In order to protect themselves from fraud and other types of malicious attacks, many websites employ what’s called browser fingerprinting. Browser fingerprinting collects data about your web browsers to create a unique digital fingerprint. However, your fingerprint can also facilitate online tracking. This article will discuss the best methods for browser fingerprinting protection.
Key Takeaways: Browser Fingerprints Explained
- Websites collect information about your browser and hardware configuration, and compile it into a unique identifier called a browser fingerprint.
- Although websites need that identifier for certain functions, your browser fingerprint contains a lot of sensitive data.
- If you want to keep websites from fingerprinting you, you can use a privacy-focused browser, install protective browser extensions or use a VPN.
Your browser fingerprint can contain all sorts of sensitive personal information that data brokers can use to identify you and subsequently sell your profile to advertisers, government surveillance agencies or hackers.
Our private browsing guide will explain how browser fingerprinting works, what data it collects and how you can protect yourself using simple measures, like using a VPN or browser extensions.
Yes, any browser can be fingerprinted, unless you’re using a VPN or employing another technique for fingerprinting prevention.
Chrome doesn’t have any fingerprinting protection by default, though you can install browser extensions that block canvas fingerprinting and other forms of data collection.
Browser fingerprinting is necessary for some website functionality, though it’s a bit of a double-edged sword, as it can be used to track you online.
A VPN prevents browser fingerprinting by encrypting your internet traffic, including your browser traffic, and routing it through a VPN server. Because the website sees the traffic as if it’s coming from the VPN server, it can’t fingerprint your device.
Browser Fingerprinting Protection Basics: What Is Browser Fingerprinting?
Browser fingerprinting is one of many popular tracking techniques, known collectively as device fingerprinting. In brief, websites collect data about your browser’s unique configuration to help differentiate you from other users, compiling that data into a browser fingerprint.
Your browser fingerprint can hold a lot of sensitive data, including:
- A user agent string that identifies your browser type and version, operating system type and version, and device type (mobile or desktop)
- Screen resolution, screen size and color depth
- Time zone and language
- Browser cookies, including login information
- WebGL and canvas information, including installed fonts and plugins, browser settings and graphics card drivers
- Network information, including your IP address and DNS server
- Battery and charging status
Websites might need this data for several reasons, the first of which is detecting suspicious activity, such as fraud and account hijacking. Creating a unique identifier for each user can prevent them from using multiple accounts to exploit the website, and it can also stop someone else from hijacking your account if they discover your login info.
Note that browser fingerprint data is usually part of a larger data profile called a device fingerprint, which includes a lot more data, such as your specific hardware configuration.
Device fingerprinting techniques include audio fingerprinting, user behavior tracking and even machine learning tracking. This digital fingerprinting data can be used to identify you as an individual and thus poses some privacy concerns.
How Does Browser Fingerprinting Work?
That fingerprint can then be used to provide you with certain services, protect the website and user against fraud, and for statistical analysis. It can also be used to track a user across multiple sites, devices and browsing sessions in order to provide a consistent experience, preserving your preferences or tracking your progress.
Why Is Browser Fingerprinting a Privacy Concern
Like any other type of data harvesting, browser fingerprinting can pose a potential threat to your privacy. Because it stores multiple data points, data brokers can use your browser fingerprint to check for matches in their pools of anonymized data, de-anonymizing that data and identifying you personally. This data can be surprisingly accurate.
In combination with that other data, your browser fingerprint can then be used to track your online activity or for surveillance and targeted advertising. Even worse, you could fall victim to cyberstalking or identity theft. You might even face discrimination based on your gender, race, age, political beliefs or economic status if a website uses your browser fingerprint to uniquely identify you and deny you service.
How to Disable Browser Fingerprinting
Most modern browsers have some form of built-in anti-fingerprinting features or other privacy measures, at least to a degree. Keep in mind that most of the browsers below share certain privacy features.
Below, we’ll discuss features that block fingerprinting specifically, and how you can enable these features in some of the most popular browsers.
1. Google Chrome
Google isn’t known for respecting the privacy of its users, so it’s no surprise that its Google Chrome browser doesn’t offer any built-in methods to block fingerprinting, apart from blocking cookies. Thankfully, you can still protect yourself using a few methods we’ll talk about in the segment about advanced privacy techniques.
2. Apple Safari
Apple’s Safari browser is surprisingly privacy-friendly. Besides letting you easily prevent websites from tracking you, it also obscures your Mac’s hardware configuration, making it seem more generic to anyone trying to create a device fingerprint.
