With browser fingerprinting, websites assign a code to your browser and use that to compile information about you, like your browser type, extension versions, and screen resolution.
Unfortunately, there’s no way to completely prevent browser fingerprinting. But you can mitigate its impact by following these tips:
- Use common systems, software, and settings.
- Switch between multiple browsers.
- Don’t log into any accounts with personally identifiable data.
- Choose a privacy-minded browser like Tor and Brave.
- Download privacy-minded plugins and extensions.
- Consider running virtual machines on your PC.
Finally, we recommend using a VPN (Virtual Private Network). A VPN won’t stop browser fingerprinting, but it can prevent your IP address from falling in the wrong hands. NordVPN is a great option.
It can be very difficult to remain anonymous online. Businesses, governments, and even hackers have plenty of ways to find and track you. Whether this is through cookies, malware, or tracking your email address, real name, or photos across sites, there are plenty of ways to gather data about you. A newer, more complete technique is called browser fingerprinting. This way of online tracking might just be one of the more invasive ones so far.
What is Browser Fingerprinting?
Browser fingerprinting is a way for websites and other online trackers to assign a unique profile (or “fingerprint”) to you in order to track you across the web.
This fingerprint consists of different kinds of information, such as your screen resolution, graphics card, and plugins. These details might not seem revealing, but when you combine enough specific data points, it’s possible to create a unique profile on any user and use that to follow them across the web. As a result, browser fingerprinting allows others to collect data about your internet behavior, patterns, and interests, to be used for advertising or other purposes.
Usually, a VPN can keep you anonymous online because it masks (changes) your IP address. However, a VPN doesn’t hide every detail about your device and browser. For instance, you still pass on which operating system you use, what screen resolution you have, and what fonts you have installed on your device. This means that, even without your real IP address, browser fingerprinting can identify and track you through user-specific browser data.
Browser fingerprinters are sometimes called “cookieless monsters,” because they don’t have to be installed on your computer or in your browser. They will recognize you without implanting anything. The method of fingerprinting is more detailed than cookies are, does not have to be installed, and cannot be deleted. The worst news for privacy-minded people is that there isn’t one fixed solution to prevent it as of yet.
How Does Browser Fingerprinting Work?
Browser fingerprinting usually happens through a simple three-step process:
- Trackers identify details about you, like your browser extensions, used fonts, and screen resolution.
- Based on this set of details, they assign a code that becomes your browser fingerprint.
- Websites use this code to add more identifiers to you and invade your privacy.
The more time you spend on the internet, the more information websites can add to your fingerprint, and the more detailed it gets. This, in turn, also makes it easier to track you.
Data collected in a browser fingerprint
There are countless data points that might be used in these fingerprints. Websites can ask web browsers to reveal an absurd amount of data about your browser and device.
These details include your:
- Operating system
- Screen resolution
- Used fonts
- Installed extensions or plugins
- Graphics card
- Latest updates
- WebGL and WebRTC data
- System uptime
The list doesn’t end there. Any identifier that might be of worth, down to the language of your browser and system and your chosen timezone, can be used.
Computers are complex and have countless different settings, programs, hardware elements, firmware, updates, settings, and preferences. Browser fingerprinting takes note of this, gathering enough information about any user until it has a unique combination of details that make one identifiable online. This means that almost every single user can be uniquely identified.
Browser fingerprinting might reveal your identity
The details we explored above do not directly reveal who you are. Instead, a browser fingerprint is usually a unique fingerprint code. You have one right now, even if you might not know what it is.
A browser fingerprint might look something like this:
This string of letters and numbers does not say anything specifically about you, but is used as an identifier instead. It is a way for sites to recognize you when you come and go, and store information about what you look at, what kind of content you like, and so on. This information is then constantly added to your browser fingerprint.
Since your browser fingerprint is constantly growing, the chances of your identity eventually being added to it are very big. This might happen when you log into a website that contains your personal information, such as Gmail or Facebook. Once a website sees that, it can assign your name to your fingerprint.
Different Browser Fingerprinting Techniques and Tracking Methods
Since browser fingerprinting happens with so many different data points, there are a lot of other tracking techniques involved in it. On top of that, closely related processes, such as device or audio fingerprinting, are also used. We’ll be discussing all of those different tracking methods and their connection to browser fingerprinting below.
Despite browser fingerprints being called “cookieless monsters,” cookies are an integral part of browser fingerprinting.
Cookies are small text files stored on your computer that provide websites with details about your browser and device. On the one hand, this is very useful, as it makes the sites you visit load faster and helps you enjoy browsing the web effectively.
On the other hand, cookies can store sensitive data, like the online stores you visited and the products you looked at. This information can easily be added to your browser fingerprint, making you less anonymous and easier to track online. Often, this information is even passed along to advertisers. That’s why you might see ads for a new PC right after you checked out a discounted gaming set-up you’ve been thinking of buying.
Canvas and WebGL fingerprinting
Like cookies, canvas and WebGL data can also be used to add to your digital fingerprint.
