Device Fingerprinting

Browser based fingerprinting

Sanctum uses browser based fingerprinting as a security measure to lock an online vault to a device. A few key attributes are collected from the device and assigned to an online vault during creation. Any subsequent interactions with the vaults must also include these attributes to authenticate the vault is being retrieved from the right device. The Haventec fingerprinting algorithm is tolerant to a range of valid events that change the nature of the device (e.g. upgrading your browser version, installing more fonts).

The following details are required to be supplied for interactions with online vaults:

Parameter Type Description
device.browserType string A device metric for browsers that identifies the user's browser, e.g. Google Chrome, Safari, Firefox, Opera, Edge
device.browserVersion string A device metric for browsers that identifies the version of the browser, e.g. 11.0
device.fonts array<string> A device metric for browsers containing a list of all the fonts the user has on their device
device.osType string A device metric to identify the operating system of the user, e.g. Mac OSX

Recommended libraries

Haventec recommends the use of the open source Fingerprintjs2 library to extract these metrics from end users device. For example:

    new Fingerprint2().get(function(result, components) {
      var fonts = [];
      var os = client.getOS();
      var browser = client.getBrowser();
      var browserVersion = client.getBrowserVersion();

      for (var x in components) {
        if (components[x].key == 'js_fonts')
          fonts = components[x].value;

      window['fingerprintInfo'] = {
        fonts: fonts,
        osType: os,
        browserType: browser,
        browserVersion: browserVersion

As an example, the request to create a credit card online vault with the fingerprint details would look like this:

      "application": {
        "apiKey": "319fb437-aabd-4839-8612-74548c9979e5",
        "uuid": "3b82800e-a77a-9271-ab28-f569e5b136cb"
      "device": {
        "browserType": "Chrome",
        "browserVersion": "65.0.3325.181",
        "fonts": ["Andale Mono", "Arial", "Arial Black", "Arial Hebrew", "Arial Narrow", "Arial Rounded MT Bold"],
        "osType": "Mac OS"
      "username": "zeke",
      "vault": {
        "creditCard": {
          "expiryMonth": 5,
          "expiryYear": 18,
          "name": "Zeke Zekian",
          "number": "XXXX-XXXX-XXXX-XXXX"
        "name": "Mastercard"