You can prevent tracking by going into Safari’s privacy settings and selecting the option “prevent cross-site tracking.”
3. Microsoft Edge
Despite being a Microsoft product, Edge was built with privacy in mind. If you access its privacy settings, it lets you choose between three levels of tracking prevention, the strictest of which might disable some website features. You can also see a list of blocked trackers and an allowlist that lets you choose to let certain trackers through.
4. Mozilla Firefox
Mozilla Firefox has always been seen as a more secure alternative to Chrome, and diving into its privacy settings instantly reveals why. Its “enhanced tracking prevention” lets you block cross-site cookies, trackers, fingerprinters and even crypto miners.
There are two default protection levels, and, like in Edge, the stricter one will break a few website elements. There’s also a third custom option that lets you choose exactly what types of cookies to block and whether to apply that protection to all windows, or private ones only.
5. Opera Browser
Opera might not be the best or most popular browser, but it comes with some nifty privacy features, including its own ad blocker and VPN. It also lets you disable trackers. You don’t even have to go into any menus to find the option — it’s right there in the dropdown box when you click on the sandwich icon in the top-right corner.
However, Opera itself collects some data you might not be comfortable with. You need to opt out of data collection during installation, though if you provide consent, you can always revoke it from the “privacy & security” tab in the browser settings.
6. Brave Browser
Most popular among crypto enthusiasts, Brave is a privacy-focused browser that blocks trackers, fingerprinting and cross-site cookies by default. However, you can’t customize its blocking behavior globally, though you can customize it per website domain.
When you visit a website, you can click on the shield icon on the right end of the address bar. The default option is “block fingerprinting,” though you can change it to “aggressively block fingerprinting” (might break some website features), and there’s also an option to block scripts.
Advanced Browser Fingerprint Protection
Using privacy-focused browsers can only get you so far. Luckily, there are privacy tools out there for IP address and browser fingerprinting spoofing. Plus, most browsers let you disable certain features commonly used in browser fingerprinting, though these come with a disclaimer that disabling them might break certain features.
Install Fingerprinting Protection Browser Extensions
Canvas fingerprinting collects information about your device’s hardware. Add-ons like Canvas Fingerprint Defender and Canvas Blocker — Fingerprint Protect can block this type of fingerprinting. To test if they’re working properly, visit the BrowserLeaks website and refresh it a few times. If the extension works, you’ll see different information every time you refresh.
Use a VPN
VPNs are at the forefront of online privacy tools. They hide your IP address, encrypt your online traffic and route it through a VPN server. Because websites only see the VPN server when you interact with them, they can’t fingerprint your browser or device. Most VPNs allow you to protect multiple devices, preventing fingerprinting on all connected devices.
VPNs come in many shapes and sizes, and not all of them are completely dedicated to user privacy. You can peruse our list of the best VPNs if you need help choosing the right one for you.
Use the Tor Browser
The Tor browser is most famous for being a gateway to the deep web. It connects you to the Tor network, encrypting and rerouting your traffic along the way. Although this will definitely prevent any kind of fingerprinting, the volunteer-operated Tor network itself isn’t totally secure, as you might run into a malicious exit node.
Disable Third-party Cookies
Most modern browsers let you disable cookies to some extent. By default, they usually disable third-party cookies (those used for tracking), but you can also choose to disable all cookies. However, keep in mind that websites need certain cookies to provide basic functions, like keeping you logged in, so this might not be the best course of action to take.
Delete Your Data From Data Broker Archives
Data brokers collect a ton of data from as many sources as they can. Even if the data from one source is anonymized, they can compare it to a dataset containing identifiers, such as your browser fingerprint, to identify you and create a profile containing a large amount of accurate information about you.
They can then sell your profile to anyone that might request it, including hackers, surveillance agencies and advertisers. You can contact a data broker yourself to have your data deleted, but there are so many of them that it’s impossible to do on your own.
Thankfully, services like Surfshark’s Incogni and DeleteMe can automate that process for you. You just need to provide them your email address and some other information, and they will pester data brokers on your behalf until they delete your personal data, including your browser fingerprint.
Websites use browser fingerprinting for a plethora of reasons, but browser fingerprints can also be used to track you without your consent. Despite having their legitimate uses, they can pose an online privacy risk, and incognito mode won’t save you. Thankfully, preventing browser fingerprinting can be as easy as installing a browser extension, or better yet, using a VPN.
How do you feel about browser fingerprinting? Are you concerned about the amount of information contained in your fingerprint? Have you ever used a VPN to protect your online activity? Let us know your thoughts in the comments below, and as always, thank you for reading.