Canvas fingerprinting is a technique that uses modern HTML5 code to access your data. This snippet of code inside HTML5’s canvas element observes how your browser interacts with site content.
This is how that might work: when you visit a website, your device receives a copy of the page you’re loading. On your end, this image will be rendered to fit your screen’s capabilities and resolution. The specific way in which that rendering happens, reveals information about your device, which this snippet of code stores.
Device fingerprinting is very similar to browser fingerprinting, but often happens on different kinds of devices. As you might have guessed, the main difference between the two is that a device fingerprint will store data about your device, not your browser. This includes data points such as:
- MAC addresses
- Serial numbers (for Android)
- Device time zones
- Hardware specs
Device fingerprinting is much more common for mobile devices, which don’t use browser apps as much as most desktop users do.
Audio fingerprinting is another technique used to create your fingerprint. In theory, it’s pretty similar to canvas fingerprinting, just focused on data related to audio.
We’re so used to listening to music on our phones and watching YouTube videos on our desktops that we might forget just how complicated audio really is. To replicate it, digital devices use a suite of codecs, drivers, and hardware. All of these leave a mark. Audio fingerprinting takes note of your device’s specific way of replicating sound.
What Does Your Browser Fingerprint Look Like?
You might wonder what your digital fingerprint looks like, and what kind of information websites can obtain about you. Use the tool below to see exactly what we (and other websites) can find out about you.
Our tool gives an indication of the kind of information that’s currently leaking from your browser. Would you like to know more? There are sites that let you analyze your browser fingerprints in excruciating detail.
A good place to start is Am I Unique. This tool won’t just show you the leaking information, but will also provide you with a similarity ratio. The higher this number, the less unique your fingerprint is. We’ll dive more into this later, when we discuss how you can combat browser fingerprinting.
Some other websites that will give you a better idea of your browser fingerprint are:
When trying these tests, you might get different results. Some tools might be unable to identify your browser fingerprint, while others paint a scarily accurate picture of you and your online habits. This just goes to show that there are many different techniques to fingerprint your browser, making it nearly impossible to fool every single metric.
Why is Browser Fingerprinting a Problem?
The main goal of browser fingerprinting is to gather your data and identify you on the internet. A big problem, aside from the fact that this is an invasion of privacy, is the fact that it gives third parties sensitive data about you.
Here is a small list of the entities that can get data from your browser fingerprint:
- Big-tech companies, such as Facebook and Google (as well as their advertising customers)
- Governments, including oppressive regimes
The harsh reality is this: browser fingerprinting makes it easy for your data to end up in the wrong hands.
Whether you want to investigate controversial subjects, state unpopular opinions, or simply be left alone online, you have to consider that others might be tracking your every move.
Current European Union online privacy guidelines stipulate that citizens have to be informed about online tracking methods employed on websites. In fact, they have to actively consent or “opt in” before such tracking takes place. Browser fingerprinting is a major disregard of this privacy guideline.
The advantage of browser fingerprinting
We should add that browser fingerprinting doesn’t always have malicious purposes. One big plus of browser fingerprinting is that it helps with responsiveness and improves your browsing experience: your browser is programmed to pass along information to websites so they can be accurately loaded. This is why you’re sent straight to the mobile version of a website when you’re on your smartphone, for example.
Even so, the sheer amount of data that’s gathered about you on a daily basis makes it all the more important to be aware of this practice and stop it where you can.
How to Stop Browser Fingerprinting
Since browser fingerprinting is done in so many ways and is so invasive, there isn’t much you can do to stop it completely. However, you can make it harder for companies to fingerprint you. Here are some ways in which you can provide yourself with browser fingerprinting protection:
1. Disappear into the crowd
Browser fingerprinting depends on collecting as many unique data points as possible in order to be able to pick you out from the crowd. The best way to combat this is to make sure you don’t have as many of those unique data points to begin with.
Using the most popular operating systems, browsers, timezones, and languages will already give you a headstart. According to AmIUnique.org, these are the most common ones of this moment:
- OS: Windows
- Browser: Chrome
- Timezone: UTC+0
- Language: English
You can use this information as well as data you find when studying your current fingerprint (especially the similarity ratio) in order to create a profile that is more common. When it comes to browser fingerprinting, the best thing to do is strive to be average.
- Open Google Chrome and click on the three dots in the top right corner.
- Click on “Settings.”
- Go to “Privacy and Security” on the left-hand side of your screen.
- Click on “Site Settings” to open up this section.
3. Use multiple browsers
Part of your digital fingerprint consists of data on the browser you use. You can actually use this to your advantage by using different browsers for different activities. That way, each browser has a unique fingerprint, which cannot be linked to your other internet use.
You might, for example, separate your download activities from your social media behavior, or your personal online life from your activities while working from home. By doing this, browser fingerprinters will have a lot more trouble getting the full picture of your online activities. Just make sure you stay consistent and know exactly which browser to use at which moment.
4. Don’t log into any personal accounts
The moment you log into a personally identifiable account in your browser, your identity can become part of your browser fingerprint. This goes for Facebook, Twitter, Google, and any other platforms where you’ve included personal information about yourself.
