https://blog.mozilla.

org/en/privacy-security/this-is-your-digital-fingerprint/

PRIVACY & SECURITY

This is Your Digital Fingerprint

 JULY 26, 2018

DANIEL KESSLER
Mozilla invited Chicago-based teacher and activist Nick Briz to explain how people
are tracked, surveilled and monetized on the web. In the fall, Nick will be leading a
speaker series in Chicago on how date rules everything around us (the D.R.E.A.M
series).

This piece was originally published in The Disconnect.

Today, anonymity is no longer the default of the web. While still free, the internet that was
once predicated on privacy is now dominated by the information economy. For the sake of
capital, tech firms and advertisers track, identify, and monetize our every move across the
digital landscape, touting this exploitation as a method for a more personalized and
convenient digital experience.

Even so, there is an overwhelming understanding of the importance of privacy. In 2015, at

least 90% of Americans reported that privacy is “very important” to them, according to a
survey by the Pew Research Center. For this reason, savvy internet users install ad-
blockers to ward off malicious cookies, while savvier users will use VPN software to mask
their true IP addresses. Even casual internet users clear their cookie cache now and again
or use private browsing functions.

However, even as awareness grows, many users regard online surveillance as the nature
of the modern web, complacently agreeing to the terms and conditions and accepting
constant monitoring as a necessary trade-off for a taste of convenience and
personalization. This view is a risk to the fundamental values of liberty that define privacy
as a right.

This brings us to your digital fingerprint, which is made up of tiny bits of your personal data.
This distinct, data-driven identifier is currently in the possession of countless corporate
entities. The artwork above is a visual representation of your unique fingerprint, and it uses
the same data as those corporations. (Curious how we did this? See the addendum.) It
was created to serve as a reminder that we’re never truly anonymous online and, just as
you have a right to privacy, you have a right to know when and how that privacy is being
violated.

Understanding how specific tracking methods work should not be the exclusive domain of
those who seek to capitalize on your web activity. In this case, we will be shedding light on
a widely used yet rarely discussed tracking technique: browser fingerprinting.

What is Browser Fingerprinting?

Initially developed for security purposes, browser fingerprinting (also known as device
fingerprinting) is a tracking technique capable of identifying individual users based on their
browser and device settings. In order for websites to display correctly, your browser makes
certain information available about your device, including your screen resolution, operating
system, location, and language settings. These details essentially make up the ridges of
your digital fingerprint.

Much like detectives piecing together clues from a crime scene, trackers can assemble this
data into a recognizable “fingerprint” and then use this identifier to trace your activity
across the web. It might seem impractical to derive a unique fingerprint from a pool of
innocuous settings and data, but considering the number of browsers and configurations
available to a given user, there are a lot of possible combinations. In fact, the fingerprint of
the laptop we wrote this piece on was completely unique among the 1.7 million fingerprints
collected by Electronic Frontier Foundation’s Panopticlick tool.

In addition, once it has been assembled, your digital fingerprint is persistently accurate.
With recent developments in cross-browser fingerprinting, this technique is capable of
successfully identifying users 99% of the time. That means even if you were to employ
multiple recommended privacy precautions (masking your IP address through a VPN and
deleting or blocking cookies) trackers can still use your digital fingerprint to re-identify and
re-cookie your device when you visit a website.
A VPN can protect your identity. Find the right one for you in this Internet Citizen blog.

Why is It Used and Who Uses It?

Increased public concern for internet privacy has made precautionary methods more
accessible and easier for users to implement, making traditional cookie-based tracking
relatively untenable. This decline in cookie efficacy has led trackers to seek out more
advanced ways of monitoring their users. Many of the companies that pioneered browser
fingerprinting saw this as a commercial opportunity and quickly expanded their services
into the world of online tracking.

Browser fingerprinting is just one of many other tracking techniques used by companies
known as “data brokers.” These third-party companies use your digital fingerprint to
discreetly trace your activity across the web, collecting little bits of data about you along
the way.

While trackers won’t necessarily match your activity with a face or a name, the data they
derive from websites you visit, social platforms you use, searches you perform, and
content you consume, can be considered personally identifiable. With this data, brokers
build a general profile of who you are (age range, location, language, interests, etc.) and
sell this insight to advertisers and marketers who use it to relentlessly serve you
personalized ads and content recommendations across the web.

While they are overwhelmingly used to violate user privacy, fingerprinting and other online
tracking techniques are not all bad. For one, browser fingerprinting technologies are still
used for the security and authentication purposes they were initially developed for: to
prevent software piracy, identity theft, and credit card fraud among other security risks. For
example, software security firms such as Sift Science offer enterprise solutions that employ
fingerprinting technologies to help websites track, identify, and block “the bad guys.”

On a larger scale, these tracking techniques, and the intrusive ads they facilitate, make the
modern internet possible. The large players that arguably shape the course of the web
sustain their businesses on the profits made through targeted online advertising. In 2017,
both Alphabet (Google’s parent company) and Facebook made an overwhelming majority
of their total profits through digital advertising—88% and 97%, respectively. Online
advertising also plays a crucial role in supporting free journalism and keeping media
outlets afloat. Without ads, we’d have very limited options for staying informed.

Privacy is clearly a difficult challenge to tackle in an increasingly digitized world. On one

hand, companies consistently violate our privacy and exploit our data, while on the other,
they make the web as we know it a sustainable hub for information and social connection.
Some accept this condition as the nature of the web—just something that we have to deal
with to ensure two-day shipping. However, you shouldn’t have to decide between privacy
or convenience every time you open your laptop or pick up your phone. We should have
equal access to privacy and convenience. Is it possible for us users to have our cake and
eat it too?
Mozilla podcast, IRL, discussed helpful ways to breakout of social media bubbles.
Platforms use our digital fingerprint to serve us content that sometimes cuts off from others
who don’t share our point of view.

What Can We Do?

The most obvious approach to this dilemma is to protect yourself by any means necessary.
That entails employing all the appropriate measures to ensure your privacy. However, due
to its nature, browser fingerprinting is not easy to circumvent. While it’s technically possible
to thwart this technique by exclusively using the privacy-focused Tor Browser or by
blocking all JavaScript with a browser add-on like NoScript, to say these options are
impractical is an understatement. (NoScript renders most websites you visit, including The
Disconnect, virtually unusable.) It’s also worth noting that some measures, while intended
to improve your privacy, can actually make a browser more distinct and therefore easier to
fingerprint and identify.

A simpler (and arguably more effective) approach to this dilemma is education. As stated
earlier, it is important to understand how your privacy is being violated—not to make you
feel scared or apathetic, but to make you aware, which is our exact purpose for writing this
piece. Improving our current digital circumstances starts with education. A true calibrated
response to our current fingerprinting situation should include advocacy and innovation,
but for either to be effective, a bit of digital literacy is a prerequisite.

Education reinforces consumer advocacy. Though policy has been relatively slow to react
to our privacy concerns, consumers saw a major win earlier this year with the General Data
Protection Regulation (GDPR), which is a new set of European Union rules aimed at giving
users more control over their personal data online (and the reason for all those “privacy
update” emails that flooded your inbox). It has only recently gone into effect, so we’ve yet
to see how this might affect browser fingerprinting; however, the GDPR is a testament to
the positive results that can come from consumer advocacy.

In addition, spreading knowledge of how our privacy is currently handled creates a larger
demand for privacy-focused developers and entrepreneurs. Armed with an understanding
of our current circumstances, these individuals will be able to effectively question the ways
in which the internet works for us and against us, allowing them to develop new, creative,
and practical ideas that protect the future of online privacy as well as allow companies to
prosper and profit on the web. In an industry defined by innovation, we can’t be completely
out of ideas, right?

In order to truly reform online tracking practices, we must understand the issue in its
entirety. This means that, in addition to understanding the conditions and technologies
we’re up against, we must also understand the importance and value of privacy.
 Firefox keeps your data safe. Never sold.

Download Firefox

Why is Privacy Important?

Privacy is often seen merely as a safeguard against prying eyes and exploitative corporate
entities. However, to summarize the ideas of Georgetown University law professor Julie E.
Cohen, privacy is more than an instrument to advance liberty or check control. It is a buffer
for self-development free from the influence of society and culture. It enables all the factors
we need to develop distinct identities: autonomy, free thought, creativity, experimentation,
and exploration. And through this same buffer, we are afforded the resources to discover
the type of society we want to be a part of and the steps we need to take to get there.
These are decisions we need to make while we still have the agency to do so.

By regarding the internet as unregulable, we are giving companies the green-light to

continue building technologies (like browser fingerprinting) that have the potential to
manipulate the way in which people think and behave, setting society on a path mirroring a
dystopian sci-fi. Surveillance creates an environment that breeds conformity, obedience,
and submission; the very ingredients that define the totalitarian societies feared by the
likes of Orwell, Bradbury, and Huxley. And as things stand now, it feels as if we are moving
in this direction.

