Is there a way to validate the fingerprint (visitor id)? #1068

rampatra · 2025-01-07T21:18:13Z

rampatra
Jan 7, 2025

I use fingerprintjs in my frontend application to compute visitor ids but one can easily pass something else in the api. So, I was wondering if there's a way to validate the visitor id that I receive in the backend?

For now, I can only think of adding checks like 20 characters and contains hex characters. But these checks are very basic. Anyone can bypass these checks.

Valve · 2025-01-07T21:21:46Z

Valve
Jan 7, 2025
Maintainer

For fingerprint.js (client-side version in this repo), it's not possible to validate it.
For the commercial version, we support sealed client results to encrypt the response and decrypt on the backend. An alternative way is to not deliver the visitorID to the frontend and instead receive on the backend through our server API.
This way the visitorID is not even visible on the frontend and on the backend you can pull the visitorID and verify it's fresh using the timestamp.

0 replies

rampatra · 2025-01-08T15:49:58Z

rampatra
Jan 8, 2025
Author

1 reply

Valve Jan 8, 2025
Maintainer

Please look at the source my friend, you will find all the answers there.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Is there a way to validate the fingerprint (visitor id)? #1068

{{title}}

Replies: 2 comments 1 reply

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{title}}

Select a reply

Is there a way to validate the fingerprint (visitor id)? #1068

rampatra Jan 7, 2025

Replies: 2 comments · 1 reply

Valve Jan 7, 2025 Maintainer

rampatra Jan 8, 2025 Author

Valve Jan 8, 2025 Maintainer

rampatra
Jan 7, 2025

Replies: 2 comments 1 reply

Valve
Jan 7, 2025
Maintainer

rampatra
Jan 8, 2025
Author

Valve Jan 8, 2025
Maintainer