Introducing Spec ID: Journey Data™ Fingerprinting
Device-based solutions are losing ground to modern fraud tactics—especially under consumer privacy changes. Many of our customers have been solving these issues with Journey Data™, but they needed an easy-to-use digital identifier that could fill in for legacy device IDs. That’s why we built Spec ID.
Breaking Down the Problem
Without Journey Data, visitor identification has largely fallen into three methods:
- Cookie-based tracking
- IP intelligence
- Device fingerprinting
These identifiers face two critical headwinds:
- Consumer Privacy Controls – People are using privacy-first browsers, iCloud Public Relay, incognito modes, and VPNs to avoid surveillance and data misuse. These tools hide or destroy data that fraud detection historically depended on—yet many of those users are legitimate customers.
- Evolving Fraud Tactics – Attackers use the same privacy tools, plus more advanced methods like residential proxies, device-fingerprint manipulation, and “agentic” attacks driven by learning algorithms.
Evolving Fraud Tactics in Detail
- Residential Proxies: Clean IP connections piggybacking on normal home networks—indistinguishable from a legitimate user’s IP.
- Device Fingerprint Manipulation: Fraudsters leverage anti-detect browsers, targeted JavaScript blocking, or synthetic device signatures to fool old-school device checks.
- Agentic Attacks: These use large-scale “human-like” reasoning to craft attacks that align IP, device signatures, and user interactions with the stolen identity they’re deploying—while continually learning how to evade detection.
What Goes Into Spec ID
Journey Data™ spans every user interaction from the first page view to account creation and beyond—sometimes hundreds of signals in a single session. Spec ID fuses device, network, and behavioral data into a durable digital identifier that:
- Persists even if a visitor clears cookies, opens a private tab, turns on a VPN, or changes device signatures.
- Links suspicious behavior across multiple sessions—spotting repeat fraudsters who bounce between IPs.
- Recognizes legitimate returning users who simply prefer strong privacy controls.
Combine Spec ID with our AI agent-resistant honeypot mitigations, and you get an accurate, future-proof defense—even if you’ve been burned by older, device-based approaches.
Ready for What’s Next?
Spec ID is just the start. By going beyond basic device checks and tying together Journey Data™, we’ve delivered durable protection for our early design partners—especially those who’ve lost faith in legacy device-based solutions. If you’re looking to upgrade your fraud defense, Spec ID might be exactly what you need.
Want to see it in action? Get in touch for a hands-on look at how journey-based fingerprinting can strengthen your fraud prevention strategy.
Ready to get started with Spec?
Nate Kharrl, CEO and co-founder at Spec, has built leading solutions for application security and fraud challenges since the early days of the cloud era. Drawing from his cyber experience at Akamai, ThreatMetrix, and eBay, Nate helped found Spec to focus on the needs of businesses operating in a landscape of increasing AI risks. Under Nate’s leadership, Spec grew from its mid-pandemic founding to raise $30M in venture-backed funding to build solutions used by Fortune 500 companies transacting billions in online commerce. Spec’s service offerings today include protective measures for websites and APIs that specialize in defending against attacks designed to bypass bot defenses and risk assessment platforms.
Frequently Asked Questions
“With Spec, we can mitigate fraudulent activity, protect our revenue, and create a better user experience so that Indiegogo can remain a trusted crowdsourcing platform.”
Payments Manager
