What browser data is used for fingerprinting?

Cloned Boy

Professional
Messages
876
Reaction score
697
Points
93
Browser fingerprinting is a technology for identifying devices based on a unique combination of parameters. Here is a full list of data that can be collected to create a digital fingerprint:

1. Basic browser settings​

CategorySpecific dataExample of meaning
User AgentBrowser, version, OS, device type.Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
LanguagePreferred system language.ru-RU, en-US
Time zoneTime zone.Europe/Moscow
Screen resolutionWidth x height (including inner browser window).1920×1080 → 1848×984 (including scaling).

2. Advanced Options​

2.1. Graphic and hardware data​

  • WebGL:
    • Graphics rendering (GPU specifications, video card model).
    • Example: ANGLE (NVIDIA GeForce RTX 3080 Direct3D11 vs_5_0 ps_5_0).
  • Canvas:
    • A hidden image that appears with slight differences on different devices.
    • Canvas hash example: a1b2c3d4e5….
  • WebGL Vendor/Renderer: GPU and driver manufacturer (Intel Inc. vs NVIDIA Corporation).

2.2. Fonts​

  • List of installed fonts (via document.fonts).
  • Example: Arial, Times New Roman, Calibri, ... (up to 50+ fonts).

2.3. Audio context​

  • Analysis of audio processing (AudioContext.getOutputTimestamp()).
  • Even identical devices can show microscopic differences.

3. Network and protocol data​

ParameterHow is it used?
IP addressNot always unique (NAT, VPN), but important for geolocation.
HTTP headersAccept-Language, Sec-CH-UA (User Agent Client Hints).
Hooks and storagePresence/absence of localStorage, sessionStorage.

4. Behavioral metrics​

  • Timings: Speed of JavaScript code execution.
  • Scroll/Click Patterns: How the user interacts with the page.
  • Mouse/touchscreen: Cursor acceleration, pressing force.

5. Sample code for data collection (legal)​

JavaScript:
// WebGL check
const canvas = document.createElement('canvas');
const gl = canvas.getContext('webgl');
console.log(gl.getParameter(gl.VENDOR)); // "NVIDIA Corporation"

// List of fonts (not all browsers allow)
const fontList = [];
for (const font of document.fonts) {
fontList.push(font.family);
}
console.log(fontList);

// Canvas fingerprinting
const canvasFingerprint = () => {
const canvas = document.createElement('canvas');
const ctx = canvas.getContext('2d');
ctx.fillText('Hello, Fingerprint!', 10, 10);
return canvas.toDataURL();
};
console.log(canvasFingerprint());

6. How to protect yourself from fingerprinting?​

For users:​

  • Browsers with protection:
    • Firefox (enable resistFingerprinting in about:config).
    • Brave (blocks Canvas API by default).
  • Extensions:
    • CanvasBlocker (Canvas data substitution).
    • Chameleon (User Agent disguise).

For developers:​

  • Use User Agent Client Hints instead of navigator.userAgent.
  • Minimize data collection (GDPR compliance).

7. How do sites use this data?​

  1. Antifraud (banks, payments):
    • If the user's WebGL or Canvas changes abruptly → suspicion.
  2. Personalization of advertising:
    • Cookie-less targeting (Google FLoC, now Topics API).
  3. Fighting bots:
    • Bots cannot accurately emulate hardware parameters.

Conclusion​

Fingerprinting includes dozens of parameters, from User Agent to mouse behavior. It is impossible to avoid it completely, but protective tools reduce the accuracy of identification.

For a deeper dive:

Want to understand a specific method (like how AudioContext works in a fingerprint)? Or are you interested in legal alternatives for anonymity?
 
Top