device-fingerprinting-pro 1.0.2

Professional-grade hardware-based device identification for Python applications

DeviceFingerprint Library

Professional-grade hardware-based device identification for Python applications

DeviceFingerprint is a comprehensive security library that creates unique, stable identifiers for computing devices by analyzing their hardware characteristics. Built for enterprise security applications, fraud prevention systems, and authentication workflows that demand reliable device recognition.

📊 PyPI Statistics

Table of Contents

• Architecture Overview
• Key Features
• Installation
• Quick Start
• Advanced Usage
• Security Considerations
• API Reference
• Platform Support
• Performance Benchmarks
• Contributing
• License

Architecture Overview

System Architecture

┌─────────────────────────────────────────────────────────────────┐
│                    DeviceFingerprint Library                    │
├─────────────────────────────────────────────────────────────────┤
│                                                                 │
│  ┌─────────────────┐    ┌──────────────────────────────────┐   │
│  │   Application   │    │         Token Binding            │   │
│  │    Interface    │◄───┤       & Verification             │   │
│  └─────────────────┘    └──────────────────────────────────┘   │
│           │                                                     │
│           ▼                                                     │
│  ┌─────────────────────────────────────────────────────────┐   │
│  │            Fingerprint Generation Engine                │   │
│  │                                                         │   │
│  │  ┌─────────────┐  ┌─────────────┐  ┌─────────────────┐  │   │
│  │  │   Basic     │  │  Advanced   │  │ Quantum-        │  │   │
│  │  │   Method    │  │   Method    │  │ Resistant       │  │   │
│  │  │             │  │             │  │ Method          │  │   │
│  │  │ • Fast      │  │ • Balanced  │  │ • Maximum       │  │   │
│  │  │ • Simple    │  │ • Detailed  │  │   Security      │  │   │
│  │  │ • 0.7 conf  │  │ • 0.9 conf  │  │ • 0.95 conf     │  │   │
│  │  └─────────────┘  └─────────────┘  └─────────────────┘  │   │
│  └─────────────────────────────────────────────────────────┘   │
│           │                                                     │
│           ▼                                                     │
│  ┌─────────────────────────────────────────────────────────┐   │
│  │              Hardware Detection Layer                   │   │
│  │                                                         │   │
│  │  ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐   │   │
│  │  │   CPU    │ │  Memory  │ │ Storage  │ │ Network  │   │   │
│  │  │ Details  │ │   Info   │ │  Devices │ │ Hardware │   │   │
│  │  └──────────┘ └──────────┘ └──────────┘ └──────────┘   │   │
│  └─────────────────────────────────────────────────────────┘   │
│           │                                                     │
│           ▼                                                     │
│  ┌─────────────────────────────────────────────────────────┐   │
│  │            Cryptographic Processing                     │   │
│  │                                                         │   │
│  │  ┌─────────────┐    ┌─────────────┐    ┌─────────────┐  │   │
│  │  │   SHA3-512  │    │   SHA3-256  │    │   SHA-256   │  │   │
│  │  │  (Quantum   │    │ (Advanced)  │    │  (Basic)    │  │   │
│  │  │ Resistant)  │    │             │    │             │  │   │
│  │  └─────────────┘    └─────────────┘    └─────────────┘  │   │
│  └─────────────────────────────────────────────────────────┘   │
└─────────────────────────────────────────────────────────────────┘

Data Flow Diagram

Input Hardware Data
        │
        ▼
┌───────────────────┐
│  Component        │
│  Collection       │
│                   │
│ • CPU Info        │
│ • Memory Stats    │
│ • Storage IDs     │
│ • Network MACs    │
│ • System Info     │
└───────────────────┘
        │
        ▼
┌───────────────────┐
│  Data             │
│  Normalization    │
│                   │
│ • Format          │
│ • Validate        │
│ • Sanitize        │
└───────────────────┘
        │
        ▼
┌───────────────────┐
│  Cryptographic    │
│  Hashing          │
│                   │
│ • SHA3-512        │
│ • SHA3-256        │
│ • SHA-256         │
└───────────────────┘
        │
        ▼
┌───────────────────┐
│  Fingerprint      │
│  Generation       │
│                   │
│ • Unique ID       │
│ • Confidence      │
│ • Metadata        │
└───────────────────┘
        │
        ▼
    Final Output

Key Features

Security-First Design

• Quantum-Resistant Cryptography: SHA3-512 hashing provides protection against future quantum computing threats
• Constant-Time Operations: Implements timing attack protection for security-critical comparisons
• No Silent Degradation: Explicit error handling prevents security vulnerabilities from undetected failures
• Secure Random Generation: Uses cryptographically secure entropy sources for all random operations

