In my company’s opportunity discovery process (a fancy industry term for “what delights our users, what do they want us to build?”), we learned that providing users with a completely free trial was essential. At LanguageConvo, we taught foreign languages online; our niche was 1-on-1 and small group classes in a custom-built online classroom with teachers located in native-speaking countries.
Potential customers were initially very skeptical:
- Is learning in an online environment effective?
- Are these international teachers good at teaching?
It is for most people, and our teachers were fantastic; if we could get users into a free trial lesson with one of our teachers, conversion rates were high. The problem: fraud, people signing up multiple times for multiple free trial lessons.
What is browser fingerprinting?
Browser fingerprinting isn’t well known in the web dev world, which I don’t find surprising; it’s not something you’ll commonly use in everyday web or mobile application development. Browser fingerprinting is the process of capturing information about users from the data their browser exposes and using that data as a unique signature to identify users. You’ll gather information from browser APIs and HTTP requests: IP address, user agent, time zone, browser permissions, and much more. The list is incredibly extensive.
Get on the Google, search “browser fingerprint test” and take a look at the first few results. I think you’ll be surprised at the amount of data your browser exposes!
💡 Obviously GDPR and other laws come into play in a big way, so make sure you’re following applicable laws.
How accurate is it?
Incredibly accurate, even against black hat actors who know what they’re doing. As you’ll see in online fingerprinting tools, the amount of data browsers expose is surprising. You can use adblockers, VPNs, etc., and you will still expose enough data to uniquely identify yourself. Browsers expose the list of installed fonts on your system for goodness sake! If you take just that one single data point, a list of installed fonts, and hash it, you can be fairly accurate at identifying users. And that’s just one small touch point in the fingerprinting world.
Fingerprint.com claims a 99.5% accuracy rate, and I don’t doubt that number.
Implementation
This is a build vs. buy decision, and I usually lean toward buy in these scenarios. Fingerprint.com is one of a few off-the-shelf solutions available, the only one I’ve personally used in production. It’s easy to implement, accurate, and affordable for most use cases.
That said, it depends on the value to your organization. You can build basic fingerprinting solutions yourself; in a scenario where you want to allow newly signed-up users to take advantage of a free trial:
- Use browser APIs to record as much data about each user as possible (again, make sure you’re clearly informing them that you’re doing this)
- Store that data in your database
- Each time a user requests or begins a free trial, have a back-end process parse through the data of previous free trial users and look for matches
It's easier said than done. Users with basic skills can use a VPN or adblocker so their fingerprints won’t match exactly. Your back-end can attempt to create a likelihood score, a percentage chance that the user starting this free trial matches another user who did so previously. Doing that well isn’t easy, especially as browsers continually update, changing what data is available via their APIs. I recommend looking at off-the-shelf solutions, and only if they aren’t affordable for your use case, explore the possibility of building your own implementation.
With a well-implemented fingerprinting solution, you can confidently provide free trials to users while minimizing fraud!
Top comments (0)