how can I get a unique device ID in javascript?

Question

I'm working on my bachelors project at University and I'm doing an app where I need a unique device ID. I'm working with javascript and the application (which is accessible when downloading the application or when entering the web page) would run on the following execution platforms:

mobile and tablets: Android, iOS, Windows Phone, Firefox OS, Tizen
Smart TV: Android, Tizen OS, Web OS
browsers: Windows, Mac, Linux

My question is: is it possible to obtain an identifier of the physical device, such as the MAC address, but that never changes (since the MAC can be changed by the user at any time) for all or, at least, for some of the execution platforms mentioned above?

MAC Address, god no, purely because of security reasons, my first question being... Do you have access to **any** form of back end? — JO3-W3B-D3V, Apr 06 '18 at 11:46
If you using React Native, you can get device Serial number from native code. — FisNaN, Apr 06 '18 at 11:48
You can change what ever MAC address you wanted on your computer, and it is not unique. — FisNaN, Apr 06 '18 at 11:51
How about simply storing a cookie with a unique identifier on the device? Then you could also list all unique connected devices. — Emil S. Jørgensen, Apr 06 '18 at 11:59
@JO3-W3B-D3V I am using NodeJS and the project is divided in server side, client side and DB side so yes I have access to the back end. The idea is that once the user enters the app I can get a device ID which is unique and that it will be the same for that user in particular forever. — Lorena A., Apr 06 '18 at 12:03
One recommendation I can give you is use JS to find the user's devise, OS, browser, etc.Then maybe use the back end to get their IP address, do some magic in the back end and then generate a unique I.D. that's based on that combination + user accounts (if that's gonna be included that is). You **could** even include the user's physical location? — JO3-W3B-D3V, Apr 06 '18 at 12:19

score 25 · Answer 1 · answered Apr 06 '18 at 11:56

If installed as an app on a mobile device or smart TV, you'll probably have a enough access to get a hold of something unique. I wouldn't necessarily go for a Mac address, but different devices will have different unique identifiers you can grab (even just a phone number would be a pretty good bet for a mobile phone).

Browsers, which are the most restricted environment you listed, are a different story.

Short answer, no.

Longer answer, no, but kinda.

There is no way to get any kind of identifier that is truly unique and unchangeable from the client. This means no MAC address, serial number, IMSI, or any of those other things.

You'd have to turn to an approach which advertisers frequently use to track you across the web.

Basically, you scoop up all the information you can access about a user. These things may include user agent string, IP address, OS, and the like. Basically, things that are sent in an HTTP request and/or via JavaScript client-side. By combining these values together, you can create something that's going to be reasonably unique fingerprint, though not guaranteed and will greatly vary by physical environment that users access it by.

For example, if I'm using my computer at home, and I'm all alone, and I have a fixed IP address, then getting my IP address alone will probably point to just me. If I'm in a college library or an office environment though, and pretty much every other computer all uses the same external IP (quite common a lot of times), and all of them are roughly the same amount of up-to-date, then a lot of people will show up all as the same user even if you mix a bunch of different data points together.

Depending on your use-case, it may be "good enough" (which is generally what advertisers go with), but if it you are using it for any kind of auto-access to security, don't do it. It's never going to be anywhere near secure enough for that. If you want to do something like that, at the very least mix it with a cookie and/or session specific values to reduce the risks.

Very well said old chap. I had the same idea about the user agent information, plus the IP address, etc. This is actually something quite awkward to develop to be fair, I mean not even huge companies have mastered this, i.e. **Facebook**, **Google**, etc. I've found that when I log in form the same device, same account, occasionally I will get warnings that some foreign device has logged into my account, when really, it's just due to a dynamic I.P. and maybe a different browser. — JO3-W3B-D3V, Apr 06 '18 at 12:25
Indeed. It is very far from bullet proof and all the big players are constantly tweaking their algorithms to try and improve them. Some even go as far as adding things like machine learning to try to better match them. That's why it should only be relied on for fairly trivial problems. — samanime, Apr 06 '18 at 12:32
Agreed, sadly there's no fool proof way of doing this with just javascript, I mean you probably could make this a lot more sophisticated and a lot more fool proof if you were using something a little more powerful. I mean javascript within the browser you struggle to do things such as file i/o. — JO3-W3B-D3V, Apr 06 '18 at 13:58
So I cannot get the device Id through javascript? No solution? — Ashh, Oct 09 '18 at 08:10
No solution, for JavaScript through the browser. There are solutions if it is installed as a native app (like with PhoneGap), but that's not what this is talking about. It's a security thing. — samanime, Oct 09 '18 at 21:40

score 17 · Answer 2 · answered Jul 23 '20 at 11:36

It is not technically possible to obtain an ID unique to the device, from a browser.