Hardware-Based Identification

• Multi-Component Analysis: Examines CPU specifications, memory configuration, storage devices, and network hardware
• Cross-Platform Compatibility: Consistent behavior across Windows, Linux, and macOS operating systems
• Stable Across Reboots: Generates identical fingerprints for the same hardware configuration
• Privacy-Aware Processing: Sensitive information is cryptographically hashed, never stored in plain text

Enterprise-Ready Architecture

• Zero External Dependencies: Built entirely on Python's standard library for maximum compatibility
• Multiple Confidence Levels: Choose between Basic (0.7), Advanced (0.9), and Quantum-Resistant (0.95) methods
• Comprehensive Error Handling: Graceful degradation with detailed warning systems
• Token Binding Integration: Secure device-specific token validation for authentication workflows

Installation

Install from PyPI (Recommended)

# Install the latest stable version
pip install device-fingerprinting-pro

# Install with development tools
pip install device-fingerprinting-pro[dev]

# Upgrade to latest version
pip install --upgrade device-fingerprinting-pro

Development Installation

git clone https://github.com/Johnsonajibi/DeviceFingerprinting.git
cd DeviceFingerprinting
pip install -e .

Requirements

• Python 3.8 or higher
• No external dependencies required
• Compatible with virtual environments and containerized deployments

Quick Start

Basic Device Identification

from devicefingerprint import generate_device_fingerprint

# Generate a unique identifier for this device
device_id = generate_device_fingerprint()
print(f"Device ID: {device_id}")
# Output: Device ID: device_a1b2c3d4e5f6...

Advanced Fingerprinting with Confidence Levels

from devicefingerprint import AdvancedDeviceFingerprinter, FingerprintMethod

# Initialize the advanced fingerprinting system
fingerprinter = AdvancedDeviceFingerprinter()

# Generate fingerprints using different security levels
basic_result = fingerprinter.generate_fingerprint(FingerprintMethod.BASIC)
advanced_result = fingerprinter.generate_fingerprint(FingerprintMethod.ADVANCED)
quantum_result = fingerprinter.generate_fingerprint(FingerprintMethod.QUANTUM_RESISTANT)

print(f"Basic Method:")
print(f"  Fingerprint: {basic_result.fingerprint}")
print(f"  Confidence: {basic_result.confidence}")
print(f"  Components: {len(basic_result.components)}")

print(f"Advanced Method:")
print(f"  Fingerprint: {advanced_result.fingerprint}")
print(f"  Confidence: {advanced_result.confidence}")
print(f"  Components: {len(advanced_result.components)}")

print(f"Quantum-Resistant Method:")
print(f"  Fingerprint: {quantum_result.fingerprint}")
print(f"  Confidence: {quantum_result.confidence}")
print(f"  Components: {len(quantum_result.components)}")

Security Token Binding

from devicefingerprint import bind_token_to_device, verify_device_binding

# Bind a security token to this specific device
user_token = {
    "user_id": "john.doe@company.com",
    "session_id": "sess_abc123",
    "permissions": ["read", "write"],
    "expires": "2025-12-31T23:59:59Z"
}

# Create device-bound token
bound_token = bind_token_to_device(user_token)
print("Token successfully bound to device")

# Later: verify the token is being used on the correct device
is_valid = verify_device_binding(bound_token)
if is_valid:
    print("Token validation successful - same device")
else:
    print("Security alert: Token being used on different device")

Advanced Usage

Custom Security Policies

from devicefingerprint import AdvancedDeviceFingerprinter, FingerprintGenerationError

fingerprinter = AdvancedDeviceFingerprinter()

# Implement adaptive security based on risk assessment
def adaptive_fingerprinting(risk_level):
    if risk_level == "low":
        method = FingerprintMethod.BASIC
    elif risk_level == "medium":
        method = FingerprintMethod.ADVANCED
    else:  # high risk
        method = FingerprintMethod.QUANTUM_RESISTANT
    
    try:
        result = fingerprinter.generate_fingerprint(method)
        return result
    except FingerprintGenerationError as e:
        # Handle fingerprinting failures based on security policy
        if risk_level == "high":
            raise  # Don't allow fallback for high-risk scenarios
        else:
            # Allow fallback for lower risk scenarios
            return fingerprinter.generate_fingerprint_with_fallback(
                method, allow_fallback=True
            )

# Usage with different risk levels
low_risk_fp = adaptive_fingerprinting("low")
high_risk_fp = adaptive_fingerprinting("high")