Because data is the lifeblood for developing the systems of the future, companies are
continuously working to ensure they can harvest data from every aspect of our lives. As
you read this, companies are actively developing new code and technologies that seek to
exploit our data at the physical level. Good examples of this include the quantified self
movement (or “lifelogging”) and the Internet of Things. These initiatives expand data
collection beyond our web activity and into our physical lives by creating a network of
connected appliances and devices, which, if current circumstances persist, probably have
their own trackable fingerprints. From these initiatives, Ben Tarnoff of Logic
Magazine concludes that “because any moment may be valuable, every moment must be
made into data. This is the logical conclusion of our current trajectory: the total enclosure
of reality by capital.” More data, more profit, more exploitation, less privacy.

In a recent interview with O’Reily Media, author and digital rights activist Cory Doctorow
paraphrases Harvard Law School professor Lawrence Lessig’s four modalities of
regulation: “…the world is influenced by four forces: 1) code, what’s technologically
possible, 2) law, what’s legally available, 3) norms, what’s socially acceptable, and 4)
markets, what’s profitable.” Together, these forces are what regulate the internet. Lessig’s
modalities suggest that if privacy is not a priority and there are no incentives for it, then the
technologies built under these circumstances will not provide it. By this reasoning, the key
to preventing device fingerprinting and similar privacy-killers from developing any further
boils down to normative intervention. Norms dictate what is profitable; therefore,we get to
choose how these forces should regulate. The choice is not whether the web should be
regulated or not, rather it is whether we, the users, should be present in choosing the code
that will ultimately choose our values as a society.

While markets may drive the development of device fingerprinting techniques, we need to
look to what Lessig describes as “technologically possible” in order to truly regain agency
in this space. Through proper education, relentless advocacy, and creative innovation, we
can evolve social norms to prioritize online privacy. And even though we may have already
seen new regulations drafted to reflect this shift in social norms, there is still quite a bit of
work to be done. In the cat and mouse game for online privacy, device fingerprinting
currently gives trackers the advantage. If that makes you feel powerless, it shouldn’t.
Remember that control over our data and agency online is a never-ending negotiation.
Digital rights, like all human rights, must continually be defended

(For more information on the various data points used in creating your unique device
fingerprint, see the addendum.)

Addendum: How We Get Your Fingerprint

The strings of text that make up the ridges of the algorithmically-generated fingerprint in
the piece above are unique to you and are made up of the same data points used by
commercial device fingerprinting. Typically, this array of attributes is compressed into a
shorter ID number using a cryptographic “hash” function. It’s worth noting at this point
that The Disconnect is not tracking its readers’ fingerprints and thus isn’t hashing these
attributes to send that unique ID back to The Disconnect’s server. Instead, the code used
to render the piece is only ever executed locally and never leaves your device.

So what are these attributes and how do websites get access to them? JavaScript, the de
facto programming language of the internet, is regularly used to convert simple websites
into interactive applications like Google Maps. In order for these web applications to work
properly, the web developer often uses JavaScript to detect information about your
particular device. If you are on a desktop or laptop browser, you can actually do this
yourself using your browser’s JavaScript Console:

 Firefox: Control+Shift+K (or Command+Shift+K on Mac)

 Chrome: Control+Shift+J (or Command+Shift+J on Mac).
 Safari: Command+Option+C
 Edge: F12
Once open, type navigator.userAgent and hit enter. You should see your device’s “user-
agent” print to that console. The “user-agent” is used to identify what browser and platform
you are using.

The “user-agent” is the first bit of data you’ll see on the cover. This is followed by other
information specific to your browser like the current language it’s set to
(navigator.language), whether or not you have “do-no-track” set (navigator.doNotTrack)
and a list of any plugins (navigator.plugins) you may have installed. This is followed by
information about your device including your screen’s resolution (screen.width and
screen.height) and color-depth (screen.colorDepth), what time zone your clock is set to
(Intl.DateTimeFormat().resolvedOptions().timeZone) the platform underlining your
operating system (navigator.platform), how many CPU-cores your computer has
(navigator.hardwareConcurrency), what GPU (or graphics processor) vendor and renderer
is and whether or not you’re on a touch device. After this you’ll see a list of storage types
and whether or not your browser supports them. Printing the GPU and touch information to
the console requires a bit more code than the previous attributes, but you can view a fully
annotated version of the source code behind the cover art here if you’re curious to learn
more.

The last two data points you’ll see animating on the cover are the “font-list” and a “canvas-
hash.” The former is the list of fonts you have installed on your computer. Browsers need
access to your fonts in order to render the texts on your screen, but because users often
add to the list of fonts that come default on their devices, this can become a particularly
effective way to identify you online. The “canvas-hash” is perhaps the most unique
characteristic. The HTML5 canvas is used by developers to draw 2D and 3D graphics in
the browser using JavaScript. Though the same canvas code executed on different
devices will render images that appear the same to our eyes, because of a list of
differences among devices, the images will not be 100% identical at the pixel level. For this
reason, when the pixel data of a rendered canvas image is sent through a cryptographic
“hash” function, the resulting ID will be unique to that device and thus ideal for
fingerprinting.

————————————————————————————————————————
———-

Want More?
If you’re interested in learning more about the attention economy, check out Mozilla’s
original podcast IRL: Online Life is Real Life. In IRL’s Paid Attention episode, explore all
the ways your attention has become monetized on social media.
Managing your digital footprint
06th February 2024
What is a digital footprint?
A digital footprint is the trail of information that you leave behind online when navigating
between your favourite apps, websites, and online games. For example, when:
 Streaming music,
 Posting pictures on social media,
 Liking someone’s posts online,
 Tagging yourself in places, or
 Buying a pair of trainers.
All of this contributes to your digital footprint. Every action you take can form part of an overall
jigsaw of your online activity and tells a story about you. Your digital footprint continues to grow
the more you interact online.
What can your digital footprint reveal about you?
Very often, you're aware of the kind of information that you hand over when you go online. For
example, when you post videos or photos of yourself, your friends, or your family, or when you
give your email address to a website to get presale access for tickets to a gig.
But, your digital footprint also includes information about you that you might not even think of.
For example:
 Websites collect information about how many times you've visited a site, about your
location and your IP address.
 Social media platforms use your likes, shares, and comments to target you with specific
content that they think you'll want to see.
All of this information about you can also be tracked.

Why do certain companies want to collect all of this

information about you?
Some companies collect this information in order to personalise services for you. For example:
 TV streaming platforms collect your personal data to remember what episode you are up
to on a particular series, or to suggest shows based on what you’ve watched already.
 Music streaming services do the same to create suggested playlists for you.
 Social media platforms use your data to show you content that they think you’re interested
in.
But remember, your information is extremely valuable to these companies. They use this
information to show you more of the content that you want to see, and keep you on the app or
platform for longer.
For this reason, always keep in mind that ‘free’ apps and services are never really free as you’re
paying with your information.

Is leaving behind a digital footprint a bad thing?

Leaving behind a digital footprint is not necessarily a bad thing – there can be benefits to it. For
example, you get distracted when shopping online and when you return all of the stuff you
picked is still in the basket. So, it can be very helpful in some ways.
But the main thing is to be aware of your digital footprint because it is relatively permanent and
can shape your digital reputation, which is just as important as your offline reputation.

How to limit your digital footprint

Be honest about your real age

Social media platforms must have specific protections in place for the personal data of young
people. That’s there to improve your experience and make it better, not to limit it. So take
advantage of those protections by declaring your real age when signing up to social media
accounts.

Don't get ‘nudged’

Sometimes, apps will try to ‘nudge’ you into sharing more information than they actually need.
For example:
 The button they want you to click on is pre-selected and is bright and colourful, while the
other option, that requires less information, is more faded and difficult to read.
 An app uses fun, motivational language to encourage you to hand over information like
‘Share a photo and let the world see how great you are!’
Always choose the option that you’re happiest with, not just the one that’s easiest to click on.

Go Private
Think about setting your profile to ‘private’, so that only your friends can see what you like, post
and share. Remember, if your account is public, everyone and anyone can see what you’re
sharing and talking about online, even people who don't have an account on that platform.
Anything can go viral, and once it’s out there, it’s out there for good.

Check your ‘personalisation’ settings

If you don’t want platforms to show you content based on your activity on the app, you can turn
this off in your privacy settings. This limits the amount of information collected about you, while
still letting you scroll through content that's trending.
Turn off location tracking
Think twice about checking into places or tagging yourself as somewhere. Sharing your location
online can be risky so turn off your location settings if you don’t need them.

