I work @ FingerprintJS - a fully-remote startup working to prevent online fraud. Looking to connect with the community for feedback on our open source projects, answer questions, and whatever!
Our company (FingerprintJS) focuses on using browser fingerprinting as one tool of many to fight online fraud. Generally, a very small percentage of a website's traffic is responsible for the lion's share of fraudulent activity - cracking account logins, testing stolen credit cards, etc. By identifying fraudulent visitors via first-party tracking, websites can require additional authentication or other security workflows without gumming up the user experience for everyone else.
As far as ensuring that our paid product is used for anti-fraud reasons, we do work to ensure our customers are GDPR compliant, as sites using browser fingerprinting need to follow the same rules as cookies. Our pricing model also makes our solution not particularly viable for advertising use cases, which requires a very high volume of tracking.
For our open-source project, we can't control how our solution is used (and browser fingerprinting is already endemic on the web), but we feel that being transparent about the technology is better for the developer community at large.
Professional web developer and hobbyist programmer from the Welsh Marches. I'm particularly interested in performance, accessibility, and reducing carbon emissions from software.
I fully appreciate that controlling how your product is used is basically impossible on the web. Saying that your product focuses on fighting online fraud (and that what you do is already endemic on the web), however, does feel like a bit of a cop-out; as it totally ignores the implications of any other possible uses people might make of it.
For me personally (and I'm sure for many others), spying on everyone who visits a website in-case they are one of the small percentage of bad actors mentioned does not feel like a reasonable trade-off to reduce additional authentication. Especially as that is a trade-off that is almost certainly being made without a visitors consent or knowledge.
I appreciate you being open and transparent with the developer community, but how open and transparent is your company being with visitors?
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hi Pankaj!
Our company (FingerprintJS) focuses on using browser fingerprinting as one tool of many to fight online fraud. Generally, a very small percentage of a website's traffic is responsible for the lion's share of fraudulent activity - cracking account logins, testing stolen credit cards, etc. By identifying fraudulent visitors via first-party tracking, websites can require additional authentication or other security workflows without gumming up the user experience for everyone else.
As far as ensuring that our paid product is used for anti-fraud reasons, we do work to ensure our customers are GDPR compliant, as sites using browser fingerprinting need to follow the same rules as cookies. Our pricing model also makes our solution not particularly viable for advertising use cases, which requires a very high volume of tracking.
For our open-source project, we can't control how our solution is used (and browser fingerprinting is already endemic on the web), but we feel that being transparent about the technology is better for the developer community at large.
I fully appreciate that controlling how your product is used is basically impossible on the web. Saying that your product focuses on fighting online fraud (and that what you do is already endemic on the web), however, does feel like a bit of a cop-out; as it totally ignores the implications of any other possible uses people might make of it.
For me personally (and I'm sure for many others), spying on everyone who visits a website in-case they are one of the small percentage of bad actors mentioned does not feel like a reasonable trade-off to reduce additional authentication. Especially as that is a trade-off that is almost certainly being made without a visitors consent or knowledge.
I appreciate you being open and transparent with the developer community, but how open and transparent is your company being with visitors?