Enterprise Integration Pattern

import logging
from datetime import datetime
from devicefingerprint import AdvancedDeviceFingerprinter, FingerprintMethod

class EnterpriseDeviceManager:
    def __init__(self):
        self.fingerprinter = AdvancedDeviceFingerprinter()
        self.logger = logging.getLogger(__name__)
    
    def register_device(self, user_id: str) -> dict:
        """Register a new device for enterprise user"""
        try:
            result = self.fingerprinter.generate_fingerprint(
                FingerprintMethod.QUANTUM_RESISTANT
            )
            
            device_record = {
                "device_id": result.fingerprint,
                "user_id": user_id,
                "registered_at": datetime.utcnow().isoformat(),
                "confidence": result.confidence,
                "components": result.components,
                "warnings": result.warnings
            }
            
            self.logger.info(f"Device registered for user {user_id}")
            return device_record
            
        except Exception as e:
            self.logger.error(f"Device registration failed: {e}")
            raise
    
    def verify_device_access(self, user_id: str, stored_device_id: str) -> bool:
        """Verify device access for enterprise security"""
        try:
            current_result = self.fingerprinter.generate_fingerprint(
                FingerprintMethod.QUANTUM_RESISTANT
            )
            
            # Implement secure comparison
            is_match = stored_device_id == current_result.fingerprint
            
            if is_match:
                self.logger.info(f"Device verification successful for {user_id}")
            else:
                self.logger.warning(f"Device mismatch detected for {user_id}")
            
            return is_match
            
        except Exception as e:
            self.logger.error(f"Device verification error: {e}")
            return False

# Enterprise usage
device_manager = EnterpriseDeviceManager()
device_record = device_manager.register_device("employee@company.com")
is_authorized = device_manager.verify_device_access(
    "employee@company.com", 
    device_record["device_id"]
)

Security Considerations

Threat Model

DeviceFingerprint is designed to protect against:

• Token Theft: Prevents stolen authentication tokens from being used on different devices
• Session Hijacking: Detects when sessions are transferred between devices
• Account Takeover: Identifies suspicious device changes in user accounts
• Fraud Detection: Flags transactions from unrecognized devices

Security Limitations

Important: Device fingerprinting should be part of a comprehensive security strategy:

• Not a Replacement for Authentication: Device fingerprints complement, but don't replace, user authentication
• Privacy Considerations: Consider user privacy laws and disclosure requirements in your jurisdiction
• Hardware Changes: Legitimate hardware upgrades will change device fingerprints
• VM and Container Limitations: Virtualized environments may have reduced fingerprint stability

Best Practices

1. Use Appropriate Confidence Levels: Match fingerprinting method to your security requirements
2. Implement Graceful Degradation: Handle fingerprinting failures appropriately
3. Monitor for Changes: Log and alert on unexpected device fingerprint changes
4. Combine with Other Factors: Use device fingerprinting as part of multi-factor authentication
5. Regular Updates: Keep the library updated for the latest security improvements

API Reference

Core Classes

AdvancedDeviceFingerprinter

The primary class for advanced device fingerprinting operations.

class AdvancedDeviceFingerprinter:
    def generate_fingerprint(
        self, 
        method: FingerprintMethod = FingerprintMethod.QUANTUM_RESISTANT
    ) -> FingerprintResult:
        """Generate device fingerprint using specified method"""
    
    def generate_fingerprint_with_fallback(
        self,
        preferred_method: FingerprintMethod,
        allow_fallback: bool = False
    ) -> FingerprintResult:
        """Generate fingerprint with explicit fallback control"""

FingerprintMethod (Enum)

Available fingerprinting methods with different security levels:

• BASIC: Fast operation, moderate security (confidence: 0.7)
• ADVANCED: Balanced performance and security (confidence: 0.9)
• QUANTUM_RESISTANT: Maximum security, quantum-resistant (confidence: 0.95)

FingerprintResult (Dataclass)

Result object containing fingerprint and metadata:

@dataclass
class FingerprintResult:
    fingerprint: str          # The generated fingerprint
    method: FingerprintMethod # Method used for generation
    components: List[str]     # Hardware components analyzed
    timestamp: str           # Generation timestamp
    confidence: float        # Confidence score (0.0-1.0)
    warnings: List[str]      # Any warnings encountered

Core Functions

generate_device_fingerprint() -> str

Legacy compatibility function that generates a quantum-resistant device fingerprint.

bind_token_to_device(token_data: Dict[str, Any]) -> Dict[str, Any]

Binds a security token to the current device by adding device fingerprint metadata.

verify_device_binding(token_data: Dict[str, Any]) -> bool

Verifies that a bound token is being used on the correct device.