Want to print out a copy?

You can download and print out a PDF version of these tips on how to manage your digital
footprint (PDF, 936kb). You can also click on the images below.
What is fingerprint? Everything you need to know
and how to protect yourself
POSTED ON 19/10/2023 BY INSSIDE

19
Oct
Digital fingerprint, in the context of technology and digital security, refers to the unique and distinctive
information that identifies a user, device or online entity.

INSSIDE Cybersecurity experts tell us how that digital fingerprint is created from a variety of data and
characteristics that can include:

1. IP Address: Every device connected to the Internet has a unique IP address that is used to
identify it on the network.
 2. Cookies: Websites often store small files called cookies in your browser to track online
activities and offer a personalized experience.
3. Browsing history: Browsing habits, such as websites visited and online searches, contribute
to your digital footprint.
4. Device data: Information about devices, such as operating system, browser type, and screen
resolution, is used to identify you.
5. Profiles on social networks: The information shared on social networks, such as name,
profile photo, connections and publications, contributes to the digital footprint.
6. Location data: The location of a device at a given time is also part of the fingerprint.
Fingerprint is used in various applications such as online authentication, ad personalization, user
tracking, and cybersecurity. It is important to understand that fingerprint collection and use also raise
privacy concerns, as users are often not fully aware of how much information is being collected and
how it is used.

What does INSSIDE recommend to reduce the footprint?

You can take steps to limit the amount of personal data that is tracked. Here are some ways to reduce
your online digital footprint:

1. Use a virtual private network (VPN): A VPN can hide the IP address and mask the location,
making it difficult for websites and services to track online activity.
2. Private Browsing: Web browsers offer private browsing modes that do not store search
history, cookies, or login data.
3. Cookie management: Configure the browser to block or delete third-party cookies and limit
cookies in general. This will reduce the tracking of online activity.
4. Control social media privacy settings: Adjust privacy settings on social media profiles to
limit who can see personal information and posts.
5. Use encrypted email services: Use email services that offer end-to-end encryption to protect
communications.
6. Use two-factor authentication (2FA): Enable two-factor authentication whenever possible to
improve the security of online accounts.
7. Limit the amount of personal information shared: Avoid sharing unnecessary personal
details, such as phone numbers, addresses, and social security numbers.
8. Use strong passwords: Use strong and different passwords for each online account to avoid
exposing your personal data. In turn, updating passwords is essential to protect virtual
accounts and data. This helps prevent attacks and reduces risks in the event of leaks.
For more information contact INSSIDE
What is browser
fingerprinting? Here’s how
to prevent it
What is browser fingerprinting? It’s creepy, that’s what! It tracks your online
behavior, allowing others to know who you are as you browse the internet — all
without any need for account logins or cookies.

Just like a human fingerprint, your browser has a set of unique traits that can be
traced back to you — and everything you do on the internet.

When you browse through the internet, many web portals capture some of this
information, such as screen size and browser type, to give you the best
experience.

However, browser fingerprints can also be used for tracking and identification.
Websites can record all kinds of information about you through this fingerprint,
and then connect it to other similar fingerprints to get a precise picture of your
browsing behaviors and website activities.

According to PanoptiClick, there is a chance that one in 286,777 browsers has

the same browser fingerprint for another user. So the chances of overlapping
browser are pretty slim. That’s why a browser fingerprint is an invaluable piece
of information for marketers that want to sell you stuff!

Curious to see how unique your browser fingerprint is? Use one of the
top browser fingerprinting checkers to see just how unique your fingerprint is!
Then, you may want to try some of the tactics below to reduce your fingerprint.

How to prevent browser fingerprinting

If you are concerned about your personal information and don’t want to share it
over the internet through browser fingerprints, you might want to stop it.

Unfortunately, there is only one method if you want to stop browser

fingerprinting completely, which is not using the internet at all. Yes, it’s nearly
impossible to keep your browsers from collecting your data because browsers
use HTTP headers to collect your fingerprint.

But…

There are certain security practices you can use to mitigate your browser
fingerprint or make it unoriginal. The following practices will make your identity
harder to track and prevent advertisers from learning extremely personal
information about your web browsing history.

1. Disable Flash
If you are a Chrome user, then you should not worry about flash
because Chrome will stop using it by the end of 2020. Moreover, many reputable
sites have stopped using flash as well, so it’s a no-brainer because it’s
becoming a relic of the past.

Most of the experts believe that flash serves no considerable purpose other than
collecting fingerprint data. You can just disable it or uninstall it right away
because you do not need it if you are not explicitly using it for a specific purpose.

Otherwise, it will keep tracking your data for a short time because the newer
versions of all the major browsers already have decided to stop supporting it.

2. Revisit extensions and plugins

Browser extensions and plugins can be great assets for browsing. They can
provide deeper integrations to the services you use every day. But these can
also make it much easier for others to track you.

But think about it: the more extensions and plugins your browser has, the more
unique your browser fingerprint. That configuration is much harder to replicate
by someone else!

That’s why you should uninstall the plugins that you don’t use right away and try
to use standalone desktop apps as alternatives to the ones you use.

Bear in mind that disabling the plugins doesn’t do any good. After all, it can still
be used as your fingerprint because it stays in your browser. The most secure
route is to use JavaScript disabling extensions. It disables JavaScript usage,
unless you explicitly allow it. This will protect you from unwanted tracking!

3. Keep all of your software updated

In order to protect yourself from cybercriminals and hacking attacks, try to keep
all of your software updated. It means you need to restart your browser and
sometimes computer as well. It can be a little cumbersome, but it’s worth it if
you want to reduce your browser fingerprinting.

The most important software that needs to be updated all the time is your anti-
malware and anti-virus. Otherwise, such software won’t be able to detect the
latest cyberattacks, exploits, and malware.

4. Use Incognito or private mode

Using an incognito mode of your browser is a wise idea to reduce fingerprinting.
While it’s not perfect, it does reduce the amount of information shared with
others. To see how it’s working, you can still visit any browser
fingerprinting checker to see the results while you are in private or incognito
mode that will most probably be unique.

For that matter, we recommend you use Tor for the most private browsing
experience. If you have heard about Tor, you must’ve also heard that it’s for dark
web browsing. Tor is most commonly used for that purpose, but it is also an
excellent way to avoid all types of possible tracking.

5. Use Tor
The Tor browser is an extremely secure and private browser that includes anti-
fingerprinting features, such as cloaking your operating system and blocking
revealing information like your time zone and language preferences. Without
these details it’s much harder for your browser to be fingerprinted.

A reminder though: the most anonymous way to use any Internet browser is to
avoid installing extensions and plug-ins. Those are simply the easiest way to
know who you are, since so few people have the same combination of
installations. Stick with the default version to better anonymize your browser.
6. Use a VPN
A virtual private network boosts your online safety, security as well as privacy. It
masks your address and physical location by routing your internet traffic
through a third-party server. That way you appear like you’re browsing from
someplace else.

VPNs can provide you protection against hackers, surveillance, ISPs (Internet
Service Providers), and malicious websites.Also, your data transmission is often
encrypted so that no one can intercept it.

Image: RestoreP
rivacy.com

Keep in mind that VPNs don’t prevent websites from using JavaScript and HTTP
headers to collect browser fingerprints. It removes your IP address from the
headers and equation, but your fingerprint still might be unique. But you can
always use the mixture of all the tips mentioned earlier along with the VPN to
keep websites from collecting your fingerprinting data.

6. Ditch the smartphone

You’re really gonna hate this one…but giving up your smart phone is the quickest
way to preserve your anonymity. Phones are basically mini-surveillance tools
that also use device fingerprinting that make it easy to attach your identity to
your online behaviors.

Next steps to protect your privacy online

Web trackers use many sneaky and technical ways to collect your browsing
fingerprint. But we hope that these ways will help you reduce it as much as
possible and allow your fingerprint not to appear unique on the internet. Feel
free to let us know about your thoughts and expressions regarding browser
fingerprints.
A few other steps to protect your privacy while browsing online:

 Use a password management app

 Delete yourself from data brokers
 Rethink free apps on your phone
 Monitor the latest data breaches
 Find out what is device fingerprinting
 Delete social media
 Remove yourself from the internet
What You Need to Know
About Spear Phishing
Spear phishing is a targeted email or electronic communication scam crafted to
appear legitimate.
Detecting a spear phishing message can be difficult without the appropriate
knowledge due to the amount of personalized data acquired through the open
web, Data Brokers, and People Search Sites. This article intends to provide you
with everything you need to know to reduce your risk of being a spear phishing
victim. Perhaps there is no sure way to prevent phishing or spear phishing, but
we can learn from each other and create a more secure environment for
ourselves and others.

Let us begin with distinguishing spear phishing and phishing.

