A system, method, and apparatus are provided for using distinctive signals associated with an electronic device to authenticate or validate a cookie or other identifier issued to the device from a website or other source. When the device receives content (e.g., a web page) from the source, it also receives code for collecting the signals, which is executed when the content is rendered. The device transmits the signals to the source or other specified destination, where they may be processed (e.g., hashed) and retained. Upon subsequent access to content from the source, signals are again collected, transmitted to the source, and compared with those that were previously retained. If the current signals do not match the retained signals, the current device may be spoofing the valid/original device, and the source may take appropriate action (e.g., prevent some activity, require further authentication). Matching may be performed online and/or offline.