Exception Classes

FingerprintGenerationError

Raised when fingerprint generation fails and fallback is not appropriate for the security context.

Platform Support

Hardware Detection Capabilities

Platform	CPU Info	Memory	Storage	Network	System ID
Windows	✅	✅	✅	✅	✅
Linux	✅	✅	✅	✅	✅
macOS	✅	✅	✅	✅	✅

Platform-Specific Implementation Details

Windows

• Uses WMI (Windows Management Instrumentation) for hardware queries
• Accesses Windows Registry for system identification
• Supports both PowerShell and CMD environments

Linux

• Reads from /proc/ filesystem for system information
• Uses /etc/machine-id for system identification
• Compatible with systemd and non-systemd distributions

macOS

• Utilizes system_profiler for hardware detection
• Accesses IOKit framework data through system tools
• Compatible with both Intel and Apple Silicon Macs

Performance Benchmarks

Typical Performance Metrics

Method	Average Time	Memory Usage	Components Analyzed
Basic	~50ms	<1MB	4-5
Advanced	~150ms	<2MB	6-8
Quantum-Resistant	~200ms	<3MB	8-10

Benchmarks measured on modern hardware (Intel i7, 16GB RAM, SSD storage)

Optimization Tips

• Cache Results: Fingerprints are stable; cache them to avoid repeated computation
• Choose Appropriate Method: Use Basic method for non-critical applications
• Batch Processing: Generate multiple fingerprints in sequence for better performance
• Async Integration: Use asyncio wrappers for non-blocking operations in async applications

Contributing

We welcome contributions to DeviceFingerprint! Here's how you can help:

Development Setup

# Clone the repository
git clone https://github.com/Johnsonajibi/DeviceFingerprinting.git
cd DeviceFingerprinting

# Create development environment
python -m venv venv
source venv/bin/activate  # On Windows: venv\Scripts\activate

# Install in development mode
pip install -e .

# Install development dependencies
pip install pytest pytest-cov black flake8 mypy

Running Tests

# Run all tests
python -m pytest tests/ -v

# Run with coverage
python -m pytest tests/ --cov=devicefingerprint --cov-report=html

# Run specific test categories
python -m pytest tests/test_basic_functionality.py

Code Quality

# Format code
black devicefingerprint/

# Check style
flake8 devicefingerprint/

# Type checking
mypy devicefingerprint/

Contribution Guidelines

1. Fork the repository and create a feature branch
2. Write tests for new functionality
3. Ensure code quality passes all checks
4. Update documentation for API changes
5. Submit a pull request with clear description

License

This project is licensed under the MIT License - see the LICENSE file for details.

Support and Community

• Issues: GitHub Issues
• Discussions: GitHub Discussions
• Security: For security issues, please email security@devicefingerprint.dev

Acknowledgments

• Inspired by the need for reliable device identification in security applications
• Built with security-first principles and enterprise requirements in mind
• Thanks to the Python cryptography community for best practices guidance

---

DeviceFingerprint - Professional device identification for Python applications.

Features

• Hardware-Based Fingerprinting: Creates unique identifiers from system hardware (CPU, memory, storage)
• Cross-Platform Support: Works on Windows, Linux, and macOS
• Multiple Algorithms: SHA3-512 and SHA3-256 fingerprint options with quantum resistance
• Collision Detection: Built-in collision detection and handling
• Privacy Aware: Hashes sensitive information before use
• Token Binding: Bind security tokens to specific devices
• Tamper Detection: Detect hardware changes and modifications
• Stability Verification: Verify fingerprint consistency across time

Installation

pip install device-fingerprinting-pro

Quick Start

Basic Usage

from devicefingerprint import DeviceFingerprintGenerator

# Generate basic device fingerprint
generator = DeviceFingerprintGenerator()
fingerprint = generator.generate_device_fingerprint()
print(f"Device fingerprint: {fingerprint}")

Advanced Usage

from devicefingerprint import AdvancedDeviceFingerprinter, FingerprintMethod

# Initialize advanced fingerprinter
fingerprinter = AdvancedDeviceFingerprinter()

# Generate quantum-resistant fingerprint
result = fingerprinter.generate_fingerprint(FingerprintMethod.QUANTUM_RESISTANT)
print(f"Fingerprint: {result.fingerprint}")
print(f"Confidence: {result.confidence}")
print(f"Method: {result.method.value}")
print(f"Components: {len(result.components)} hardware components")

