What is Browser Fingerprinting and Its Use in Online Tracking?
Brooks Patterson
Last updated -
In This Article
The internet often feels like the wide blue yonder, where you can freely voyage with the abandon that only anonymity can provide. Except, this isn’t at all how it is. There is a set of tools that are widely employed by businesses wishing to identify who’s visiting their sites. This toolset is called browser fingerprinting, and it’s important that you know how it’s used.
We’ll look at the way it’s used for online tracking, as well as a number of the advantages that might explain why so many businesses tend to like using browser fingerprinting. But before we get to that, we’ll ask the question: what is browser fingerprinting?
By the end of this, you’ll know what it is, what’s so great about it, and what might not be quite so good. You’ll even pick up a few tips to help you avoid the worst of it.
What Is Browser Fingerprinting?
When you visit a site, there is a range of data about you that you will leave there. What information can this include? All sorts, including the identity of your operating system. So what? By itself, admittedly, this information won’t be of much use to a business wishing to see who is visiting a site. This is because an operating system is the kind of thing that numerous individuals share.
Things get more tightly focused with identity resolution. What is identity resolution ? This is when information such as OS combines with some other data, such as the individual user’s IP address. By amassing all such information, the fingerprint becomes more detailed and more unique to the individual.
Now that the business has a more fully-rounded picture of who you are, it can then cross-reference this profile against a database of identities to give yet more detail on who it is who’s visiting its site.
It could be that a business is interested in more macro information. This might include what people in a certain time zone are tending to buy over those in another zone. We’ll look at more advantages to e-commerce businesses in due course.
Types of Browser Fingerprinting
There are several commonly used tracking methods. The big thing they all have in common is that they don’t tend to announce themselves, meaning you can get tracked without having much, if any, awareness of it.
1. Cookies
For a long time, cookies were pretty much the only tracking technique in town. What are they? Small packets of text that exchange between your computer and the sites you visit, which tell sites information about your history.
However, a great many people have mixed feelings about the privacy ethics this raises. As a result, Google has been talking about phasing them out for years, which has meant that sites have started to explore other means of fingerprinting.
2. IP Logging
As mentioned above, browser fingerprinting can stem from accumulating a series of data points from a user agent, including the IP address. The list of other information that’s used here is extensive and includes the following: browser version, browser extensions, language, time zone, system date and time, and even battery level and screen size. This information builds up to form a detailed, unique profile that can’t be easily removed from a device, unlike cookies.
3. Canvas Fingerprinting
This is a relatively new technique that works in quite a specific way. In a website’s HTML5 code is a small snippet of code that captures a visitor’s browser fingerprint. This code is known as the canvas, and it was originally intended simply to draw web graphics.
It communicates with the site visitor’s browser to access display preferences, such as font size and background color, and then uses this information as a unique identifier for that individual.
Advantages of Browser Fingerprinting
Browser fingerprinting offers several benefits, which we’ll briefly cover now.
1. Security
In an age of ever-greater vulnerability to cyber attacks, it’s becoming more and more crucial to have robust systems to defend against fraudulent activities. Having a fingerprint attached to an account makes it easier for a site to detect if a bot or other unauthorized party is attempting access to that account.
If there’s potentially suspicious activity, such as a new device being used, a message can be sent to assess legitimacy. This can then be combined with multifactor authentication.
2. Personalization
Make no mistake: customers love personalization. The ability of a business to tailor a shopping experience around an individual customer has revolutionized shopping expectations.
Yes, there’s a trade-off between privacy and enhanced user experience. But the overall takeaway on personalization is that customers are happy with it as long as they have explicitly been asked to surrender anonymity in the first place. So, a business can reap the benefits of this powerful tool, but they need to remember to be up front about what they’re doing in the first place.
3. Market Research
This is a hugely beneficial area for the savvy marketer to mine. For instance, browser fingerprinting can tell you that a disproportionately high number of users of a particular OS are using a particular browser to access web content.
This can then lead a business to concentrate on delivering primarily to this group. Conversely, it might lead a business to investigate why it’s not scoring so highly with other users.
Disadvantages of Browser Fingerprinting
So, nothing’s perfect. There are downsides to pretty much everything, and when we’re looking at browser fingerprinting, we must inevitably include what’s not so great about it.
1. Location Leaking
It’s not likely that your location specific to your individual house address might be identified and leaked, but an IP address can give away a certain amount of geographical location, such as the city you are in. Combined with the right open-source intelligence sources, such as social media and blogs, this can become far more specific, so it can be a concern.
2. Hacking
We all know (or we should all know) that one of the best ways of preventing hacking is to make sure that the tools we use are up-to-date. One thing that browser fingerprinting does rather well is identifying the version of the browser you’re using, as well as any extensions you have on your device. When it’s got this information, it highlights you as an easy hacking mark or otherwise. If this information falls into the wrong hands, then trouble will follow.
3. Loss of Privacy
Browser fingerprinting means that a business can follow internet users with an event tracking guide across multiple sites, which builds a sophisticated picture of behaviors and tastes. This can be alarming to many, especially given that most people have no idea just how powerful and thorough this data collection technique is.
Thankfully, it falls within the purview of data protection legislation such as GDPR and CCPA, so permission has to be sought before fingerprinting can proceed. But how many people really understand what they’re permitting?
How Can You Beat It?
Fortunately, there are several techniques you can adopt to help you avoid the worst extremes of browser fingerprinting.
1. Use a Proxy or VPN
Both these tools allow you to conceal your IP address, so both deliver the same kind of anonymity. They do it in different ways, but we don’t need to go into this now. You can find information on the differences between proxy and VPN quite easily online.
2. Disable JavaScript
JavaScript is typically what’s doing the work with fingerprinting, so it makes sense to disable it if you want to stay anonymous. The downside is that some websites won’t perform as designed - they won’t be able to detect your fonts and plugins, for instance. This can mean a bumpier ride as you surf. So, swings and roundabouts.
3. Employ Plugins
You can use certain browser plugins that have the specific job of detecting and disabling trackers. This can lead to reduced ease of use with some sites, but these plugins often have the advantage of allowing you to customize them so that they only work on sites you’re not sure of.
4. Use a Privacy-focused Browser
Certain browsers offer more anti-fingerprinting browser settings than others. Firefox and Tor are good examples. The latter, for instance, works by using standardized preferences (e.g., screen dimension and resolution) so that all Tor users seem identical to one another.
5. Use Private Browsing
You’ve probably seen the option to go into incognito mode. You may have used it. But what does it deliver? Basically, it gives you a degree of browsing anonymity , but not by removing your fingerprinting altogether. Instead, it uses standard settings that you share with a whole bunch of users. So, you still get a digital fingerprint, but not one that points specifically to you.
The Ups and Downs of Fingerprinting
In the end, your attitude to fingerprinting will boil down to what you want from your internet experience. If you want convenience so that, for instance, when you hit a site, it will automatically optimize for your display, then fingerprinting will deliver. If, on the other hand, you prioritize anonymity, then you’ll be wary of browser fingerprinting.
The good news is that there are tools and techniques available so that you can maintain privacy if that’s what you value. You don’t have to have a finger pointing at you.
Author
Brooks Patterson
Interim Head of Product Marketing
Brooks leads Product Marketing at RudderStack. With a strong foundation in content creation and product marketing, he’s crafted engaging content and is the mind behind the top episodes of The Data Stack Show. He is passionate about making content that connects on a deeper level and drives action. He always champions innovation in his work, which makes his contributions vital to RudderStack’s developments in warehouse-native CDPs.
Learn More About Brooks Patterson