Browser fingerprinting: How it works and how to avoid it

In this article, you will learn all the basics about browser fingerprints — and how you can avoid fingerprinting, too.

Browser fingerprinting: How it works and how to avoid it
John Garfield
John Garfield 6 min read
Article content
  1. What is browser fingerprinting?
  2. How are browser fingerprints tracked?
  3. Why are browsers unique?
  4. How to make your fingerprints less unique
  5. Frequently Asked Questions

User identification is important to websites for numerous reasons — from marketing needs to anti-bot protection. Browser fingerprints are another way to track users: This approach is more advanced than cookies and supercookies because it allows a destination server to identify the given device where it is accessed from. Therefore, the server can track this user even if cookies were wiped.

Understanding browser fingerprinting can take your data gathering process to another level and make it much easier. In this article, you will learn all the basics about web browser fingerprinting — and how you can avoid fingerprinting, too.

What is browser fingerprinting?

Browser and its fingerprints (i.e. unique elements)

Browser fingerprinting is a technique that websites use to identify and track individual users based on their browser and device characteristics. Unlike cookies or IP addresses, it does not rely on storing any data on the user’s device or network, but rather on collecting various information about the user’s browser configuration, such as the version, language, time zone, installed plugins, screen resolution, and more1. By combining enough of these details, websites can create a unique fingerprint for each user, which can be used to recognize them across different websites and sessions.

An internet fingerprint can pose a serious threat to online privacy, as it can enable websites to track users’ behavior and preferences without their consent or awareness. Browser fingerprinting can also bypass common privacy measures, such as deleting cookies, using private browsing mode, or using a VPN.

How are browser fingerprints tracked?

As this approach becomes more widely spread, more and more websites use it to identify new and returning visitors, trying to fingerprint browsers. And not just websites use browser fingerprints but search engines — Google, for example — leverage this approach, too. There are different methods that allow servers to track fingerprints.

Different users and their unique fingerprints

HTML5 Canvas

HTML5 canvas fingerprinting is a technique that uses the HTML5 canvas element to draw text or images with a specific font and size, and then extracts the pixel data from the canvas. This pixel data can vary depending on the browser and device characteristics, such as the graphics card, driver, and operating system. Companies make website fingerprinting possible by hashing the pixel data and creating a unique identifier for each user based on their canvas rendering. This method offers the largest amount of data as it allows requesting information about graphics processing.

Audio fingerprints

Audio fingerprinting is a technique that uses the Web Audio API to generate a sound signal with a specific frequency and amplitude, and then analyzes the output signal from the user's device. The output signal can be affected by the audio processing hardware and software of the device, such as the sound card, driver, codec, and volume. By comparing the input and output signals, websites can create a unique identifier for each user based on their audio processing.

Clock skew

Clock skew fingerprinting is a technique that uses the timestamps of TCP or ICMP packets to measure the difference between the clock of the user's device and the clock of the server. The clock of each device can have a slight drift or skew due to variations in the manufacturing process or environmental factors. By observing multiple packets over time, websites can estimate the clock skew of each user's device and use it as a unique identifier.

Why are browsers unique?

You might wonder how your browser can be unique if you just downloaded it from the same site everyone else does. As we’ve already mentioned, browser fingerprints contain data not just about a browser itself, but about the system and the device, too. Additionally, each user installs their own extensions and has different settings for the browser. So once you arrive at a website that gathers fingerprints, it compares your data to all the other entries it already has in the database. And if your data has few to no copies, it’s considered unique.

A particular user and their browser components

Therefore, fingerprint tracking allows identifying a user even if there are no cookies stored. That’s why privacy-conscious users tend to prevent their browsers from sharing fingerprints or do everything possible to make their fingerprints less unique. Yet, we believe that it won’t be long until it becomes nearly impossible to make browser fingerprints more generic. As this approach gets more advanced, websites can identify users much more precisely.

How to make your fingerprints less unique

You can test the uniqueness of web browser fingerprint using Panopticlick. This service will reveal all the information that can be gathered about your gadget and offer you some tips on how to stay more anonymous.

An anonymous web browser

Here are some actions you can perform to lower the uniqueness of your fingerprint:

  • Use popular browsers as more people are using them as well. Lesser-known browsers will make your fingerprints more unique.
  • Use a custom user agent. This approach is especially important for data gathering. We always advise our customers to use libraries of user agents along with our Infatica proxies for the best results. It’s also better to use common user agents.
  • Use as few plugins as possible. Each plugin has numerous versions and makes it easier to identify you. The fewer of them you use, the less unique your fingerprints become.
  • Use as few preferred languages as possible. It’s best to just use English as there are a lot of users using this language. If you request websites in different languages, your fingerprint becomes more unique
  • Try TorButton. It implements security features that are present in Tor (which can act as your anti-fingerprinting browser) and Firefox.
  • Disable JavaScript. Since websites usually use JavaScript to gather browser fingerprints, disabling it will prevent them from gathering yours.

You can find anti-fingerprinting tracking apps and plugins online. But instead of making your fingerprints more common, they’re likely to make them more unique as it’s easy to identify installed plugins. And as we’ve mentioned before, the fewer plugins — the better.

By lowering the uniqueness of your browser, you can not only stay more anonymous online but improve your data gathering process, too. The more common your fingerprints are, the fewer chances your scraper has to get detected by anti-bot solutions. Use the tips listed above along with Infatica residential proxies to stay truly anonymous online and gather information without hiccups.

Frequently Asked Questions

Some options include:
  • Use a privacy-focused browser like Firefox or Tor Browser, which can prevent your data from being collected.
  • Use a VPN. This will encrypt your traffic and make it more difficult for third parties to track you.
  • Use an ad blocker. This will prevent advertising companies from collecting data about you.

One way is to use the online tool Panopticlick. Another way is to use the BrowserLeaks website. Another way is to use the WhatWeb website. Lastly, you can use the FingerprintJS library.

There is no definitive answer: The legality of browser fingerprinting depends on the specific circumstances in which it is used. However, most experts agree that browser fingerprinting is legal in most cases, as long as the data collected is used for legitimate purposes and the users are properly informed about what information is being collected and how it will be used.

One way to change your browser fingerprint is to use a different browser or operating system (e.g. Firefox → Chrome, macOS → Linux.) Another way involves modifying the settings on your computer (e.g. changing the time zone on your computer or disabling cookies.) However, these changes are not always permanent and they can be reversed by the websites that you visit.

The problem with browser fingerprinting is that it can be used to collect a large amount of sensitive information about a user without their knowledge or consent. This makes it very difficult for users to control how their personal data is being used, and it also raises serious concerns about data security, so courts may argue that browser fingerprinting is not GDPR-compliant.

You can also learn more about:

Video Streaming Proxies: What They Are and How to Use Them
Video Streaming Proxies: What They Are and How to Use Them

Learn how to use video streaming proxies to access geo-restricted content, bypass censorship, and protect your privacy online. Find the best free proxy sites here.

Introduction to Puppeteer: Automating Data Collection
How to
Introduction to Puppeteer: Automating Data Collection

Puppeteer is a powerful Node.js library for automation in Chromium-based browsers — let's take a closer look at how it works and how to set it up for web scraping.

Web Scraping with Antidetect Browsers
Web scraping
Web Scraping with Antidetect Browsers

Learn how to use antidetect browsers for web scraping and bypass anti-bot measures. Compare the best antidetect browsers and their features.

Get In Touch
Have a question about Infatica? Get in touch with our experts to learn how we can help.