Alert icon, browser window with fingerprints and a magnifier on a light background
Click here for a quick summary of this article
Browser Fingerprinting: A Short Guide

With browser fingerprinting, websites assign a code to your browser and use that to compile information about you, like your browser type, extension versions, and screen resolution.

Unfortunately, there’s no way to completely prevent browser fingerprinting. But you can mitigate its impact by following these tips:

  1. Use common systems, software, and settings.
  2. Disable JavaScript and Flash.
  3. Switch between multiple browsers.
  4. Don’t log into any accounts with personally identifiable data.
  5. Choose a privacy-minded browser like Tor and Brave.
  6. Download privacy-minded plugins and extensions.
  7. Consider running virtual machines on your PC.

Finally, we recommend using a VPN (Virtual Private Network). A VPN won’t stop browser fingerprinting, but it can prevent your IP address from falling in the wrong hands. NordVPN is a great option.

For more information on what browser fingerprinting is and how to mitigate its negative impacts, read our full article below.

It can be very difficult to remain anonymous online. Businesses, governments, and even hackers have plenty of ways to find and track you. Whether this is through cookies, malware, or tracking your email address, real name, or photos across sites, there are plenty of ways to gather data about you. A newer, more complete technique is called browser fingerprinting. This way of online tracking might just be one of the more invasive ones so far.


What is Browser Fingerprinting?

Browser fingerprinting iconBrowser fingerprinting is a way for websites and other online trackers to assign a unique profile (or “fingerprint”) to you in order to track you across the web.

This fingerprint consists of different kinds of information, such as your screen resolution, graphics card, and plugins. These details might not seem revealing, but when you combine enough specific data points, it’s possible to create a unique profile on any user and use that to follow them across the web. As a result, browser fingerprinting allows others to collect data about your internet behavior, patterns, and interests, to be used for advertising or other purposes.

Usually, a VPN can keep you anonymous online because it masks (changes) your IP address. However, a VPN doesn’t hide every detail about your device and browser. For instance, you still pass on which operating system you use, what screen resolution you have, and what fonts you have installed on your device. This means that, even without your real IP address, browser fingerprinting can identify and track you through user-specific browser data.

Browser fingerprinters are sometimes called “cookieless monsters,” because they don’t have to be installed on your computer or in your browser. They will recognize you without implanting anything. The method of fingerprinting is more detailed than cookies are, does not have to be installed, and cannot be deleted. The worst news for privacy-minded people is that there isn’t one fixed solution to prevent it as of yet.


How Does Browser Fingerprinting Work?

Infographic showing how does browser fingerprinting work

Browser fingerprinting usually happens through a simple three-step process:

  1. Trackers identify details about you, like your browser extensions, used fonts, and screen resolution.
  2. Based on this set of details, they assign a code that becomes your browser fingerprint.
  3. Websites use this code to add more identifiers to you and invade your privacy.

The more time you spend on the internet, the more information websites can add to your fingerprint, and the more detailed it gets. This, in turn, also makes it easier to track you.

Data collected in a browser fingerprint

There are countless data points that might be used in these fingerprints. Websites can ask web browsers to reveal an absurd amount of data about your browser and device.

These details include your:

  • Operating system
  • Screen resolution
  • Used fonts
  • Installed extensions or plugins
  • Graphics card
  • Latest updates
  • WebGL and WebRTC data
  • APIs
  • System uptime

The list doesn’t end there. Any identifier that might be of worth, down to the language of your browser and system and your chosen timezone, can be used.

Computers are complex and have countless different settings, programs, hardware elements, firmware, updates, settings, and preferences. Browser fingerprinting takes note of this, gathering enough information about any user until it has a unique combination of details that make one identifiable online. This means that almost every single user can be uniquely identified.

Browser fingerprinting might reveal your identity

Unique code browser fingerprint iconThe details we explored above do not directly reveal who you are. Instead, a browser fingerprint is usually a unique fingerprint code. You have one right now, even if you might not know what it is.

A browser fingerprint might look something like this:

cd1df51c8e2cfa514dfd8b59de2ed757

This string of letters and numbers does not say anything specifically about you, but is used as an identifier instead. It is a way for sites to recognize you when you come and go, and store information about what you look at, what kind of content you like, and so on. This information is then constantly added to your browser fingerprint.

Since your browser fingerprint is constantly growing, the chances of your identity eventually being added to it are very big. This might happen when you log into a website that contains your personal information, such as Gmail or Facebook. Once a website sees that, it can assign your name to your fingerprint.


Different Browser Fingerprinting Techniques and Tracking Methods

Since browser fingerprinting happens with so many different data points, there are a lot of other tracking techniques involved in it. On top of that, closely related processes, such as device or audio fingerprinting, are also used. We’ll be discussing all of those different tracking methods and their connection to browser fingerprinting below.

