OAAM Shows New Digital Fingerprint For Same Device Using Different Wireless Provider
Last updated on JUNE 07, 2017
Applies to:Oracle Adaptive Access Manager - Version 10.1.4.5.0 to 10.1.4.5.0 [Release 10g]
Information in this document applies to any platform.
Goal of this document is to describe how using different wireless providers (or ISPs - internet service providers) from the same device (computer, mobile) affects the digital fingerprinting (FP).
Here's an example:
Joe Collette logged in after the cutover to PeopleSoft 9.1 and was prompted with a question that he did not believe to have originally answered. His OAAM profile was then locked after 3 failed attempts. A case was completed in ARM to reset his question set. Once his new questions were answered he checked the safe device checkbox and was successfully authenticated.
2nd attempt (same device) - he was prompted with a challenge question, and clicked safe device once he answered successfully.
3rd attempt (same device but using Verizon wireless aircard) - he was prompted with a challenge question and clicked safe device.
4th attempt (same device using Verizon wireless aircard) - he was not prompted with a challenge.
5th attempt (same device after removing his Verizon wireless aircard) - he was prompted with a question.
All these tests were done from the same laptop. The only difference would be connection to the network over his wireless network card versus connection to the network over his Verizon Air Card. Each would provide a different MAC Address, but I don't see any documentation that says MAC Address is part of the Digital Fingerprint or the Flash cookie.
In ARM his Browser FP ID, remains the same. His Digital FP ID shows different, even though when I click on it and compare the parameters of it, they are identical.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms