What Is Browser Fingerprinting?

Browser fingerprinting (also called device fingerprinting or online fingerprinting) refers to tracking techniques that websites use to collect information about you. Modern website functions require the use of scripts - sets of instructions that tell your browser what to do. Working silently in the background, scripts can identify lots of information about your device and browser that, when stitched together, forms your unique online 'fingerprint.' This fingerprint can then be traced back to you across the internet and different browsing sessions.

What exactly can scripts find out? They can determine a lot about the device you're using, such as its operating system, your browser, the software installed on your device, what timezone you're in, which language you're reading in, whether you use an ad blocker, your screen's resolution and color depth, all the browser extensions you've installed, and even more granular technical specifications about your graphics card, drivers, and more.

Imagine you want to identify a person in a crowd: you can do so by listing their attributes and other defining features. For example, you could describe someone as a woman with long blond hair, a red shirt with a white collar, a grey skirt, black shoes, red lipstick, etc. With enough attributes, it's easy to identify this woman, even in a crowd of other people.

Similarly, browser fingerprinting provides enough specific attributes about your device and its settings that you can be reliably identified out of a crowd, even the extremely large crowd of millions of internet users and billions of devices. In fact, device fingerprinting can identify users with 90 to 99% accuracy.

How does browser fingerprinting work?

Every time you visit a website, your browser has to provide the hosting server with a certain amount of essential information to ensure the website works properly for your individual machine.

These pieces of information could include device model and spec, language and keyboard layout, location, time zone, installed hardware, software versions, and much more.

Individually, these settings and configurations might seem innocuous - and they are. But when put together, they can create a unique combination or "fingerprint".

Considering the number of connected devices worldwide (projected to hit 38.6 billion in 2025), browser fingerprinting can be surprisingly accurate. This study, for example, found that 83.6% of tested browsers were unique.

What is browser fingerprinting used for?

Browser fingerprinting is mainly used for web tracking. It's a more secretive way to track people than simply using tracking cookies, which require consent. But what do companies do with the information they collect? The large majority use this data to advertise to you and personalize your experience online.

It can be used to identify the characteristics of botnets to help prevent DDoS attacks. Fingerprinting can also help to identify fraud and other suspicious activity. Banks use browser fingerprinting to detect potential identity theft and banking fraud.

How to prevent browser fingerprinting?

Without sophisticated tools, browser fingerprinting is extremely difficult to avoid. The normal privacy tricks - like using private browsing or Incognito mode, cleaning your cookies or search history, or using an ad blocker or a VPN - can't prevent browser fingerprinting. In fact, it's such an insidious and pervasive tracking technique that even if you use all of the privacy tactics we just mentioned, your unique fingerprint is still identifiable.

But don't despair - there are ways to fight back against online fingerprinting. While it's impossible to shut off the website scripts that collect your personal data, because websites wouldn't work without them, you can confuse the scripts by using two techniques: generalization and randomization.

  • Generalization refers to manipulating browser API results to make you seem generic. In other words, it masks your unique attributes and helps you blend in with the crowd.
  • Randomization changes your attributes periodically so that your fingerprint is constantly changing and you can't be reliably identified.

But how can the average person use generalization and randomization to hide? You'll need to rely on a tool or service to do it for you. The option is to use a browser that offers built-in anti-fingerprinting protection.