However there is a way to work around this. You can use JavaScript to generate a long ID, which is statistically guaranteed to be unique, such as a GUID (a 128 bit integer). This value can then be stored in the browsers localStorage (or in a cookie), again using JavaScript.

The next time the users opens this page, you can check if a unique ID is found in the browsers localStorage. If found, you known which device this is.

You can also use other information to help indentify the device, such as the IP address, the device's screen size, and other settings which can be read through JavaScript.

Non of these solutions are guaranteed to work. For example if a browser is in private mode, the data in the localStorage will not persist.

You can change the localStorage manually, so changing "uniqueId" to "uniequeIDD" is 10 seconds (right click on the browser, go to application, then local storage). You don't even have to open in private mode. — GLHF, Oct 15 '22 at 18:09

score 10 · Answer 3 · answered Aug 22 '22 at 18:46

In modern browsers you can create a function like the following to do the job. The machine ID will be unique for the browser/machine combo.

function getMachineId() {
    
    let machineId = localStorage.getItem('MachineId');
    
    if (!machineId) {
        machineId = crypto.randomUUID();
        localStorage.setItem('MachineId', machineId);
    }

    return machineId;
}

score 3 · Answer 4 · answered Jan 24 '21 at 16:01

3

There is a NPM package available to resolve this https://www.npmjs.com/package/device-uuid

NOTE: This will give almost 90%-100% uuid across different browser.

answered Jan 24 '21 at 16:01

Subramanian

170
3
12

6

Its not unique across the devices. If you have devices with exactly same configurations, they will have the same ID. I used another laptop with the same specification and the generated id is not unique. – Shahin Belim Sep 01 '21 at 12:24
1

It doesn't work. I got the same uuid on different devices. – Xie Steven Jul 28 '22 at 06:58

score 3 · Answer 5 · answered Mar 28 '22 at 13:23

3

You can get DeviceID in browser by below Easiest way

<script src="https://raw.githubusercontent.com/biggora/device-uuid/master/lib/device-uuid.min.js"></script>

<script>
var uuid = new DeviceUUID().get();
console.log(uuid);
</script>

output something like this: a4883c6b-b18f-4c8e-bbdc-528b8f3xxxxx

Additional

You can get Device Browser , version, platform, OS

var du = new DeviceUUID().parse();
console.log(du);

[reference] : https://github.com/biggora/device-uuid

answered Mar 28 '22 at 13:23

Shurvir Mori

2,288
1
17
29

1

Is this just hashing user agent variables? Wouldn’t that surely cause collisions almost constantly? – Albert Renshaw Dec 08 '22 at 00:51
This doesn't work if we try with two different browser on the same device which undermines the whole unique device id concept @Shurvir Mori – Shubham Agrawal May 29 '23 at 08:36
@ShubhamAgrawal, Yes, I understand. but This is the nearest solution what normally we want. this is near by solution rest of this very less library and native stuff available for this. that's Why I post here with demo if someone help to this. :| – Shurvir Mori May 30 '23 at 16:58

DSA · Answer 6 · 2023-07-26T08:27:15.260

0

I used the below npm package for an angular project to get a device id for browsers. Read the description carefully and you can make it work.

Angular answer:

async ngOnInit() {
    const fpPromise = FingerprintJS.load();
    fpPromise
      .then(fp => fp.get())
      .then(result => { 
        this.deviceId = result.visitorId;
      })
  }

But you can use this in React js too, I have used it in react js like this way.

https://www.npmjs.com/package/@fingerprintjs/fingerprintjs

edited Jul 26 '23 at 08:27

answered Jul 25 '23 at 03:57

DSA

19
7

1

Note that the stated accuracy in this package is 40% - 60% – Stevenfowler16 Jul 29 '23 at 12:41
@Stevenfowler16 yes you're right, but you can get 99.5% accuracy too, – DSA Aug 07 '23 at 05:55

how can I get a unique device ID in javascript?

6 Answers6

Linked

Related