Spear Phishing vs. Phishing: Understanding the Differences

Phishing messages are unsolicited (usually email) messages sent to a broad
audience containing malicious links. This link, when clicked on, often leads to a
website where the users are prompted to enter personal information. The
attacker then uses this information for malicious purposes.

Spear phishing, on the other hand, is an attack that targets an individual or a

small number of people. The attackers often use publicly available information
from Data Brokers and People Search Sites to learn more about their target.

The table below compares phishing and spear phishing using eight markers:
definition, target, attack volume, attack success, personalization (level), content,
detection, and prevention.

Marker Phishing Spear Phishing

Unsolicited emails
Targeted emails aimed at
Definition aimed at a broad
a specific individual
audience

Random or mass Specific individuals or

Target
targets organizations

Attack volume High Low

Attack success Low to moderate High

 Marker Phishing Spear Phishing

Personalization Low High

Generic, mass-market Highly tailored message

Content
message specific to the target

Can be detected by
Detection Is more difficult to detect
spam filters

User education and User education and more

Prevention
spam filters robust security measures

Spear phishing is much more effective as an attack method because of the

amount of personal detail and careful crafting that goes into it. As such,
recipients must be extra diligent, carefully reviewing any email that requests
personal or professional information.

The growth of phishing has been exponential. According to the FBI’s Internet
Crime Complaint Center (IC3), reported phishing cases grew 184%, nearly
tripling in just three years, from 114,702 to 323,972 cases in 2021. [1]

Spear phishing attacks have risen exponentially. According to a 2021 report from
Barracuda Networks, spear phishing attacks increased by 667% from the end of
2019 to the end of 2020. [2]

Real-Life Phishing and Spear Phishing Examples

To help illustrate the types of techniques used by attackers, it is helpful to look at
real-life examples of phishing and spear phishing emails. In this section, we will
take a look at several examples. As you read this section and examine the
messages, remember the common traits of phishing and spear phishing emails
in the future.
Example #1: Phishing
In the first example, the annotator does an excellent job of pointing out the signs
of potential phishing, including:

 Bad grammar, sentence structure, and spelling

 Blind carbon copied (BCC)
 Formatting errors
 Illegitimate URLs
 Lack of personalization
 Scare tactics

Source:
University of California-Davis
Example #2: Phishing
The following example is a rather sharp phishing email that could easily be
mistaken as accurate. However, there are two subtle signs of phishing if one
looks carefully. Look at the following example and see if you can spot them.

Source: Tessian

This one is not that easy. The first sign of phishing is the bad URL;
“[email protected]” is not a real site. (Netflix will always send customer
emails using the domain “@netflix.com”).
The second sign of phishing is a formatting error after “Hello” and before the
comma. But again, there’s a lack of personalization here that is common in most
phishing emails.

Example #1: Spear Phishing

Take a look at our first spear phishing example.

Source: University of California-Davis

First, notice the absence of spelling and grammar errors. The message smartly
employs social engineering in its creation of a sense of urgency, which is more
subtle. There are two potential signs of phishing here.

First, the message is not personalized, but this occasionally happens in a

spear phishing email.
Second, in the digital version of this message, the URL before the sign-off does
not direct to Microsoft’s site. (Hovering your mouse over a URL to ensure that the
URLs match is a simple way to avoid redirection to a malicious site.)

Example #2: Spear Phishing

Here’s our second and final spear phishing example. Let’s take a look.

Source:
KirkpatrickPrice

There’s not much to go by here regarding obvious crafting mistakes. The

message is well-written as well. Moreover, the social engineering here is subtle
yet effective in that the urgent tone is not excessive.

If Kevin were able to take more than a cursory look at the message, he might ask
himself the following questions:

1. If the CEO needed something done within the hour, why was he sending
an email? The semi-formal language and the informal greeting and sign-
off indicate that the two men know one another. In such a case, a or text
would be more appropriate.
2. Why is there an attached file with no contact information? The former is
certainly more confidential than the latter. It benefits Chris to include all
necessary information in a single message, especially given the supposed
time constraints.
Quick Questions to Spot Spear Phishing
There are additional questions one can ask as a “framework” for detecting
potential spear phishing:
  Do I know the sender?
o If yes, does the tone of the email unusual, given the supposed sender?

 Does the email contain any unusual requests?

 Can I independently verify the email’s content?
 Is there a precedent for this type of request within the organization?
To better mitigate the risks of spear phishing, prioritize the scanning, removal,
and monitoring of PII exposure.

Anatomy of a Spear Phishing Attack: How Attackers Trick You

Spear phishing attacks usually follow a typical, repeated sequence of six stages,
five of which involve the target. The five stages are reconnaissance, email
creation, delivery, click, and compromise. “Covering tracks” is a post-attack
process attackers follow to evade detection.

Stage Description

The attacker identifies the target and gathers

information about the individual, such as their
name, job title, and contact information. This
Reconnaissance
information may be collected from public
sources, social media profiles, or other online
sources.

The attacker crafts an email designed to look

legitimate and entice the target to take action.
Message
The attacker employs social engineering tactics
creation
and personal details to convince the target to
open a malicious attachment or click on a link.

The attacker sends the email to the target using

Delivery a spoofed email address to make it appear that
the email is from a trusted source.

Click The personalized nature of the email tricks the

target, and they click on the link or open an
 Stage Description

attachment. This may result in installing malware

on the target’s computer, stealing sensitive
information, or other nefarious activities.

Once the attacker has gained access to the

target’s system or information, they may use this
Compromise access to further their attack or carry out
additional malicious activities, such as stealing
login credentials or installing other malware.

Finally, the attacker covers their tracks to avoid

Covering tracks detection, such as deleting logs or erasing
evidence of their activities.

The anatomy of a spear phishing attack

The Aftermath of a Successful Spear Phishing Attack

Falling victim to a spear phishing attack is potentially devastating. Some of the
adverse results of a successful spear phishing attack include the following:

 PII theft or loss: Personally Identifiable Information (PII) is any data that can
be used to identify a person. Attacks may seek to acquire PII, including
credit card details, login credentials, and Social Security numbers. With this
information, the attacker may commit identity theft or some other type of
fraud.
 Financial loss: Besides financial losses arising from unauthorized credit
card or financial account use, it is common for the victim of a spear
phishing attack to incur indirect financial losses. These include credit score
damage, legal fees, and device replacement.
 Emotional distress: Given what’s at stake in a spear phishing attack, it is
normal to feel inner turmoil if one becomes a victim. This is especially true
if the attack resulted in financial losses, identity theft, or other serious
consequences.
The Role of Data Brokers and People Search Sites in Spear
Phishing
In no unclear terms, Data Brokers and People Search Sites help to fuel spear
phishing. Both extract and aggregate massive amounts of PII from across the
web and make it widely available to potential attackers. As such, both entities
increase the risk of spear phishing and its effects, including identity theft,
financial fraud, and other types of cybercrime.

What are Data Brokers?

Data Brokers have built a $250 billion industry collecting, packaging, and selling
your data. Several Data Brokers have been found guilty of crimes, suffered a
data breach, or both. The credit bureau Equifax may be the best example of
what can go wrong if companies can gather and sell your data unchecked.

Equifax, one of the three credit bureaus and a massive Data Broker, was
breached in July 2020. The result? The exposed PII of over 147 million Americans.
The data leaked included Social Security numbers, dates of birth, driver’s license
numbers, credit card details, and other personal data.

When they’re not being breached or selling off your information, Data Brokers
post their information to any number of online or offline databases.

Given the External Data Privacy risks that Data Brokers pose, partnering with a
company that can scan for your PII and prompt Data Brokers for immediate
removal is essential.

What are People Search Sites?

People Search Sites collect vast amounts of PII from across the web and post it
to their online databases. Cyberattackers often use People Search Sites to
acquire more personal information about their targets, such as contact
information, job titles, employer names, social media profiles, and other data. Of
course, this information often enables attackers to craft a more targeted and
convincing email message.

Much information from People Search Sites and Data Brokers can be found via a
simple Google search. Additionally, there are many websites dedicated to giving
access to Data Broker information for free or at a very low cost.
Avoiding Spear Phishing Attacks
While it is true that spear phishing emails are effective, there are equally
effective ways of spotting a spear phishing message. Here are five step-by-step
actions to take after receiving an email:

1. Upon receiving the email, read its contents carefully and look for suspicious
content.

2. Verify the sender’s identity by looking up their contact information

3. Check for any spelling or grammatical mistakes or links to any unfamiliar

websites

4. Note any aggressive or overly urgent content within the email, as this is a
common social engineering technique.

5. When in doubt, leave the email alone and consult with someone in your IT
department.

You can more effectively mitigate the risks of spear phishing by scanning for,
removing, and monitoring for PII exposure across more than 350 Data Brokers
and People Search Sites.

