Oracle Adaptive Access Manager contains proprietary clientless technologies for fingerprinting and interrogating devices used during access requests and transactions. Device fingerprinting is a mechanism to recognize the devices a customer uses whether it is a desktop computer, laptop computer or other web-enabled device. This appendix contains details about device fingerprinting.
Each time the user accesses the system, information about the device is collected. OAAM generates a unique single-use fingerprint and marks a device for each user session. It is replaced upon each subsequent fingerprinting process with another unique fingerprint.
The fingerprinting process can be run any number of times during a user session to allow detection of changes mid-session that can indicate session hijacking. OAAM monitors a comprehensive list of device attributes. If any attributes are not available the device can still be fingerprinted. The single-use capabilities combined with server-side logic defends against the fingerprint being stolen and reused on another machine to commit fraud.
Device fingerprinting collects information about the device such as browser type, browser headers, operating system type, locale, and so on. The fingerprint details can help in identifying a device, check whether it is secure, and determine the risk level for the authentication or transaction.
IP Information is one of the attributes of device fingerprinting and collected to generate the location fingerprint.
If IP address is changed, Oracle Adaptive Access Manager still has other information to use in identifying the machine.
Each feature standing on its own is not sufficient to secure the session; it is the combination of device fingerprint, IP, location, time, behavioral analysis, behavioral analysis as it relates to past behavior, and so on.
Some of the attributes collected to generate the location fingerprint are listed below:
| IP Details | Description |
|---|---|
|
IP Address |
Address mapped to location |
|
City Name |
Geographic name of the city. |
|
State Name |
Geographic name of the state. |
|
Country Name |
Geographic name of the country. |
|
Connection Speed |
Internet connection speeds or bandwidths (high, medium, low). |
|
Connection Type |
Describes the data connection between the device or LAN and the internet. See the Connection Type mapping. |
|
Routing Type |
Tells how the user is routed to the internet. |
|
Carrier |
The name of the entity that manages the ASN entry. |
|
ASN |
Globally unique number assigned to a network or group of networks that is managed by a single entity. |
|
Top-level Domain |
The top-level domain of the URL. For example, .com in www.oracle.com. This is mapped through the Quova reference file. |
|
Second-level Domain |
The second-level domain of the URL. For example, Name in www.oracle.com. This is mapped through the Quova reference file. |
|
City Confidence Factor |
The confidence factor (1-99) that the correct city has been identified. |
|
State Confidence Factor |
The confidence factor (1-99) that the correct state has been identified. |
|
Country Confidence Factor |
The confidence factor (1-99) that the correct country has been identified. |
Browser fingerprinting gathers information that include the browser type used, plug-ins installed, system fonts, and the configuration and version information from the operating system, and whether or not the computer accepts cookies.
Flash fingerprinting is similar to browser fingerprinting but a flash movie is used by the server to set or retrieve a cookie from the user's machine so a specific set of information is collected from the browser and from flash. The flash fingerprint is only information if flash is installed on the client machine.