Login/Register
is it possible to get a unique identification number from a mobile device?
Asked Answered
Solved browsermobileuniqueidentifier
C

6

34

I am currently working on mobile device web applications, and I was wondering if there is some sort of unique id number per device that could be detected via the browser.

The purpose would be to store this number in order to recognize people who already visited the site.

I was working with bluetooth quite a lot, and there some sort of mac address you can store when you detect a device, and I was using this as Id number, so that's my question, is there a general ID number I can detect from the browser...?

Thanks.

Catacaustic answered 28/7, 2010 at 10:22 Comment(2)
I'd hate it if I could be recognized from one single ID through a browser. I could be tracked everywhere. Because browser designers know this too, I suppose you'll have to leave a cookie.Johnsiejohnson
lol you're deceiving yourself if you think your mobile phone is not already a tool allowing people to track you everywhere... In my case I do not intend to "track" people for bad purposes, I just want users not to have to load the intro pages etc a second time... Cookies would work but what if they're disabled or if the device doesn't support it...Catacaustic
C
41

Well after further research, the answer is: No, it's not possible right now to get a mobile device id number from its browser...

A solution I found is to generate a "unique" number (in my case I worked with php, so I used the session_id() number mixed with a number generated with the rand() function, it ends up being a quite big number that will hardly occur twice...) and then store it in a cookie that never expires.

It's not a perfect solution, as it will not work if cookies are disabled or if the user clears his cookies, but actually after using it for sometimes now, it turns out that it is working quite well, mobile device mostly have cookies enabled, and the users don't seem to clear them often...

Also (depending of your application) if you store an email or a username and then associate it with this "unique" number into a database, you can even recover someone's identity and store a new cookie by asking him his username or email again...

Hope this will help some people!

Catacaustic answered 18/10, 2010 at 13:32 Comment(1)
Thanks for this workaround. What if user uses different browser on same device?Dottydoty
K
4

Sam Greenhalgh just found a way of setting a device ID via "Super Cookie":

http://www.radicalresearch.co.uk/lab/hstssupercookies (archived link)

Kaiserslautern answered 11/1, 2015 at 21:55 Comment(2)
The idea behind it is good, but the hsts super cookies arent supported on all browsers, so it's still not a complete solution... although I find these super cookies freaky :)Catacaustic
The ability to use HSTS to identify devices is an unintended side effect of the feature. I wouldn't recommend it for any kind of production system.Herdic
S
2

I know this is old - but I found this and wanted to share my thoughts on the OP's next best thing using GUID type numbers.

Unless you need the security of a HUGE non-guessable identifier - it makes more sense for the server to create a simple counter instead - e.g start at ~100 and for every visitor that doesn't already have your cookie use max(counter) + 1 to create their new cookie.

Now you have a very short and 100% unique identifier that you can store for both client and server.

Also, as you mention storing an email address is also useful, in theory the email address should be unique - not only that - it is cross browser compatible. i.e their cookie exists on one browser - but when going to a new browser, if they enter the same email address you can map to their original connection profile.

Although you mention this and its true, it is also important to note that anyone putting in dodgy data e.g. [email protected] will likely be loaded up with another users history. i.e in your case - a brand new user putting in [email protected] will not get to see the intro pages.

Stump answered 8/3, 2015 at 12:1 Comment(0)
L
2

This is an old question. Hope this helps someone in future.

Although "Experimental", MDN Web Docs now has a method to get deviceID. Except IE, all browsers are supported at this time. This solution seems to be better than nothing - as the ID is not reliable and I have to fill gaps with some custom workaround.

The deviceId readonly property of the MediaDeviceInfo interface returns a DOMString that is an identifier for the represented device and is persisted across sessions. It is un-guessable by other applications, and unique to the origin of the calling application. It is reset when the user clears cookies. For private browsing, a different identifier is used that is not persisted across sessions.

var deviceID = MediaDeviceInfo.deviceId
Lyndsaylyndsey answered 18/1, 2021 at 9:51 Comment(1)
This is only for connected media devices like headphones and not for those visiting the website, right?Prelature
L
0

In some countries carriers include some id in http headers when consumer is browsing through WAP gateways. There is some aggregators with APIs for consumer identification, normaly it works only when consumer is browsing through WAP gateways too.

Libidinous answered 28/7, 2010 at 13:2 Comment(1)
ok, thanks for the info, but with all the new devices running on 3g connections, I guess this is not helping...Catacaustic
C
0

I'm doing something similar but for a HTML local page for stocking ids in localstorage and eventually update to server: - taking the date in epoch ms - and then replace the leading number with a random number (foolish hope to limit the size of the number) Somehow I think mobile are more likely to be on time.

Cahan answered 29/7, 2011 at 15:30 Comment(2)
is this really related? I don't really understand what you're talking about!Catacaustic
I re-read your original question which I browse when I was working on my issue which is more limited indeed: single user on different devices. So from your point of view you're probably right. Sorry.Cahan

© 2022 - 2024 — McMap. All rights reserved.