Derisk your private data and perform a free privacy scan today!

References
[1] Federal Bureau of Investigation. Internet Crime Complaint Center(IC3) |
Annual Reports. (2021). Retrieved February 24, 2023, from Ic3.gov
website: https://www.ic3.gov/Home/AnnualReports

[2] Barracuda Networks. (2021). Spear phishing: Top threats and trends Vol. 2.
Retrieved February 23, 2023
from https://www.barracuda.com/resources/reports/spear-phishing-report-
vol2

‌
What is Digital Fingerprinting?

Digital fingerprinting, also known as device fingerprinting or browser fingerprinting, is a technique used
to uniquely identify and track devices or users. A “fingerprint” is a unique set of characteristics and
attributes associated with a specified device or browser.
Digital fingerprints are created by gathering information about various aspects of a device or browser
configuration, including hardware specifications, software settings, installed fonts, browser plugins,
screen resolution, time zone, language preferences, and other system-level details. These attributes,
when combined, form a distinctive profile that can be used to differentiate one device or user from
another.
The purpose of digital fingerprinting is often related to online tracking, fraud prevention, or security
measures. Online platforms and security systems can use fingerprinting to detect and prevent
fraudulent activities, such as account takeovers or identity theft. However, third parties such as
advertisers and marketers may use digital fingerprints to track user behavior across different
websites, allowing them to deliver targeted advertisements. While this can be helpful, it can also be a
nuisance and detrimental to your online security as your personally identifiable information is
collected.
Unlike traditional tracking methods like cookies, digital fingerprinting does not rely on stored data or
files on the user’s device. Instead, it relies on the characteristics of the device or browser itself,
making it more difficult for users to control or opt out of tracking. Additionally, digital fingerprinting
can be challenging to circumvent because many attributes are difficult to change or manipulate
without affecting the device’s normal functionality.
Is Digital Fingerprinting bad?
Whether digital fingerprinting is considered “bad” or not depends on the context. Below are some key
considerations:
 Privacy Concerns: Digital fingerprinting raises privacy concerns as it can be used to track and
identify individuals across websites without their explicit consent or knowledge. This tracking
capability has led to debates about the balance between personalized experiences and user
privacy.
 User Control: Unlike traditional tracking methods like cookies, digital fingerprinting can be
challenging for users to detect or control. Users may find it difficult to opt out of this type of
tracking, which raises concerns about transparency and user autonomy.
 Targeted Advertising: Digital fingerprinting is often used by advertisers to deliver targeted
advertisements based on user behavior and preferences. While some users appreciate
personalized ads that align with their interests, others view it as intrusive and manipulative.
 Security and Fraud Prevention: Digital fingerprinting can be a valuable tool for security
measures, helping to detect and prevent fraud, account takeovers, and malicious activities. In
this context, it can be seen as beneficial for protecting users and online platforms.
The belief of whether digital fingerprinting is “bad” or “good” depends on the balance between privacy,
user control, security, and the specific use case in question.

Take control of your digital security today!

Download System Mechanic Ultimate Defense and shield your personal information from prying eyes.
With System Mechanic Ultimate Defense’s advanced protection, you can defend your online privacy
and keep your personal information secure.
Click here for worry-free browsing

Need a PC Mechanic?
Let our experts help you
LiveTech is our affordable, 24/7 premium technical support that can help you solve virtually any
technology issue. Let our utility software experts help to remove malware; set up Amazon Echo/Alexa;
optimize printers, modems, and routers; block browser popups and adware, and more.

Learn More
(801) 523-6763
Available 24/7
How can I prevent tracking and protect my privacy online?
Protecting your privacy and controlling who has access to your personal information is crucial in
today’s digital age. Here are some effective ways to safeguard your online privacy:
 Use Privacy-Oriented Browsers and Tools: Consider using privacy-focused web browsers when
possible. Additionally, software like System Mechanic offers custom privacy settings that let
you choose what Windows, and third parties can see and lean about you and prevents data
collection from online trackers.
 Update and Secure Your Devices: Keep your operating system, apps, and antivirus software up
to date. Regularly apply security patches and updates to protect against known vulnerabilities.
 Use Encryption and Secure Connections: Ensure that websites you visit use HTTPS encryption,
especially when handling sensitive information like passwords or payment details. Avoid using
public Wi-Fi networks for sensitive transactions unless you are connected via a Virtual Private
Network (VPN).
 Limit Personal Information Sharing: Be cautious about sharing personal information online,
especially on social media platforms. Review privacy settings and only share information with
trusted individuals or organizations.
 Regularly Review App Permissions: Audit the permissions granted to apps on your devices.
Remove unnecessary permissions that might invade your privacy, such as access to your
location, contacts, or camera, if not essential for their functionality. System Mechanic’s Privacy
Shield lets you easily customize up to 30 different Windows and app permissions by using
preconfigured privacy settings or customizing to your liking.
 Employ Strong Encryption for Communications: Use encrypted messaging and calling services
to protect your conversations from interception. Apps like Signal and WhatsApp offer end-to-
end encryption for secure communication.
 Be Mindful of Online Tracking: Opt-out of personalized advertising where possible and
regularly clear your browsing history, cookies, and cache. Consider using browser extensions
that block trackers and protect your privacy.
Remember, while these measures can enhance your online privacy, keeping aware and staying
informed about privacy best practices are equally important. Consider Privacy Guardian™ for added
protection.
Don’t wait any longer – safeguard your digital identity now and enjoy worry-free browsing

What Is Browser
Fingerprinting and
How Can You Prevent
It?
Browser fingerprinting happens when websites use special
scripts to collect enough information about you — such as your
browser, timezone, default language, and more — that they can
uniquely identify you out of the sea of other internet users. Keep
reading to learn how browser fingerprinting works and how
privacy tools like Avast Secure Browser can help prevent it.

Download free Avast Secure Browser

Get it for Android, iOS, Mac
Written by Nica Latto
Published on October 22, 2020
Reviewed by Sander van Hezik

What is browser fingerprinting?

Browser fingerprinting (also called device fingerprinting or online
fingerprinting) refers to tracking techniques that websites use to collect
information about you. Modern website functions require the use of scripts —
sets of instructions that tell your browser what to do. Working silently in the
background, scripts can identify lots of information about your device and
browser that, when stitched together, forms your unique online “fingerprint.”
This fingerprint can then be traced back to you across the internet and different
browsing sessions.
What exactly can scripts find out? They can determine a lot about the device
you’re using, such as its operating system, your browser, the software installed
on your device, what timezone you’re in, which language you’re reading in,
whether you use an ad blocker, your screen’s resolution and color depth, all the
browser extensions you’ve installed, and even more granular technical
specifications about your graphics card, drivers, and more.
Imagine you want to identify a person in a crowd: you can do so by listing their
attributes and other defining features. For example, you could describe
someone as a woman with long blond hair, a red shirt with a white collar, a
grey skirt, black shoes, red lipstick, etc. With enough attributes, it’s easy to
identify this woman, even in a crowd of other people.
Browser fingerprinting provides enough specific
attributes about your device and its settings
that you can be reliably identified out of a crowd
of internet users.
Similarly, browser fingerprinting provides enough specific attributes about
your device and its settings that you can be reliably identified out of a crowd,
even the extremely large crowd of millions of internet users and billions of
devices. In fact, device fingerprinting can identify users with 90 to 99%
accuracy.
Not convinced you could actually be identified? Try it for yourself:
Visit AmIUnique, a research project that helps developers identify techniques to
fight back against fingerprinting. You’ll see how easily identifiable you are
based on your fingerprint. AmIUnique shows me, for example, that my
fingerprint is unique among the more than two million fingerprints in
their dataset. I can also see the 75+ attributes they use to identify me in a
matter of seconds.
Wait… Is online fingerprinting the same
as tracking cookies?
Cookies and fingerprinting are completely different. While digital fingerprinting
is a new concept to many, you might be more familiar with tracking cookies,
which are also able to follow you around the web.
One difference between fingerprinting and cookies is that the latter are
regulated (at least in the European Union), meaning that websites are required
to notify you and gain your permission to use them. (These notifications are
those annoying pop-ups you see on most websites.) That is not the case for
digital fingerprinting, which happens silently and without your knowledge or
consent. And unfortunately, browser fingerprinting scripts are indistinguishable
from all the other scripts required to make a website function.
And while you can delete your cookies, there’s no way to delete your browser
fingerprint. Your fingerprint allows you to be identified as the same user when
you revisit sites or visit other sites around the web that employ fingerprinting.
Put together, information from your browsing activity provides a clear picture
of your online history, preferences, hobbies, and even life
circumstances — it identifies you even when you’re not logged in to a site or
if you’re using incognito or private browsing mode.

