Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,175
- Points
- 113
You can often find messages from users online about various scanners detecting the use of anti-detect. However, the reason for this may be not only in the browser, but also in the actions of the user. We have collected all the basic parameters due to which it is clear that the user is replacing fingerprints and suggested ways to reduce the risk of detection. 
Why are there problems with emulation at all
Any antidetect has two key functions:
This is due to the fact that each anti-fraud system has its own unique operating mechanisms: they analyze different amounts of data, in different orders, and draw different conclusions from this data. And it is precisely because of this that one anti-detect is better suited for, say, Twitter, and another for Zuckerberg's social network.
However, there are some recommendations that, if followed, can significantly increase the quality of emulation.
1. IP is one of the most popular parameters that causes problems.
What is the problem
What to do
2. Fonts are one of the main parameters that reveals the fact of fingerprint substitution.
What is the problem
Each operating system has a set of fonts used: standard and system. Standard fonts include well-known fonts: Arial, Times New Roman, etc. Their peculiarity is that they are found in any operating system.
But system fonts can be unique for each specific system.
How it works: Let's imagine that a user has a Windows laptop, but in the digital fingerprint he indicates macOS. Due to differences in system fonts, antifraud systems will understand that he is encrypting his digital fingerprint. Moreover, the difference will be visible not only in the set of fonts themselves, but also in their design: macOS and Windows can display even the same font differently.
What to do
3. Browser. All antidetections work on the basis of some standard browser. As a rule, this is Chrome, Chromium or Firefox. Chrome is the same Chromium, only with Google services enabled and some changes in the internal functionality of the browser.
What is the problem
Each browser has its own unique parameters and functions that distinguish it from others. Regular users will not notice these functions, but anti-fraud systems will definitely see them. This way they will understand that the user is replacing the fingerprint.
What to do
Pay attention that your digital fingerprint contains data that corresponds to the anti-detect browser. This is shown in Useragent. All anti-detect manufacturers announce which browsers they work on. For example, Dolphin{anty} works on Chromium.
4. Device characteristics. Some users, in an attempt to convince the antifraud of the reality of their fingerprint, change the parameters of the device itself: Audio, Canvas 2d (simply Canvas), Canvas 3d, etc.
What is the problem
The imprint can become:
What to do
Do not change the fingerprint parameters that concern the device itself: Canvas, Audio, WebGL.
5. WebRTC — describes the parameters for transmitting audio, video, and content between browsers and applications. The project began to be used as a replacement for Flash.
What is the problem
It often happens that this parameter shows your real IP, even if you use a proxy.
What to do
If you see a leak of your real IP via WebRTC, the best solution is to check with the anti-detection developer what is best to do with this parameter. This is due to the fact that some anti-fraud systems see that a person changes IP, but do not take any measures against the user. This is especially true at the current time, when many sources and sites in Russia are blocked.
6. Mobile device on the web. Some users try to emulate a mobile device from web versions of antidetections.
What is the problem
Mobile devices differ from web versions in hundreds of parameters, including screen resolution, network operation, data transfer methods, device types, etc. Considering that antidetections do not provide 100% emulation even on the web version, with the mobile version it will be even lower.
What to do
Even if your antidetect has functionality for emulating the web version for mobile, it is better to use it with caution and not test it on accounts that are important to you. Otherwise, there is a risk that they may be sent for verification or even blocked.
And finally
Before you start solving your problems in a specific antidetect:
Source
Why are there problems with emulation at all 
Any antidetect has two key functions:- Fingerprint substitution. Antidetect must change the real data of the user's digital fingerprint.
- Emulation. Make you as similar to a regular user as possible.
This is due to the fact that each anti-fraud system has its own unique operating mechanisms: they analyze different amounts of data, in different orders, and draw different conclusions from this data. And it is precisely because of this that one anti-detect is better suited for, say, Twitter, and another for Zuckerberg's social network.
However, there are some recommendations that, if followed, can significantly increase the quality of emulation.
The main parameters due to which the replacement of fingerprints is visible
Below are the main parameters by which data substitution is most often visible:1. IP is one of the most popular parameters that causes problems.
What is the problem
- The real IP is not hidden. Some users think that antidetects automatically change their IP address. In fact, antidetects have the functionality to change data, but the new IP address itself needs to be taken from somewhere. To do this, you need to buy a proxy or VPN. Some browsers have the ability to buy a proxy from the company's partners.
- They use proxies of the wrong geo. For example, a user plans to work with Brazilian users and creates a Brazilian account, but buys Russian proxies. As a result, his data is identified as Russian, which can cause problems on the site.
