Unique Computer Identification

The various methods of identifying users and their computers for the purpose of tracking to display ads targeted to their interest and identify subscribers for DRM control are diverse:

Cookies using JavaScript

Using Cookies created by JavaScript and other scripting languages like ASP and PHP are the most commonly used methods used by web sites to store a user's membership details and preferences.. These cookies can be created using either programming language and read by either programming language. Such cookies are stored by the user's web browser and easily updated on load of a web page. Theoretically, these cookies can only be read and updated for the web site being visited and can be available for the user's next visit to the web site, or they can be expired by date or on exit of the site depending on the situation.

Cookies using Session ID

Cookies using Session ID do not need to be created because Session ID is the standard method of user identification by a web server. Every time a new user visits a web site, the web server assigns a unique number as their Session ID to manage and differentiate between current users. Session IDs can be read by most programming languages for tracking purposes by a web site and are most useful for storing member login details, but only for that session. Session ID cannot store information for later visits as the life of a Session ID is limited to an active session, ie: a Session ID commences when requesting the first web page and ends when either leaving the web site or when the session expires. Using Session ID is most useful for catering for user's suffering from cookie-phobia.

IP Address

Using IP Address to identify users and control access rights to web pages can be secure and most useful, but only if the user's IP address is known and only if their Internet connection always uses the same IP address. Computers connected to in-house networks can be assigned a fixed IP address and ISPs can assign a fixed IP address to permanent Internet connections. Otherwise most Internet connections are dynamically assigned (random) as they connect. An IP address assigned to a computer within a network can be assumed to be for that one computer user, but IP addresses assigned to an Internet service can apply to a whole network of different computers.

IP address ranges can be used to limit access by country, but even if supported by geolocation lookups via reverse DNS, such limitation can be unreliable because some ISPs sell off part of their network range assignment to other ISPs who can be in a different country.

IP addresses cannot be spoofed but they can be masked by using a VPN, proxy service or TOR network. Such usage is for anonymity and not really a threat to your website security because the IP address being used will not be one that your web site allows, and consequently cannot gain access.

MAC Address

A media access control (MAC) address is a hardware identification number that uniquely identifies each device on a network. The MAC address is assigned by the manufacturer and burned into each network card, such as an Ethernet card or Wi-Fi card, and cannot be changed. But while it can be useful for validating a user's computer access it is not the most reliable constant because the same computer can use different Internet connections even in the same session. For example if a user is using a WiFi connection and it drops out or is disconnected and that user also has a cable connection via LAN, their MAC address will change. To properly manage rights access using MAC address, the web site will need to record all instances before allowing access which can be a inconvenience to the user. For example "please login while using your WiFi connection and then switch to your LAN for your computer to be registered for our network" and most users will ask "what is a LAN?"

Registry Key

Registry Keys can be used for user identification if the web browser can read a user's registry but they cannot due to computer security, at least not without assistance provided by a browser plugin (DLL) that can interact at system level. However that is not possible with today's popular web browsers who dropped support for NPAPI plugins in late 2015 in preference to simple plugins (add-ons) based on HTML and JavaScript suited to the limitations of mobile phones. But registry keys can be read if the visitor uses a web browser like the ArtisBrowser which is specially designed for copy protection and does support real browser plugins.

Token File

Token Files are usually encrypted files stored on a user's computer in a location known to the software being used which in this case is the user's web browser. Unfortunately most web browsers will not be able to locate or be able to access a file that is not already a part of that web browser. Consequently web site's cannot read such files unless the visitor uses a web browser like the ArtisBrowser which is specially designed for copy protection and does support real browser plugins.

Unique Computer ID

A unique Computer ID can be assigned by reading the serial number of computer hardware. But this is only possible on Windows and Mac operating systems (OS) and cannot be used on other OS such as those used on Linux computers, amusement devices or mobile phones. However serial numbers can be duplicated across different devices and manufacturers.

The ArtisBrowser which is specially designed for copy protection, uses an algorithm based on the hard drive serial number and other factors to create a most unique Computer ID to properly manage access rights to DRM protected media and web pages. Such identification can enable a website to validate more than one computer per user account and is the most secure constant for user identification.