How does browser

fingerprinting work?
Browser fingerprinting works because websites use scripts that run in the
background of your browser. Today’s web browsers have built-in software
functions called APIs, which can be used by website scripts to collect
information. Generally, scripts are designed for legitimate purposes like
rendering videos or photos. If we were to block them, then most websites
wouldn’t run properly — they’d “break.”
That means there’s no way for someone to know when websites are collecting
their personal information, because fingerprinting scripts look just like any
other script running on a website. These scripts collect the attributes — device
specifications, OS, browser settings and plug-ins, user agents, audio and video
capabilities, timezone, and more — that can be compiled into a “hash” or
digital fingerprint.
Many website owners and ad networks share browser fingerprinting
functionality to perform cross-site tracking. That means they use your online
fingerprint to track you across the web, and collect intimate details about you:
your search history, shopping and news preferences, and more.
 Your
digital fingerprint, or hash, follows you around the web.
With the help of the following advanced techniques, fingerprinting online allows
websites to identify individuals with an extremely high degree of accuracy.
 Canvas fingerprinting: Canvas fingerprinting uses the HTML5 canvas
element to force your browser to draw an image or some text. This
occurs invisibly in the background, so you won’t see it happening. But
the precise way your browser renders the image/text provides detailed
information about your font style, graphics card, drivers, web browser,
and OS. Canvas fingerprinting is one of the most widely used digital
fingerprinting techniques.
 WebGL fingerprinting and rendering fingerprinting: Like canvas
fingerprinting, these two techniques force your browser to render
images off-screen and then use these images to infer information about
your device’s hardware and graphics system.
  Device fingerprinting: While device fingerprinting is often used
synonymously with browser fingerprinting, it also refers to a particular
technique that uncovers a list of all the media devices (and their IDs)
on your PC. That includes internal media components such as your
audio and video card, as well as any connected devices like
headphones.
 Audio fingerprinting: Rather than forcing your browser to render an
image, audio fingerprinting tests the way your device plays sound. The
resulting sound waves provide information on your device’s audio
stack, including specifications about its drivers, sound hardware, and
software.
Once you’ve been tracked, a profile can be compiled that includes intimate
details about your life. That profile can be sold to data brokers, who are already
hard at work compiling as much information as possible about everyone. Data
brokers combine offline information (from public records, offline loyalty cards,
and other sources) with online information, and the precise details from your
device fingerprint are just what they need to complete their files. Data brokers
then market this information, often selling it to advertisers who use it to target
you more effectively.
Strong anti-tracking software disguises your browser fingerprint and helps
prevent advertisers from knowing who you are. Avast AntiTrack blocks trackers
on every site you visit, and our advanced anti-fingerprinting technology keeps
your identity safe against even the most advanced tracking techniques.
Download Avast AntiTrack
Free trial
Get it for Android, Mac

Why is browser fingerprinting

used?
Browser fingerprinting is mainly used for web tracking. It’s a more secretive
way to track people than simply using tracking cookies, which require consent.
But what do companies do with the information they collect? The large majority
use this data to advertise to you and personalize your experience online. While
being served personalized ads may not seem like a serious issue, the amount
of information collected through digital fingerprinting and other tracking
methods has the potential to be used quite nefariously.
Just imagine how much sensitive data is included in your online search history.
If you search for chest pain, that information becomes part of your search
history, which is included in the information that data brokers buy and sell. That
means when a data broker later sells your search history to a health insurance
company, the insurance company could infer that you’re at risk of heart
disease and increase your rates.
 If a
health insurance company has access to your search history, they might think
you’re at risk of heart disease and increase your rates.
Dynamic pricing is another example of how browser fingerprinting is used. Most
people are aware that travel and ecommerce sites can and do adjust prices
based on various factors. If browser fingerprinting pinpoints your location in an
affluent area, you can expect prices to rise on almost everything you see
online: airline tickets, clothes and other products, apps with subscription
services, and more.
 Brows
er fingerprinting can reveal lots of information about your finances and buying
habits.
Those are just a few examples. As device fingerprinting becomes more
prevalent and more accurate, companies will have increasing amounts of
information about you — and more ways to wield this information to their
advantage. It’s concerning, to say the least.
To protect yourself against online fingerprinting, consider using a privacy-
focused browser like Avast Secure Browser. Our browser masks your digital
identity and confuses website scripts so that they can’t collect accurate
information to build your digital fingerprint. Download it today to get free
protection against insidious online tracking.
Download free Avast Secure Browser
Get it for Android, iOS, Mac
But it’s not all doom and gloom: there are a few legitimate uses of browser
fingerprinting. It can be used to identify the characteristics of botnets to help
prevent DDoS attacks. Fingerprinting can also help to identify fraud and other
suspicious activity. Banks use browser fingerprinting to detect potential identity
theft and banking fraud.

Is browser fingerprinting legal?

Yes, browser fingerprinting is legal in most areas (as of this writing). In the
European Union, the General Data Protection Regulation (GDPR) requires
companies to get consent from users before tracking them with cookies. An
additional law, the ePrivacy Regulation, is supposed to address browser
fingerprinting — but it still hasn’t come into effect.
The US doesn’t have national laws on data protection. The California Consumer
Privacy Act (CCPA) and Vermont’s Data Broker Law attempt to regulate some
forms of online tracking and data collection, but they don’t address online
fingerprinting.
In fact, some people think that device fingerprinting was actually developed
to circumvent regulations like GDPR and CCPA, which focus on protecting
personally identifiable information by regulating tracking cookies.

How to prevent browser

fingerprinting
Without sophisticated tools, browser fingerprinting is extremely difficult to
avoid. The normal privacy tricks — like using private browsing or Incognito
mode, cleaning your cookies or search history, or using an ad blocker or a VPN
— can’t prevent browser fingerprinting. In fact, it’s such an insidious and
pervasive tracking technique that even if you use all of the privacy tactics we
just mentioned, your unique fingerprint is still identifiable.
But don’t despair — there are ways to fight back against online fingerprinting.
While it’s impossible to shut off the website scripts that collect your personal
data, because websites wouldn’t work without them, you can confuse the
scripts by using two techniques: generalization and randomization.
 Generalization refers to manipulating browser API results to make you
seem generic. In other words, it masks your unique attributes and helps
you blend in with the crowd.
 Randomization changes your attributes periodically so that your
fingerprint is constantly changing and you can’t be reliably identified.
But how can the average person use generalization and randomization
to hide? You’ll need to rely on a tool or service to do it for you. Avast
AntiTrack uses advanced anti-fingerprinting technology to insert fake data
when scripts attempt to collect your digital attributes. That lets the scripts
continue to run (to avoid breaking website functionality), while hiding your true
personal information so that it can’t be collected.
Avast AntiTrack also warns you of tracking attempts so you can see exactly
which sites are trying to track you. And it’ll periodically clear your browsing
history and cookies to ensure maximum privacy. Download it today to keep
advertisers, data brokers, and other privacy invaders off your back.
Download Avast AntiTrack
Free trial
Get it for Android, Mac
Another option is to use a browser that offers built-in anti-fingerprinting
protection. As more advertisers use online fingerprinting, some browsers are
starting to fight back with various anti-fingerprinting measures. Tor Browser
generalizes users, while Brave Browser uses randomization and Firefox simply
tries to block specific fingerprinting scripts.
Avast Secure Browser offers the most comprehensive protection by
employing both generalization and randomization (depending on the
site). Specifically designed to prevent all known forms of browser fingerprinting,
Avast Secure Browser offers advanced privacy without breaking websites, to
make sure you get an optimal browsing experience without sacrificing your
privacy.

Stop browser fingerprinting the

easy way
These days, it’s safe to assume that you’re being tracked every time you log
on. But you don’t have to put up with it! Built by the same cybersecurity
engineers who painstakingly protect hundreds of millions of users
worldwide, Avast Secure Browser is one of the most sophisticated anti-
fingerprinting solutions out there.
From canvas fingerprinting, to audio fingerprinting, and everything in between,
Avast Secure Browser stops trackers from accessing your personal information.
Our browser also offers Adblock, Anti-Phishing, Stealth Mode, a password
manager, and loads of additional privacy features. And, because we believe
that anyone who uses the internet should be able to do so without being
tracked or mined, we’ve made it completely free. Download it today to get
essential digital privacy.
Download free Avast Secure Browser
Get it for Android, iOS, Mac
How to Avoid Browser Fingerprinting: A
Comprehensive Guide
By AdsPower
2024/03/013,180 Views
Every time you visit a website, you unknowingly leave behind a detailed trail that reveals your

identity. Surprising, isn't it?

