Infographic: Journey Through ‘The Garden of Identifiers’


ADOTAS — They say April showers bring May flowers, and here we are in May with everything blooming. Like those pesky dandelions sprouting up everywhere, there’s a profusion of approaches to recognizing and reaching online audiences: cookies, Apple identifiers, Google identifiers, device recognition and more. It’s a regular jungle out there!

To help make sense of this bumper crop of technologies, AdTruth has released a new infographic: “The Garden of Identifiers.” It introduces many of the various approaches, describes their uses, explores the search for a “super identifier” and helps explain the concept of performance.

The Garden of Identifiers


  1. This characterization seems really off-base on several counts – particularly on what constitutes a device ‘fingerprint’ and how that differs from ‘Device Recognition’ (most operators I have met would say it doesn’t). I would characterize ID types as follows:

    1. Web Cookies

    2. Proprietary ID’s: Exist only within the various ‘walled garden’ environments that promote them

    3. Software Extension: This is a fairly vague category of tricks/techniques folks use to read or set identifiers that are not normally available; These range from the innocuous, in which consumers opt-in to the installation of a plug-in or other software that will persistently identify them and/or collect their web viewing behavior for commercial analysis (e.g. Nielsen online plugins and utilities) to the malicious (adware, spyware, etc.). Normally I would lump my MAC address into this category since you’d have needed something other than an http request to discover it. This category would also include Flash local shared objects, other plug-in application persistent storage and HTML5 localStorage objects where applicable. I think the authors may have confused this type of invasive identification with device fingerprinting because some vendors of software extension technology have downplayed its seriousness by describing it as ‘fingerprinting’. Unauthorized software extension is where the real invasive, poison identifiers are created and used.

    4. Device Fingerprinting (Recognition): This technique allows a website or other remote system to possibly recognize a visitor from one request to another, even without the use of cookies. At its simplest I may observe a visitor’s IP address and USER_AGENT string and potentially recognize them later. More sophisticated systems may actively poll various helpers and plug-ins to more specifically characterize a particular system. Contrary to the infographic’s assertion, device fingerprints do not ‘permanently identify’ a device, they change all the time (if my IP address changes or I upgrade my system, for instance). These are the anonymous characteristics used to probabilistically recognize visitors.

    I thought that I would need to back up my assertions from my own experience, but someone has posted a great article accurately characterizing device fingerprinting on Wikipedia under the heading “Device Fingerprint” – check it out. And happy (effective, privacy-compliant) online marketing!


Please enter your comment!
Please enter your name here