# Verify fingerprint stability
stored_fingerprint = result.fingerprint
is_stable, confidence = fingerprinter.verify_fingerprint_stability(stored_fingerprint)
print(f"Fingerprint stable: {is_stable} (confidence: {confidence})")

Token Binding

from devicefingerprint import bind_token_to_device, verify_device_binding

# Example token data
token_data = {
    "user_id": "user123",
    "token": "secret_token_data",
    "permissions": ["read", "write"]
}

# Bind token to current device
bound_token = bind_token_to_device(token_data)
print("Token bound to device")

# Later, verify the token is still on the same device
if verify_device_binding(bound_token):
    print("Token verification successful - same device")
else:
    print("Token verification failed - different device detected")

API Reference

FingerprintMethod Enum

• BASIC: Simple system information fingerprint
• ADVANCED: Comprehensive hardware fingerprint
• QUANTUM_RESISTANT: SHA3-512 quantum-resistant fingerprint

DeviceFingerprintGenerator

Basic device fingerprint generator for quick and simple device identification.

Methods

• generate_device_fingerprint() -> str: Generate basic device fingerprint

AdvancedDeviceFingerprinter

Advanced fingerprinting with multiple methods and detailed results.

Methods

• generate_fingerprint(method: FingerprintMethod) -> FingerprintResult
• verify_fingerprint_stability(stored: str, method: FingerprintMethod) -> Tuple[bool, float]

FingerprintResult

Result object containing:

• fingerprint: The generated fingerprint string
• method: Method used for generation
• components: List of hardware components used
• timestamp: Generation timestamp
• confidence: Confidence score (0.0-1.0)
• warnings: List of any warnings during generation

Utility Functions

• generate_device_fingerprint() -> str: Legacy compatibility function
• bind_token_to_device(token_data: Dict) -> Dict: Bind token to device
• verify_device_binding(token_data: Dict) -> bool: Verify device binding

Security Features

Hardware Components Used

• CPU: Processor ID and architecture information
• System: OS version, machine type, hostname
• Network: MAC address of primary interface
• Machine ID: Windows UUID or Unix machine-id
• Platform: Python implementation details

Privacy Protection

• All sensitive hardware information is hashed before storage
• No plaintext hardware identifiers are exposed
• Constant-time comparison prevents timing attacks

Quantum Resistance

• SHA3-512 algorithm provides quantum resistance
• Fallback mechanisms ensure reliability
• Future-proof cryptographic design

Cross-Platform Compatibility

Windows

• Uses WMIC for hardware identification
• Retrieves machine GUID and processor ID
• Supports Windows 7+ and Windows Server

Linux/Unix

• Uses /etc/machine-id and /var/lib/dbus/machine-id
• Platform-specific hardware detection
• Supports major Linux distributions

macOS

• Uses system profiler for hardware info
• Compatible with macOS 10.12+
• Optimized for Apple silicon and Intel

Use Cases

Security Applications

• Multi-Factor Authentication: Device binding as additional factor
• Token Security: Prevent token theft and unauthorized use
• Session Management: Tie sessions to specific devices
• Fraud Detection: Detect unusual device access patterns

Development Applications

• License Enforcement: Bind software licenses to hardware
• Configuration Management: Device-specific configurations
• Deployment Tracking: Track software installations
• Hardware Inventory: Unique device identification

Performance

• Generation Time: < 100ms typical
• Memory Usage: < 5MB during operation
• Stability: 99.9%+ consistency across reboots
• Collision Rate: < 0.001% with quantum-resistant method

Troubleshooting

Common Issues

"Could not retrieve MAC address"

• Network interface may be disabled
• Virtual machines may have changing MAC addresses
• Fallback fingerprint will be used

"Fingerprint verification failed"

• Hardware change detected (RAM upgrade, etc.)
• System reinstallation or major updates
• Virtual machine migration

Low confidence score

• Limited hardware access in sandboxed environment
• Missing system utilities (WMIC on Windows)
• Fallback method used due to errors

Debug Mode

import logging
logging.basicConfig(level=logging.DEBUG)

# Enable detailed logging
result = fingerprinter.generate_fingerprint(FingerprintMethod.QUANTUM_RESISTANT)
for warning in result.warnings:
    print(f"Warning: {warning}")

Contributing

Contributions are welcome! Please read our contributing guidelines and submit pull requests to our repository.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Support

For support and questions:

• GitHub Issues: Report issues
• Documentation: Full documentation
• Email: support@quantumvault.dev

Changelog

v1.0.0 (2025-09-05)

• Initial release
• Basic and advanced fingerprinting methods
• Quantum-resistant SHA3-512 support
• Cross-platform compatibility
• Token binding functionality
• Comprehensive test suite