Of course, chances are you don’t intend to delete yourself off the internet completely and get rid of these accounts. Even then, making sure that you only log in when using a specific browser for that purpose (see our previous tip) will help combat invasive browser fingerprinting.
5. Choose a privacy-minded browser
There are a lot of browsers, like Google Chrome, that follow you all over the internet and take part in invasive tracking methods. This is why choosing the right browser can make a big difference, too.
Both the Tor browser and Brave are good options if you want a browser that cares about your privacy. Another great option is Firefox. This browser is a much more popular option and offers plenty of security and privacy settings to make Firefox more anonymous. On top of that, since Firefox is the second most used browser of this moment, using it will even help you blend in with the crowds.
A combination of these browsers will give you the best fighting chance against browser fingerprinting. You might, for example, use Firefox for your socials, Brave for your job, and Tor for reading up on world news.
6. Use privacy-oriented plugins and extensions
The extensions you add to your browser, add to your browser fingerprint, too. They might pass sensitive data along to third parties, for example. However, downloading the right extensions will help you mitigate the impact of browser fingerprinting scripts.
Some great privacy-minded browser extensions are:
- uBlock Origin (adblocker)
- Privacy Badger (blocks invisible trackers)
- Cookie AutoDelete (deletes cookies)
- Canvas Fingerprint Defender (randomizes your canvas fingerprint)
Check out our list of the best browser extensions for your privacy for more information about these and other useful plugins.
While downloading and using your extensions, also keep in mind the following tips:
- Don’t download too many extensions. A few essential ones should be more than enough. It’s good practice to regularly check all downloaded extensions in your browser and delete the ones you no longer use.
- Opt for generic settings within the plugins and extensions. This way your browser and device will “blend in” much more.
- Use extensions that generate and send randomized data. This is a great way to confuse browser fingerprinters and stay more anonymous. The plugin Canvas Fingerprint Defender mentioned above does exactly this.
7. Consider running virtual machines on your PC
If you’re really keen on avoiding tracking and browsing fingerprinting, there’s another technique you can use: a virtual machine. However, we’d only recommend this to the more experienced internet user.
Virtual machines are another way to greatly fragment your internet traffic and make it more difficult for browser fingerprinters to track you. A popular virtual machine used all over the world is Oracle’s VirtualBox.
Don’t Forget to Use A VPN
Browser fingerprinting makes it harder to stay anonymous, even when you use a VPN. However, the existence of this kind of invasive tracking does not mean you should make it easier for other, more basic, trackers to follow you. Hiding your IP address and encrypting your internet traffic is still a valid and important part of protecting your online safety and anonymity.
In that regard, using a VPN is still the best way to hide your IP address. A Virtual Private Network will route your internet traffic through its own servers before sending it to the sites you’re visiting. This way, the IP address third parties see is the IP address of the VPN server.
If you’re worried about browser fingerprinting and online privacy, the best plan of attack is to use a VPN in combination with the anti-browser fingerprinting tips above. Not sure which VPN to use? We recommend NordVPN, since it offers excellent security, as well as a threat protection feature that blocks ads and protects you against malware.
- Excellent protection and a large network of servers
- Nice and pleasing application
- No logs
Browser fingerprinting is a huge privacy concern, because it collects and stores sensitive data about you, and there’s not much you can do to stop it. However, it is definitely possible to trick fingerprinters in a way that makes you more anonymous on the internet.
If you blend in with other internet users, use the right browser extensions, and fragment your fingerprint by using different (privacy-minded) browsers or virtual machines, you’re already well on your way to a more private internet experience. Of course, for a good basis, we also strongly recommend using a VPN.
There is no way to permanently stop browser fingerprinting at this moment, but that doesn’t mean you have to give in to tracking!
Browser fingerprinting is a complicated topic. For a rundown of the most commonly asked questions on it, read the FAQ section below.
Browser fingerprinting is a technique used by websites to track online users. Whenever you load a page, trackers will assign a code to your browser, and constantly add details about you to that code. These details include information about your operating system, screen resolution, or even hardware.
To find out more about how this works and how you can prevent it, read our full guide to browser fingerprinting.
Unfortunately, there’s no way to completely stop browser fingerprinting. It’s an “unavoidable evil” of browsing the internet. However, you can take some steps to mitigate how much information companies get about you through browser fingerprinting:
- Use common operating systems, browsers, and settings.
- Use multiple, privacy-minded browsers.
- Don’t log into personal accounts.
- Download privacy-oriented browser extensions.
For more tips and information, read our full browser fingerprinting guide.
Browser fingerprinting is very complex, and there are many ways to track it. That’s why it’s impossible to know 100% what each tracker has stored about you. There are various tools that can help you get a general idea of your fingerprint, like this browser leak tool and platforms like Am I Unique.
Since it doesn’t (directly) store personally identifiable information, browser fingerprinting isn’t regulated by the GDPR. No other data protection piece of legislation fights against it. So yes, for the moment at least, browser fingerprinting is legal.