Browser Fingerprinting
What is Browser Fingerprinting?
Browser FingerprintingA stateless tracking technique that identifies a user by combining browser, device, and configuration attributes into a near-unique signature.
Browser fingerprinting builds a quasi-unique identifier from attributes such as user agent, screen resolution, installed fonts, time zone, language, GPU and driver details, audio stack, and behavioural traits. Unlike cookies, it is stateless: the fingerprint is recomputed on every visit, which lets trackers re-identify users across sites and survive cookie clearing or private browsing. Research tools like the EFF's Cover Your Tracks and AmIUnique show that most browsers are uniquely identifiable from only a handful of attributes. Defences include the Tor Browser's uniform fingerprint, Safari's anti-fingerprinting mode, Firefox resistFingerprinting, and reducing entropy via standardised user agents and Privacy Budget proposals.
● Examples
- 01
An ad network re-identifying a user after they clear cookies, using fonts plus WebGL hashes.
- 02
Anti-fraud script blocking a session because the fingerprint matches a known abuser.
● Frequently asked questions
What is Browser Fingerprinting?
A stateless tracking technique that identifies a user by combining browser, device, and configuration attributes into a near-unique signature. It belongs to the Privacy & Data Protection category of cybersecurity.
What does Browser Fingerprinting mean?
A stateless tracking technique that identifies a user by combining browser, device, and configuration attributes into a near-unique signature.
How does Browser Fingerprinting work?
Browser fingerprinting builds a quasi-unique identifier from attributes such as user agent, screen resolution, installed fonts, time zone, language, GPU and driver details, audio stack, and behavioural traits. Unlike cookies, it is stateless: the fingerprint is recomputed on every visit, which lets trackers re-identify users across sites and survive cookie clearing or private browsing. Research tools like the EFF's Cover Your Tracks and AmIUnique show that most browsers are uniquely identifiable from only a handful of attributes. Defences include the Tor Browser's uniform fingerprint, Safari's anti-fingerprinting mode, Firefox resistFingerprinting, and reducing entropy via standardised user agents and Privacy Budget proposals.
How do you defend against Browser Fingerprinting?
Defences for Browser Fingerprinting typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Browser Fingerprinting?
Common alternative names include: Device fingerprinting, Stateless tracking.
● Related terms
- privacy№ 142
Canvas Fingerprinting
A browser-fingerprinting technique that exploits subtle GPU and font rendering differences when drawing on an HTML canvas to identify a device.
- privacy№ 241
Cross-Site Tracking
The practice of linking a user's activity across multiple unrelated websites to build a long-lived behavioural profile.
- privacy№ 1143
Third-Party Cookie
A cookie set by a domain different from the one in the browser's address bar, historically used to track users across websites.
- privacy№ 1115
Supercookie
A persistent tracking identifier stored outside normal cookie storage, designed to survive cookie clearing and private-browsing mode.
● See also
- № 1231WebRTC IP Leak
- № 1166Tracking Pixel