Haven't we met before? Detecting Device Fingerprinting Activity on Android Apps

This paper examines the prevalence of device fingerprinting in Android apps, a technique for apps to uniquely identify the device an app is executed on. Methods are investigated and refined to detect device fingerprinting on mobile devices. While device fingerprinting has been extensively studied for web browsers, there is limited research on its use in mobile apps and its privacy implications. The paper presents an analysis of current device fingerprinting techniques in Android apps and explores static and dynamic app analysis techniques to detect fingerprinting. Additionally, a heuristic approach is introduced and tested on the top 1000 Android apps for automatically detecting behaviour-based fingerprinting on Android devices using the spatial and temporal context of relevant API calls.