Cookies

Difference between browser fingerprinting and cookies iconDespite browser fingerprints being called “cookieless monsters,” cookies are an integral part of browser fingerprinting.

Cookies are small text files stored on your computer that provide websites with details about your browser and device. On the one hand, this is very useful, as it makes the sites you visit load faster and helps you enjoy browsing the web effectively.

On the other hand, cookies can store sensitive data, like the online stores you visited and the products you looked at. This information can easily be added to your browser fingerprint, making you less anonymous and easier to track online. Often, this information is even passed along to advertisers. That’s why you might see ads for a new PC right after you checked out a discounted gaming set-up you’ve been thinking of buying.

Canvas and WebGL fingerprinting

Canvas and WebGL fingerprinting iconLike cookies, canvas and WebGL data can also be used to add to your digital fingerprint.

Canvas fingerprinting is a technique that uses modern HTML5 code to access your data. This snippet of code inside HTML5’s canvas element observes how your browser interacts with site content.

This is how that might work: when you visit a website, your device receives a copy of the page you’re loading. On your end, this image will be rendered to fit your screen’s capabilities and resolution. The specific way in which that rendering happens, reveals information about your device, which this snippet of code stores.

WebGL fingerprinting is very similar to canvas fingerprinting. The only difference is that it works with JavaScript elements instead of HTML5 code.

Device fingerprinting

Device fingerprinting iconDevice fingerprinting is very similar to browser fingerprinting, but often happens on different kinds of devices. As you might have guessed, the main difference between the two is that a device fingerprint will store data about your device, not your browser. This includes data points such as:

  • MAC addresses
  • Serial numbers (for Android)
  • Device time zones
  • Hardware specs

Device fingerprinting is much more common for mobile devices, which don’t use browser apps as much as most desktop users do.

Audio fingerprinting

Audio fingerprinting iconAudio fingerprinting is another technique used to create your fingerprint. In theory, it’s pretty similar to canvas fingerprinting, just focused on data related to audio.

We’re so used to listening to music on our phones and watching YouTube videos on our desktops that we might forget just how complicated audio really is. To replicate it, digital devices use a suite of codecs, drivers, and hardware. All of these leave a mark. Audio fingerprinting takes note of your device’s specific way of replicating sound.


What Does Your Browser Fingerprint Look Like?

You might wonder what your digital fingerprint looks like, and what kind of information websites can obtain about you. Use the tool below to see exactly what we (and other websites) can find out about you.

Our tool gives an indication of the kind of information that’s currently leaking from your browser. Would you like to know more? There are sites that let you analyze your browser fingerprints in excruciating detail.

A good place to start is Am I Unique. This tool won’t just show you the leaking information, but will also provide you with a similarity ratio. The higher this number, the less unique your fingerprint is. We’ll dive more into this later, when we discuss how you can combat browser fingerprinting.

Some other websites that will give you a better idea of your browser fingerprint are:

When trying these tests, you might get different results. Some tools might be unable to identify your browser fingerprint, while others paint a scarily accurate picture of you and your online habits. This just goes to show that there are many different techniques to fingerprint your browser, making it nearly impossible to fool every single metric.


Why is Browser Fingerprinting a Problem?

Browser fingerprinting problem icon

The main goal of browser fingerprinting is to gather your data and identify you on the internet. A big problem, aside from the fact that this is an invasion of privacy, is the fact that it gives third parties sensitive data about you.

Here is a small list of the entities that can get data from your browser fingerprint:

  • Big-tech companies, such as Facebook and Google (as well as their advertising customers)
  • Governments, including oppressive regimes
  • Hackers
  • Stalkers

The harsh reality is this: browser fingerprinting makes it easy for your data to end up in the wrong hands.

Whether you want to investigate controversial subjects, state unpopular opinions, or simply be left alone online, you have to consider that others might be tracking your every move.

Current European Union online privacy guidelines stipulate that citizens have to be informed about online tracking methods employed on websites. In fact, they have to actively consent or “opt in” before such tracking takes place. Browser fingerprinting is a major disregard of this privacy guideline.

The advantage of browser fingerprinting

We should add that browser fingerprinting doesn’t always have malicious purposes. One big plus of browser fingerprinting is that it helps with responsiveness and improves your browsing experience: your browser is programmed to pass along information to websites so they can be accurately loaded. This is why you’re sent straight to the mobile version of a website when you’re on your smartphone, for example.

Even so, the sheer amount of data that’s gathered about you on a daily basis makes it all the more important to be aware of this practice and stop it where you can.


