Favicon functionality misuse for ad tracking

The ad tech world seems to have figured out some ways of misusing the browser’s favicon functionality, and it’s important that you know this.

Favicon is the icon you see in browser tabs, site recommendations and more. They make it easy to recognise your tabs and switch. Now, this feature has got the attention of people who would rather use it to bypass the user’s tracking preferences!

Favicon stores the image of a visited site in a perpetual cache. It is different from the browser cache as even if the customer clears the visited history cache, this remains.

Currently, through some workaround, the ad tech folks can track site visits and then in subsequent site visits, browser tracking / fingerprinting protections seem to have been bypassed.

Browsers will need to address this issue and treat this as a vulnerability in their safety process. Brave has already updated their browser.

Consent frameworks stand ignored, and that in itself is a significant safety issue. #SafetyCX

Do see the research paper and related coverage for more insights.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: