End-User Device Identification Basics
search cancel

End-User Device Identification Basics


Article ID: 101395


Updated On:


CA Advanced Authentication CA Risk Authentication


How end user device is identified to calculate risk in transactions?


CA Risk Authentication (also known as CA RiskMinder or Arcot Riskfort)


CA Risk Authentication uses to gather the end-user device identification information.

Device ID:

The Device ID is a device identifier string that CA Risk Authentication generates and stores on the end users device to identify and track the device that the end user uses for logging into your online application and performing transactions. The Device ID information is in encrypted format.

Machine FingerPrint (MFP)

Machine FingerPrint (also referred to as Device fingerprinting or PC fingerprinting in industry terms) represents the browser information and device identification attributes. These attributes include operating system, installed software applications, screen display settings, multimedia components, and other attributes. The attributes are gathered from the end users system and are analyzed to generate a device risk profile in Realtime. Some of the attributes that are collected from the end user device include:


  • Browser information (such as name, UserAgent, major version, minor version, JavaScript version, HTTP headers)
  • Operating system name and version
  • Screen settings (such as height, width, color depth)
  • System information (such as time zone, language, system locale)

For every transaction performed by the end user, CA Risk Authentication matches the corresponding MFP stored in its database with the incoming information. If this match percentage (%) is equal to or more than the value specified for the Device-MFP Match rule in Administration Console, then it is considered "safe".


DeviceDNA is a device identification and analytics technique that uses both Machine FingerPrint (MFP) and Device ID for more accurate information analyses. For accuracy, more information is collected than in case of MFP. For example:


  • Additional system information (such as platform, CPU, MEP, system fonts, camera, and speaker information)
  • Additional browser information (such as vendor, VendorSubID, BuildID)
  • Additional screen settings (such as buffer depth, pixel depth, DeviceXDPI, DeviceYDPI)
  • Plug-in information (such as QuickTime, Flash, Microsoft Windows Media Player, ShockWave, Internet Explorer plug-ins)
  • Network information (such as connection type)