How to Stop Browser Fingerprinting

Since browser fingerprinting is done in so many ways and is so invasive, there isn’t much you can do to stop it completely. However, you can make it harder for companies to fingerprint you. Here are some ways in which you can provide yourself with browser fingerprinting protection:

Infographic showing steps on how to stop browser fingerprinting

1. Disappear into the crowd

Browser fingerprinting depends on collecting as many unique data points as possible in order to be able to pick you out from the crowd. The best way to combat this is to make sure you don’t have as many of those unique data points to begin with.

Using the most popular operating systems, browsers, timezones, and languages will already give you a headstart. According to AmIUnique.org, these are the most common ones of this moment:

  • OS: Windows
  • Browser: Chrome
  • Timezone: UTC+0
  • Language: English

You can use this information as well as data you find when studying your current fingerprint (especially the similarity ratio) in order to create a profile that is more common. When it comes to browser fingerprinting, the best thing to do is strive to be average.

2. Disable JavaScript (and Flash)

WebGL works with JavaScript, allowing you to see all kinds of complex elements on websites. Think of videos, animations, drop-down menus, and interactive maps. Similarly, Flash helped users play videos on websites, although it has since been discontinued.

Both JavaScript and Flash can reveal a lot of information about you. Turning these scripts off is an effective way to prevent some browser fingerprinting techniques. However, you will be sacrificing user experience: websites might no longer work as well as you’re used to and interactive elements might not appear at all.

Disabling JavaScript works differently depending on the browser and device you use. Here’s how to turn it off in Chrome, the most popular browser:

  1. Open Google Chrome and click on the three dots in the top right corner.
  2. Click on “Settings.”
  3. Go to “Privacy and Security” on the left-hand side of your screen.
  4. Click on “Site Settings” to open up this section.
  5. Scroll down to “JavaScript” and click on it.
  6. Click the option “Don’t allow sites to use Javascript” to select this section.

For most other browsers, you’ll have to follow similar steps. Go to your browser’s settings and search for JavaScript, then turn it off.

3. Use multiple browsers

Part of your digital fingerprint consists of data on the browser you use. You can actually use this to your advantage by using different browsers for different activities. That way, each browser has a unique fingerprint, which cannot be linked to your other internet use.

You might, for example, separate your download activities from your social media behavior, or your personal online life from your activities while working from home. By doing this, browser fingerprinters will have a lot more trouble getting the full picture of your online activities. Just make sure you stay consistent and know exactly which browser to use at which moment.

4. Don’t log into any personal accounts

The moment you log into a personally identifiable account in your browser, your identity can become part of your browser fingerprint. This goes for Facebook, Twitter, Google, and any other platforms where you’ve included personal information about yourself.

Of course, chances are you don’t intend to delete yourself off the internet completely and get rid of these accounts. Even then, making sure that you only log in when using a specific browser for that purpose (see our previous tip) will help combat invasive browser fingerprinting.

5. Choose a privacy-minded browser

There are a lot of browsers, like Google Chrome, that follow you all over the internet and take part in invasive tracking methods. This is why choosing the right browser can make a big difference, too.

Both the Tor browser and Brave are good options if you want a browser that cares about your privacy. Another great option is Firefox. This browser is a much more popular option and offers plenty of security and privacy settings to make Firefox more anonymous. On top of that, since Firefox is the second most used browser of this moment, using it will even help you blend in with the crowds.

A combination of these browsers will give you the best fighting chance against browser fingerprinting. You might, for example, use Firefox for your socials, Brave for your job, and Tor for reading up on world news.

6. Use privacy-oriented plugins and extensions

The extensions you add to your browser, add to your browser fingerprint, too. They might pass sensitive data along to third parties, for example. However, downloading the right extensions will help you mitigate the impact of browser fingerprinting scripts.

Some great privacy-minded browser extensions are:

  • uBlock Origin (adblocker)
  • Privacy Badger (blocks invisible trackers)
  • Cookie AutoDelete (deletes cookies)
  • Canvas Fingerprint Defender (randomizes your canvas fingerprint)

Check out our list of the best browser extensions for your privacy for more information about these and other useful plugins.

While downloading and using your extensions, also keep in mind the following tips:

  • Don’t download too many extensions. A few essential ones should be more than enough. It’s good practice to regularly check all downloaded extensions in your browser and delete the ones you no longer use.
  • Opt for generic settings within the plugins and extensions. This way your browser and device will “blend in” much more.
  • Use extensions that generate and send randomized data. This is a great way to confuse browser fingerprinters and stay more anonymous. The plugin Canvas Fingerprint Defender mentioned above does exactly this.