- Buy unsuitable proxies. In order to save money, users buy cheap proxies or even use free ones. In this case, there is a risk that the IP has already been used in many places and is blocked by most popular sites. Moreover, such proxies can be dangerous, because they can be used by intruders.
What to do
- When working with antidetect, use a proxy, otherwise your real IP address will not be masked.
- Buy proxies only from trusted sellers.
- Make sure that the IP address matches the geo of your account.
- Choose proxies depending on your tasks. The most secure are proxies with HTTPS and SOCKS5 protocols. However, if you need many IP addresses for different profiles, it is better to choose mobile proxies. They are more expensive, but due to the ability to update IP, they can be much cheaper.
2. Fonts are one of the main parameters that reveals the fact of fingerprint substitution.
What is the problem
Each operating system has a set of fonts used: standard and system. Standard fonts include well-known fonts: Arial, Times New Roman, etc. Their peculiarity is that they are found in any operating system.
But system fonts can be unique for each specific system.
How it works: Let's imagine that a user has a Windows laptop, but in the digital fingerprint he indicates macOS. Due to differences in system fonts, antifraud systems will understand that he is encrypting his digital fingerprint. Moreover, the difference will be visible not only in the set of fonts themselves, but also in their design: macOS and Windows can display even the same font differently.
What to do
- If possible, select the operating system of the device you plan to work with in the anti-detect digital fingerprint.
- If you have a powerful PC and a laptop, install Linux as a second operating system, then install the system fonts of the OS you want on it. Linux acts as an intermediate system between Windows and MacOS, so it can be used to smooth out differences in fonts.
3. Browser. All antidetections work on the basis of some standard browser. As a rule, this is Chrome, Chromium or Firefox. Chrome is the same Chromium, only with Google services enabled and some changes in the internal functionality of the browser.
What is the problem
Each browser has its own unique parameters and functions that distinguish it from others. Regular users will not notice these functions, but anti-fraud systems will definitely see them. This way they will understand that the user is replacing the fingerprint.
What to do
Pay attention that your digital fingerprint contains data that corresponds to the anti-detect browser. This is shown in Useragent. All anti-detect manufacturers announce which browsers they work on. For example, Dolphin{anty} works on Chromium.
4. Device characteristics. Some users, in an attempt to convince the antifraud of the reality of their fingerprint, change the parameters of the device itself: Audio, Canvas 2d (simply Canvas), Canvas 3d, etc.
What is the problem
The imprint can become:
- unrealistic, since the parameters in the device fingerprints are linked together, and manual changes may result in a combination of data that does not occur at all or occurs too rarely.
- too unique that it will attract the attention of anti-fraud systems.
What to do
Do not change the fingerprint parameters that concern the device itself: Canvas, Audio, WebGL.
5. WebRTC — describes the parameters for transmitting audio, video, and content between browsers and applications. The project began to be used as a replacement for Flash.
What is the problem
It often happens that this parameter shows your real IP, even if you use a proxy.
What to do
If you see a leak of your real IP via WebRTC, the best solution is to check with the anti-detection developer what is best to do with this parameter. This is due to the fact that some anti-fraud systems see that a person changes IP, but do not take any measures against the user. This is especially true at the current time, when many sources and sites in Russia are blocked.
6. Mobile device on the web. Some users try to emulate a mobile device from web versions of antidetections.
What is the problem
Mobile devices differ from web versions in hundreds of parameters, including screen resolution, network operation, data transfer methods, device types, etc. Considering that antidetections do not provide 100% emulation even on the web version, with the mobile version it will be even lower.
What to do
Even if your antidetect has functionality for emulating the web version for mobile, it is better to use it with caution and not test it on accounts that are important to you. Otherwise, there is a risk that they may be sent for verification or even blocked.
And finally 
Before you start solving your problems in a specific antidetect:- Test the antidetect thoroughly during the trial period. It is better not to use combat accounts right away, because if the antidetect is not suitable, you can reduce the trust of your account or even lose it. It is even better if the antidetect has a free plan: then you will have more time for testing. For example, Dolphin{anty} has a completely free plan for 10 browser profiles .
- Check the quality of protection through scanners. It is better to check through several scanners to get a more complete picture. It is important that the scanners give a general idea of what data the sites' protective systems can potentially see. In fact, each anti-fraud system has its own algorithms: the fact that the scanner shows 100% authenticity does not mean that you will pass the anti-fraud check and vice versa.
- If you have just started using antidetect, read our article about what ☝ mistakes carders make when working with the antidetect browser.
Source
