Fingerprinting
What is fingerprinting?
A fingerprint is a combination of many characteristics of your browser and device that uniquely identify you to a website. Fingerprinting is a tracking technique that doesn’t rely on cookies, which more browsers are blocking by default.
Who does this fingerprinting, and why?
Web tracking companies and ad networks aim to build up a profile of your browsing activity, all across the Web, for use in ad targeting. To do that, they need to be able to tell when the same browser on the same device visits different websites.
Cookies used to be the standard method for tracking. A tracker could store a unique string of letters and numbers in a cookie in your browser, and then see that same unique string any time your browser went to another site with that tracker on it. The tracker could then correlate your browsing activity across many sites.
Today, cookie-based tracking is becoming less effective as more browsers block third-party cookies. To counter this, trackers are turning to fingerprinting techniques, which offer another way to identify the same browser on multiple sites, even if cookies are blocked.
What goes into making a fingerprint?
Fingerprints are derived from characteristics of your browser and device. There are a wide variety of “signals” that can be combined to make a fingerprint, including:
- Which browser you use (Chrome, Brave, Safari, etc.) and which version of it
- Which operating system you use (Android, Windows, etc.) and which version of it
- The language setting of your OS or browser
- The size of your browser window
- Which fonts are installed on your system
- The specifics of your browser’s support for 3D graphics
These are just a few of the signals a tracker might use to—in combination—create a fingerprint of your device. There are many more signals beyond these, and the more that go into the fingerprint, the more likely it is to make the fingerprint unique…and thus useful for tracking. As browsers get more sophisticated to allow richer Web experiences, they’re also (unintentionally) creating more signals for fingerprinters.
Data that can be used for fingerprinting
How can I prevent fingerprinting?
You can reduce the effectiveness of fingerprinting by using a browser, such as Brave, that has anti-fingerprinting features. Anti-fingerprinting generally works by subtly changing some of the signals listed above, so that either many different fingerprints are produced for the same browser, or the same fingerprint is produced for many different browsers. Either approach significantly reduces the value of fingerprints for tracking.
Anti-fingerprinting needs to strike a delicate balance: Change the fingerprinting signals enough to disrupt tracking, but not so much that it interferes with websites that use those signals for legitimate reasons (for example, to adapt their layout based on your browser window size). This is an ever-evolving area of technology: There’s an arms race between fingerprinter developers coming up with new techniques, and browser developers (like Brave) creating effective but unobtrusive ways to block them.
See a full list of Brave’s protections against fingerprinting and other tracking techniques.