Is javascript fingerprinting becoming obsolete?

Question

Okta recently sent out an email to admins about changes to their new device detection strategy. According to them:

Due to browser advancements in anonymous web browsing, JavaScript fingerprinting techniques are quickly becoming obsolete. Google, Mozilla, Microsoft, and Apple are working to improve privacy, gradually resulting in inaccurate fingerprint detection.

How accurate is this claim that javascript fingerprinting techniques are quickly becoming obsolete? This would have a major impact on multiple industries, including marketing, security (as evidenced by this email), and fraud detection.

I'd personally love to see all browser fingerprinting be hamstrung but I have to doubt that it's going anywhere but forward.

Answer 1

Fingerprinting is a cat and mouse game. Trackers are always finding new undocumented features that respond differently on each system, and browser makers always closing them as soon as they can. That's the "quickly becoming obsolete" part.

That means it does not work anymore? Not at all. It's that older fingerprinting tricks (those ancient ones from last year) don't bring as much as information as "back in the day." But newer ones will keep being developed and used, and browser vendors will keep plugging the holes.

An as privacy is looking more important now than was in the past, more and more people are aware of tracking, and using anti-tracking browsers and/or extensions. And I don't believe security and anti fraud industries are being heavy hit by this. Ad and tracking are being more impacted.

Fraud does not rely that much on fingerprinting, it's just one data point on the set. They have lots of points, and not knowing the browser being used will not blindfold them. But accessing, say, Amazon with a blank browser with no history at all makes impossible to them to profile me.