However, it's not your fault. Websites secretly track your online movements through a technique

known as browser fingerprinting.

But fear not. You're not without defenses. Our guide will show you how to prevent browser

fingerprinting while disclosing minimal information about yourself.

But first, let's understand what Browser Fingerprinting actually means.

What is Browser Fingerprinting?

Browser Fingerprinting is a complex tracking method used by websites to create a unique

identifier or "digital fingerprint" of your browser. This digital ID is constructed from an extensive

array of both software and hardware configurations.

From your operating system, installed languages, and timezone to screen resolution, fonts,

browser version, browser extensions, User-Agent, and even MAC Address, every little detail

contributes to creating this unique ID.

The uniqueness of this data is staggering. For instance, a study revealed that among 286,777

browser fingerprints, it's probable that only one would match another user's exactly. This stat

explains why it's called fingerprinting because, like fingerprints of humans, browser fingerprints

are also unique.

Curious about how unique your browser fingerprint is? You can visit AmIUnique and check it out

yourself. According to their dataset of 2.4 million fingerprints, my browser was identified as

unique based on approximately 57 different software and hardware attributes. So, hands down,

its uniqueness is akin to a human fingerprint.

Browser fingerprinting has its benefits for websites, such as tracking visitor movements,

delivering personalized content, and safeguarding against fraud. However, there's a dark side to

it. Your data might end up in the hands of advertisers, cybercriminals, or surveillance agencies.
For privacy-conscious individuals, the thought of personal data being so easily accessible can be

alarming.

But don't feel powerless. There are several fingerprinting protection strategies that let you hide

browser fingerprint to a certain level.

Let’s understand in detail how to prevent browser Fingerprinting and protect your privacy.

How to Avoid Browser Fingerprinting?

Browser Fingerprinting, by its very nature, gathers an overwhelming amount of data, potentially

including sensitive personal information.

It's completely rational to be wary of websites tracking such a vast array of your data, even if it's

non-personal. In the end, your data belongs to you, and you alone should decide how it's used

and who gets to access it.

If you're concerned about how to hide fingerprints, know that you're not alone. The desire for

control over personal data has never been higher as countless users search for how to hide

browser fingerprint.

For instance, a statistic shows about 81-84% of U.S. adults feel powerless over the data collected

on them by both government agencies and corporations.

However, this can be mitigated to some extent by employing advanced tracking and

fingerprinting protection measures.

So, let's explore and learn how to prevent browser fingerprinting through these measures.

Update Software Regularly

While there’s no one-shoe-fits-all strategy, one step towards anti-fingerprinting is regular

software updates.
Browser developers frequently roll out updates to fix bugs, patch vulnerabilities and also improve

privacy. Some updates may even include features to block websites from collecting certain types

of data that were previously accessible.

Therefore, it's crucial to keep your browser and all relevant software applications up to date.

While seemingly simple, this practice can help you avoid browser fingerprinting, at least to a

certain degree.

Modify Browser Settings

To further prevent Browser Fingerprinting, making certain changes to your browser settings can

be a way forward. Interestingly, many browsers come equipped with anti-fingerprinting features

to enhance fingerprinting protection.

However, these settings are not activated by default, and surprisingly, only a handful of users

know about them.

Here's how you can activate fingerprinting protection in browsers like Firefox and Brave:

Brave Browser:

Enabling anti-fingerprinting in Brave is pretty simple:

 Navigate to the Shield settings

 Locate the dropdown menu for Fingerprinting Blocking and select either "Standard" or

"Strict" protection levels.

Be mindful, though, that selecting the Strict option might restrict access to some websites.

Firefox:

Fingerprinting protection in Firefox is a little more advanced. In Firefox, type about:config into

the URL bar and modify the following settings.

 Set privacy.resistFingerprinting to true

 Set webgl.disabled to true

 Set media.peerconnection.enabled to false

 Set geo.enabled to false

 Finally, Set privacy.firstparty.isolate to true

By customizing these settings, you significantly enhance your browser's ability to prevent

Browser Fingerprinting.

Use a VPN

VPNs work by masking your original IP address with one from a distant location and routing your

internet traffic through the VPN server. This process hides your actual physical location and

makes it more challenging for fingerprinters to track you accurately.

However, note that while VPNs can disguise your IP address and location, they do not hide

browser fingerprint. Websites may still be able to collect your digital fingerprint, though, without

directly linking it to your true location.

But again, addressing how to prevent Browser Fingerprinting requires a multifaceted approach. It

needs a combination of anti-fingerprinting practices. A VPN serves as one component of this

broader strategy to avoid Browser Fingerprinting.

Delete Your Profile From Data Broker Records

While it may seem slightly offbeat, removing your profile from data broker records is a crucial

aspect of anti-fingerprinting efforts. Although this method doesn't directly show you how to

prevent browser fingerprinting, it addresses the aftermath by aiming to erase your browser

fingerprint from online databases.

There's a high likelihood that your browser fingerprint, among other personal data, is currently

stored in data broker archives.

Data brokers are entities that thrive on collecting and monetizing your information. They compile

vast amounts of information from both offline and online sources to create a detailed profile of

you. This profile can then be sold to advertisers, hackers, or even government agencies.

Have you ever seen an Ad for a particular product on a social media platform right after you

searched about that product on Google or vice versa? This happens because the Ad platform has

bought your data from a data broker.

However, there's actually something you can do about it. Many services now exist that approach

data brokers on your behalf to have your personal data removed from their databases. Popular

services such as DeleteMe, Incogni, and OneRep specialize in this very task.

You can use these services along with other anti-fingerprinting measures you've taken and

ensure that your digital footprint is as minimal as possible.

Use Privacy-Focused Extensions

Many browser extensions are available to prevent Browser Fingerprinting by defending against

specific fingerprinting tactics. However, it's important to deal carefully with extensions.

Ironically, the very extensions meant to protect you can make your browser fingerprint more

unique. To ensure your efforts to avoid Browser Fingerprinting don't backfire, you should use

extensions that are widely used and trusted.

With that said, here are some anti-fingerprinting extensions that perform well:

For Chrome Users:

 WebRTC Leak Prevent: addresses WebRTC leaks that often occur during browser-based

video or audio communications

 CanvasBlocker: blocks canvas fingerprinting attempts, a method that tracks users by

their browser's unique canvas image rendering

For Firefox Users:

 Trace: provides protection against a variety of fingerprinting techniques

 Chameleon: allows you to alter your user agent, which makes it harder for websites to pin

down your browser's identity

Disable JavaScript

Browser Fingerprinting JavaScript code plays an important role in collecting your software and

hardware attributes. Therefore, disabling JavaScript can be super helpful to prevent Browser

Fingerprinting. Doing this will block these snippets from executing, thereby helping to hide

browser fingerprints.
However, there’s a trade-off involved. JavaScript is not just used for tracking. Many websites

also rely on it for their functionality, as it enables interactive features and dynamic content.

Turning it off might lead to a less responsive or even non-functional web experience.

Luckily, there's a workaround for this too. Extensions like NoScript and Adblock Plus offer a

middle ground by allowing you to enable and disable JavaScript on websites selectively.

Use Anti Fingerprint Browser

While the anti-fingerprinting methods discussed above offer a degree of fingerprinting

protection, they have their limitations. They cater to specific scenarios and cannot fully prevent

browser fingerprinting.

Moreover, some strategies, like disabling JavaScript, can impact website functionality, and using

unique extensions could unintentionally make your browser fingerprint more unique.
However, these limitations do not mean your online identity will always stay exposed. So how to

prevent browser fingerprinting from its roots? The answer lies in using an anti fingerprint

browser.

These dedicated browsers employ advanced tracking and fingerprinting protection techniques

that feed altered data to trackers so that your original identity stays hidden.

The most effective method to spoof your Browser Fingerprint would be to use a tool known as

AdsPower. AdsPower is renowned as the paramount tool for altering your browser attributes in a

way that makes online tracking more difficult. Instead of operating on multiple computers, which

can be both costly and inefficient, AdsPower offers a solution in the form of virtual browser

profiles. These profiles are essentially digital identities that can be used to mimic the attributes of

different computers.
So start right now and take control of your online privacy with the best anti-fingerprint browser.

Experience the flexibility of customizing multiple virtual profiles and adjusting their fingerprint

settings as needed.

AdsPower
Best Multi-Login Browser for Any Industry
DownloadMore
People Also Read
 Understanding Residential IP Addresses: 4 Key Reasons to Use Them
 How to Hide IP Addresses? 7 Effective Ways for You!
 Why Is IP Purity Important? And How to Detect It?
 What is an IP Ban? How to Bypass It?
 Why You Should Update Browser Kernel Regularly？

Why You Should Update Browser Kernel

Regularly？
By AdsPower
2024/08/09677 Views
Take a Quick Look
Regular kernel updates are crucial for security, performance, compatibility, and

accessing new features. AdsPower enables both manual and batch kernel

updates, enhancing your efficiency and maintaining online privacy.

