The device fingerprint mobile app SDK enables you to easily identify
The device fingerprint mobile app SDK enables you to easily identify and block bad actors. It collects technical data about the device including OS version, configuration settings and other relevant details to create a unique device fingerprint which can be used across multiple services. This allows you to quickly detect and block risky behaviors such as account takeover (ATO), fake accounts, emulators, duplicate accounts, etc.
Unlike fingerprinting from a browser, the device fingerprint is collected from the actual hardware of a device. This method is more reliable and accurate as it is not dependent on browser plugins, fonts and user agent, which can be manipulated. Using this technology also makes it possible to use fingerprinting on apps running on Android or iOS devices.
Fingerprinting from a mobile phone or tablet is based on a sensor, which can read the ridges and valleys in a user’s prints to verify their identity. The sensor is positioned on the rear of the device and can be used with a touch or by scanning the ridges of a thumb or index finger. In addition, a mobile device can capture multiple digits at once, allowing for quicker identification.
When it comes to security, the fingerprinting process is much more secure than a password or PIN. It can only be accessed by the device owner, which eliminates the possibility of a hacker or unauthorized user accessing the fingerprint data stored on the device. In order to ensure the safety of the fingerprinting data, it is encrypted and sent over an SSL connection.
While Apple manufactures both the hardware and software of its iPhones, they allow third-party developers to integrate Touch ID into their applications through a limited set of APIs (application programming interfaces). On the other hand, Google’s open source Android platform is used by different manufacturers to customize it with proprietary features. This can lead to inconsistent security practices from one manufacturer to another.
To help address these inconsistencies, OAAM has a device fingerprint mobile app SDK that enables you to securely integrate fingerprint authentication into your applications. The SDK is built into your application and uses a REST service layer to collect a variety of device data from the Android or iOS devices running it. The data includes the application ID, OS version, IMEI/MAC, one-time fingerprinting value and GPS/triangulation location. This information is used to identify the device, run a risk evaluation and determine whether or not to authorize the user for login and access.
In OAAM’s admin console, you can see this fingerprinting data on the Login Session Details and Fingerprint Details pages. The Login Session Details page shows all login sessions where a fingerprint was generated for that device for a given session date range, while the Fingerprint Details page displays the data associated with a specific fingerprint. The Fingerprint Details page can be sorted and filtered by various data fields. You can also search login sessions by the Fingerprint ID.