7. Consider running virtual machines on your PC

If you’re really keen on avoiding tracking and browsing fingerprinting, there’s another technique you can use: a virtual machine. However, we’d only recommend this to the more experienced internet user.

Virtual machines are another way to greatly fragment your internet traffic and make it more difficult for browser fingerprinters to track you. A popular virtual machine used all over the world is Oracle’s VirtualBox.


Don’t Forget to Use A VPN

Connect to the Dark Web with a VPN iconBrowser fingerprinting makes it harder to stay anonymous, even when you use a VPN. However, the existence of this kind of invasive tracking does not mean you should make it easier for other, more basic, trackers to follow you. Hiding your IP address and encrypting your internet traffic is still a valid and important part of protecting your online safety and anonymity.

In that regard, using a VPN is still the best way to hide your IP address. A Virtual Private Network will route your internet traffic through its own servers before sending it to the sites you’re visiting. This way, the IP address third parties see is the IP address of the VPN server.

If you’re worried about browser fingerprinting and online privacy, the best plan of attack is to use a VPN in combination with the anti-browser fingerprinting tips above. Not sure which VPN to use? We recommend NordVPN, since it offers excellent security, as well as a threat protection feature that blocks ads and protects you against malware. Check our full NordVPN review for the full list of features, deals, and test results.

NordVPN
Our choice
Deal Save big with 69% off a two-year subscription + three months free!
From
$ 2.99
9.3
  • Fast and large worldwide network of VPN servers
  • Perfect for privacy and streaming
  • Trusted by many, with over 14 million users
Visit NordVPN

Final Thoughts

Browser fingerprinting is a huge privacy concern, because it collects and stores sensitive data about you, and there’s not much you can do to stop it. However, it is definitely possible to trick fingerprinters in a way that makes you more anonymous on the internet.

If you blend in with other internet users, use the right browser extensions, and fragment your fingerprint by using different (privacy-minded) browsers or virtual machines, you’re already well on your way to a more private internet experience. Of course, for a good basis, we also strongly recommend using a VPN.

There is no way to permanently stop browser fingerprinting at this moment, but that doesn’t mean you have to give in to tracking!

Browser Fingerprinting: Frequently Asked Questions

Browser fingerprinting is a complicated topic. For a rundown of the most commonly asked questions on it, read the FAQ section below.

What is browser fingerprinting?

Browser fingerprinting is a technique used by websites to track online users. Whenever you load a page, trackers will assign a code to your browser, and constantly add details about you to that code. These details include information about your operating system, screen resolution, or even hardware.

To find out more about how this works and how you can prevent it, read our full guide to browser fingerprinting.

How can I bypass browser fingerprinting?

Unfortunately, there’s no way to completely stop browser fingerprinting. It’s an “unavoidable evil” of browsing the internet. However, you can take some steps to mitigate how much information companies get about you through browser fingerprinting:

  1. Use common operating systems, browsers, and settings.
  2. Disable JavaScript.
  3. Use multiple, privacy-minded browsers.
  4. Don’t log into personal accounts.
  5. Download privacy-oriented browser extensions.

For more tips and information, read our full browser fingerprinting guide.

How do I check browser fingerprinting?

Browser fingerprinting is very complex, and there are many ways to track it. That’s why it’s impossible to know 100% what each tracker has stored about you. There are various tools that can help you get a general idea of your fingerprint, like this browser leak tool and platforms like Am I Unique.

Can you prevent browser fingerprinting?

Yes, you can prevent some parts of browser fingerprinting. For example, if you use a VPN, online trackers won’t be able to store your IP address along with other details about your online activity. Similarly, disabling JavaScript will keep important details about your system and settings from trackers. If you want to find out more about mitigating the negative impacts of invasive tracking, read our guide on browser fingerprinting.

Is browser fingerprinting legal?

Since it doesn’t (directly) store personally identifiable information, browser fingerprinting isn’t regulated by the GDPR. No other data protection piece of legislation fights against it. So yes, for the moment at least, browser fingerprinting is legal.

Leave a comment

3
comments
  1. Georges

    Thank you Theodor for this very interesting article.
    What do you think of "anti-detect browsers"? Those paid solutions can really protect us from browser fingerprints as they advertise?

    • Kat Oran VPNOverview.com

      Hello Georges! Thank you for the comment and the kind words. From my limited understanding, anti-detect browsers can really protect you from browser fingerprinting, at least to some extent. But I don’t know if they’re worth it. You can get a similar effect by using different browsers. Websites might still be able to piece together some data about your device that way, but if you use privacy-minded browsers like Tor you should be fine.

  2. Richard

    Another good website that shows information that could be used for fingerprinting:
    https://www.deviceinfo.me

Leave a comment