Await for Privacy Sandbox system of Android 13? Knowledge base of device fingerprint: 62V Sec expert

Author: Doff Category - Mobile - Security

Google developers announced that they will roll out a "Privacy Sandbox System" to devices running Android 13 beginning early next year. This sandbox devotes at protect Android users from covert tracking. But how can a software steals user's privacy? Let's know more about device fingerprint. (62V.NET)

User Tracking

User Tracking And Analytics

Starting from 2008, user tracking technology was become more and more important for company to analyse their users. Such as "Big Data" and "AI User Behaviour Prediction" technologies were used to push advertisement precisely. Your online shopping data, traveling, transactions, stored photos, contacts, phone number will all being collected by softwares you installed.

Beginning from 2016, software security industry need those data for secure company from cyber attack too. So "Big Data" and "AI User Behaviour Analysis" are popular industries that companies need to. Many companies have setted up a department for user analytics such as "TikTok" and "Meta". The most important part of user analyse is how to identify the same user in different softwares even different devices, the device fingerprint is the solution.

Is he/she the same person?

Beginning on Android 6, user may reject the "Phone Information Permission" which was used to collect IMEI(International Mobile Equipment Identity) of device in the past for identify device whether software was being uninstalled and reinstalled.

IMEI may share by different corporations for user habit and behaviour analyse. e.g. an online shopping app named "Himalia" apply for your IMEI, then share your shopping data and IMEI to a short video app named "Titio", if you had given the same IMEI to "Titio", "Titio" will know what you buying recently, and "Himalia" will know what short videos you see recently, then you will lose your privacy because of you leak your IMEI. Your phone's IMEI will not change even you reset your phone, so Google Android team had rolled out dynamic dangerou permissions request system on Android 6.


Device Fingerprint

Some users don't wanna being tracking by softwares they have installed, and some cyber attackers will never share their IMEI to softwares, so software manufactures find out a new way for user identification: device fingerprint.

Except of IMEI, the environment data can be the identifications. The phone model, network internet protocol address, photos and files of device, setting properties, Wi-Fi name(SSID), network location and sensor data can be the keys of association. After the data similarity computation, softwares can match you as the final result in their database. This method of combine software and software and device identification named "Device Fingerprint".

Softwares will no longer collect your IMEI, they can know who you are by device fingerprint. Collecting these data need no dangerous permissions of Android, covertly and silently. Your privacy still unsafe even you enable limit tracking.

Secure your privacy with 62V MetaBull

For companies manager and software engineers, you can use MetaBull for check whether your software obey the privacy policy of your country or not. MetaBull can intercept the privacy access within your software debugging, contact us for further information(click here).

For ordinary users, 62V MetaBull can prevent you from privacy leaking. You can edit your privacy information instead of hard coded from your device, you can edit IMEI, model, app list, network information, schedule, call log and contacts that the softwares will collect for. Discover and download it here (click here). MetaBull can interdict the components of device fingerprint, just enjor the software service in private.


For companies that rely on third party solutions for ad serving or ad measurement, we recommend working with your providers to understand their testing roadmaps and how you can participate in early testing by MetaBull for pass the privacy policy of your country.

For ordinary users, you should notice that is your privacy leaking by ad components of your softwares, you should tryna engage your privacy, do not abandon your privacy for exchange the convenient software service.