Why blocking fingerprinting does not stop account bans
OCTOBER 14, 2021 | FINGERPRINTS
So, you’ve been running multiple accounts or storefronts and you’ve received the email that puts a stop to all your business activity: “your account has been suspended”. As we’ve previously covered, there is very little you can do to appeal and little chance of reinstatement with platforms like Facebook Business.
The automatic next step for many people is then often to say that the solution must be to block browser fingerprinting, or, in other words, to block attempts by websites and platforms to build up a trackable identity for you.
This is however the exact opposite of what you should do.
The instant a website that is on the lookout for what it considers malicious activity is faced with an attempt at blocking its attempts to understand your identity, you will be flagged as suspicious – and back to the square one of a banned account.
What about device spoofing?
So, if blocking fingerprinting doesn’t work, then what about mimicking or spoofing another device? This way, multiple profiles would be able to be accessed from a single device.
Unfortunately, this is also fraught with problems.
Once upon a time, this might have been a relatively simplistic operation. It might have been a case of simply modifying the User-Agent string, but these days that gives the game away immediately.
For example, they might decide to change the operating system type. All well and good, until you realise the level of detail of other elements which would need to be changed and the danger of these mismatching.
If you’re spoofing a specific OS – let’s say a mobile one like Android – every corresponding detail needs to be matched. This can be from the obvious, like ensuring screen resolution matches a mobile and not a laptop, to the less immediately obvious, such as having the X and Y values of a browser window permanently set at 0, as mobile browsers can’t be resized. And what about smaller details like fonts? Not all systems will have the same list.
As we go into greater detail about in our research article, ‘Why mimicking a device is becoming almost impossible’, the list and complexity of criteria to be spoofed goes on – and almost no business has the resources to invest in covering all these bases individually.
What is the best way to stop account bans?
The most reliable way to stop your accounts from being banned, then, has to have two key elements:
It mustn’t stop browser fingerprinting efforts, or it will lead to a ban
It must be authentic and true-to-life, or it will be quickly identified
This is where Multilogin comes in. We use native browser profiles that allow browser fingerprinting as they appear as natural devices to third parties, with the ability to customize your profile down to granular levels. Our software is supported by the work of our expert in-house cyber security researchers, who have helped us to stay well ahead of the pack in the field of browser fingerprinting.