurate, but when combined, they create a unique ID for most visitors. For example, many browsers run on Macs, but fewer have an IP address in Nebraska, and even fewer use the Wingdings font. Each detail helps make a unique fingerprint. With machine learning and other tools, Fingerprint Identification can recognize returning browsers 99.5% of the time.

👍

What about mobile?

The accuracy is even higher for mobile devices. This is because we use signals that last longer than the ones used for browsers.

How Fingerprint Identification tests accuracy

As part of its normal process, Fingerprint Identification adds a cookie to each visitor’s browser. For more details on cookies and privacy rules like GDPR, visit our privacy and compliance page.

We can identify browsers with cookies with 100% accuracy. This helps us measure how accurate other identification methods are. Below are the formulas for visitor ID accuracy without a cookie and the total accuracy of the Fingerprint system.

On average, our visitor identification method is 99.5% accurate across all our customers.

Fingerprint Identification vs. cookies?

Cookies are accurate, but they aren't always available because users can delete them or use incognito mode. Fingerprint Identification is more reliable because it creates a unique visitor ID without needing cookies. It also stores the history of all attributes used for identification. Even in incognito mode, these attributes stay the same, making it easy to identify users. When users upgrade their browsers, enough details remain the same to keep identifying the browser accurately.

False positives

Sometimes, two different visitors might have the same browser details. When this happens, we might give them the same visitor ID, causing a false positive. On average, Fingerprint customers see a false-positive rate of about 0.5%.

Confidence score

When you make an identification request, the response contains a confidence score.

{
  "requestId": "8nbmT18x79m54PQ0GvPq",
  "visitorId": "2JGu1Z4d2J4IqiyzO3i4",
  "confidence": {
    "score": 0.995,
    "revision": 1.1
  }
}

The confidence score shows how sure Fingerprint is that a browser or device hasn’t been wrongly identified as another. This score is a floating-point number between 0 and 1, with higher numbers meaning more confidence in the identification accuracy.

📘

How is confidence score different from accuracy?

Fingerprint Identification accuracy reflects the probability of correct identification across all identification events. A confidence score is issued for each identification event and reflects our estimate of the probability of correct identification for that event.

Using the confidence score in your application

You can use the confidence score to improve security and user experience, for example:

• Request extra verification: To prevent account takeover, you can ask for more authentication, like a one-time code, for browsers or devices with a confidence score below 0.95.
• Personalize the experience: Offer a customized experience to returning anonymous users if their browsers are identified with a high confidence score.

These thresholds are just examples. The best score for your app will depend on your needs and may require testing to find the right fit.

How is the confidence score calculated?

In simple terms, the confidence score is calculated as

confidenceScore = 1 - falsePositiveProbability

falsePositiveProbability is the chance of a false-positive result based on our experiments.

First-time browsers (or devices)

Fingerprint identifies a browser (or a device) as new only when it cannot find a match for this browser in your data. Since a match cannot be found for first-time browsers, the probability of this browser being misidentified for another existing browser (i.e. falsePositiveProbability) is 0, and hence the confidence score for such new browsers (or devices) is 1.0.

📘

Can an existing browser be identified as a first-time browser?

Yes. In those rare cases, the confidence score will still be 1.0. This is because the confidence score does not reflect the probability of a false-negative identification.

Returning browsers

💡

Did you know?

You can use the visitorFound property to distinguish between first-time browsers and returning browsers.

Fingerprint identifies returning browsers (or devices) using either one of the following two methods:

1. Deterministic Identification
   This method relies on properties (e.g. cookies) that can uniquely identify a given browser (or a device). The uniqueness of these properties makes it impossible for one browser to be identified for another (i.e. falsePositiveProbability is 0); hence the confidence score for events identified deterministically is 1.0
2. Probabilistic Identification
   When deterministic properties are unavailable (e.g. switching to incognito mode, etc), Fingerprint uses probabilistic identification. This method relies on various properties collected from the browser (or device), which are then combined to create a visitor ID. See The Top 7 Browser Fingerprinting Techniques Explained to learn more about identifying browsers using probabilistic methods.
   For two identical (e.g. same version, same locale, etc) browsers, these properties may not differ, causing Fingerprint to incorrectly identify one browser for another (i.e. falsePositiveProbability is greater than 0). Therefore, the confidence score for events identified probabilistically is always less than 1.0

Example