DownloadMore
When you use a browser—whether it's IE, Firefox, Safari, Opera, or Chrome—

you might come across the term "browser kernel". When you open AdsPower,

you'll see SunBrowser and FlowerBrowser prominently displayed on the Profiles

page. You might be curious: What is SunBrowser? What is FlowerBrowser? How

do they differ? In fact, these are fingerprint browsers developed by AdsPower,

each based on different browser kernel.

So, what exactly is a browser kernel? How does it function when the browser is

running? And why do we need to update the browser kernel regularly? This

article will answer all your questions.

What is a Browser Kernel?

First of all, it's important to note that "kernel" is not a literal term like a fruit core.

"Kernel" is just a popular term, it is also known as "Layout Engine". It retrieves the
content of a webpage (HTML, XML, images, etc.), organizes the information (such as

adding CSS,etc.), and calculates how the webpage should be displayed before rendering

it on the monitor or printer. All web browsers, email clients, and other applications that

manage and display web content require a layout engine.

Previously, the browser kernel included the JavaScript (JS) engine, responsible for parsing

JavaScript code. Nowadays, as JS engines have become more autonomous, the term

"browser kernel" typically refers to the layout engine.

Finding it difficult to understand? Think of it like the kernel of a fruit. The browser kernel

is the core, or the heart, of the browser. Each browser brand features a different kernel,

which processes the same code in varied ways. Therefore, the differences in browser

kernels are the primary cause of compatibility issues.

Each popular browser uses a unique engine. Here are the four common types of browser

kernels:

 Trident - IE kernel

 Gecko - Firefox kernel

 Webkit - Safari kernel

 Blink - Google and Opera kernel

What are SunBrowser and

FlowerBrowser?
SunBrowser: A Browser Built on the Chromium

Kernel

The SunBrowser, built on the Chromium engine, offers high performance and strong

compatibility. It allows you to use and install a wide range of extensions from the Chrome

Web Store. Ideal for managing multiple accounts, it doesn't send user information to

Google, making it an excellent choice for running Google accounts without exposing your

real parameters.
FlowerBrowser: A Browser Built on the Firefox

Kernel

Firefox is well-known for its strong privacy protection features. FlowerBrowser, built on

Firefox kernel, also excels in this area, providing tools such as Enhanced Tracking

Protection (ETP) by default and blocking all third-party cookies.

AdsPower supports fingerprint browsers that simulate Chrome and Firefox kernels,

offering more browser version options. Its security and flexibility are industry-leading.

Download

Why You Need to Regularly Update

Kernel?
Keeping your browser updated is essential for providing the best and safest browsing

experience.

1. Security

Hackers and cybercriminals can take advantage of weaknesses in older browser versions

to steal personal information, install malware, or hijack your computer. By updating

kernel promptly, you can shield yourself from the latest threats.

For example, if a new type of malware is found that exploits a vulnerability in a specific

browser version, the browser's developers will likely release an update with a patch to fix

this issue. If you don't update your browser, you could be exposed to this new malware.

2. Performance

Regular kernel updates can enhance browser performance. Newer browser versions

typically offer improvements in speed, stability, and resource usage, leading to a faster

and more reliable browsing experience with fewer crashes or errors.

For example, if you have an older browser version that often crashes or freezes when

opening multiple tabs, updating to a newer version may solve this problem, enabling

more efficient browsing.

3. Compatibility

Not only are browsers frequently updated, but websites and extensions are also

constantly changing and updating. This can lead to incompatibility between older browser

versions and some websites or extensions, resulting in broken or distorted pages, missing

functionalities, or other issues, making some websites and extensions difficult or

impossible to use.

Regularly updating your browser kernel can help prevent these compatibility issues,

ensuring full access and functionality for all websites and extensions.

4. Bug Fixes

Kernel updates can address annoying bugs. While these bugs may not always lead to

security issues, they can still be inconvenient. The browser might not function as

expected or produce unexpected results.

Kernel updates often include fixes for these bugs, and updating to the latest kernel

generally enhances the browser's stability.

5. New Features

Keeping your browser updated allows you to enjoy new features that improve your

browsing experience. Browsers are always updating, adding functionalities like enhanced

privacy controls, better tab management, and new customization options.

For example, if you're using an outdated browser version without a built-in ad blocker,

upgrading to the latest version with this feature can make your browsing smoother and

cleaner.

Both Chrome and Firefox frequently update their browser kernels, and AdsPower

promptly responds by releasing the latest versions. These regular updates enhance

AdsPower's ability to avoid browser fingerprinting and effectively simulate real user

behavior.

How to Update Kernel in AdsPower?

AdsPower offers multiple kernel versions for both browsers and provides convenient ways

to update these versions. This makes it easy for you to efficiently manage and update

your browser kernels, enhancing your overall productivity.

Manually Update One By One

1. On the Profiles page, select the three dots next to the profile you wish to update,

and click "Edit".

2. On the "Edit Browser Profile" page, click either SunBrowser or FlowerBrowser

and choose the kernel version you wish to update to.

One-click Bulk Update

1. On the Profiles page, choose the profiles you wish to update and click the three

dots next to the trash icon.

2. Click "Edit UA/Kernel" to access the modification page.

3. Select "Modify Browser Kernel" to update the kernel. The system will then

update to the latest kernel version.

 4. Please note that a significant difference between the User Agent (UA) and the

kernel can impact the browser's performance. It is advisable to click "Update User

Agent" to match the UA with the browser kernel.

Additionally, you can check the download and installation status of the kernel version in

Local settings.
How to Choose a Browser Kernel?
When choosing between SunBrowser and FlowerBrowser, consider your priorities:

For high performance and compatibility, opt for SunBrowser.

For enhanced online privacy, FlowerBrowser provides more comprehensive privacy

features.

AdsPower provides a range of kernel versions for both browsers. When handling multiple

social media, e-commerce platforms, or advertising accounts, these different kernel

versions can emulate real users on various devices, minimizing the risk of association due

to similar browser characteristics.

If you need to customize the UA string, AdsPower also supports intelligent matching

of browser kernel versions based on the User Agent, improving the authenticity of the

simulated browser fingerprint.

Conclusion
Regularly updating your browser kernel is essential for ensuring security, performance,

compatibility, and access to new features.

AdsPower offers robust tools for managing multiple browser profiles with different

kernels, including SunBrowser for high performance and FlowerBrowser for enhanced

privacy. Whether your priority is speed, compatibility, or privacy, AdsPower provides the

flexibility and security necessary for effective multi-account management.

Feel free to download the AdsPower browser to enhance your online privacy while

managing multiple accounts!

AdsPower
Best Multi-Login Browser for Any Industry
DownloadMore

Protect Yourself from Invasive Digital

Fingerprinting
System Mechanic Ultimate Defense offers powerful personal data protection
July 28, 2020—Online advertisers have in recent years pivoted from tracking cookies to a much more
sophisticated—and largely invisible—method of data mining that acquires highly detailed information
about your computer and the ways you use it to determine how best to sell to you. This significantly
more invasive form of digital profiling is known as fingerprinting. Far from just the innocuous
placement of targeted ads in your web browser, fingerprinting can be used to determine facts about
you ranging from how many children you have in college, to which make and model of vehicles you
and your family drive, to where and when you are likely to be away on vacation.
Fingerprinting can even alter the price you pay for health insurance. In July, JAMA Open
Network published research warning that, while there are existing regulations against the misuse of
personal health data, no such regulations apply generally to all forms of data; and all data is
potentially health data. Digital information sources outside of healthcare but entirely within the law
that could build an unfavorable profile of you include activity-tracking apps, text conversations, and
online banking. In the extreme, the researchers note that “a grocery store receipt could be used to
predict a person’s hemoglobin A1c level.”
How does fingerprinting work?

Simply put, fingerprinting is a stealth method of personal-data collection that detects information
about your PC, other devices, and the ways you use them, and then uses it to identify you.
Fingerprinting examines specific device characteristics, including operating system, computer make
and model, and even screen resolution. This information is utilized to track you across the web and
monitor your program usage. Once enough data is collected, a specific profile of you is created: a
digital fingerprint. It’s crucial to implement robust identity protection measures to safeguard against
such invasive tracking techniques.
Cookie- and pixel-based tracking have been significantly blocked in recent years. System Mechanic®
Ultimate Defense™, for example, lets you easily automate clearance of your web cookies and browser
history within Privacy Guardian™, the software’s online privacy tool.
Companies have therefore been looking for new ways to gather personal information. Fingerprinting is
particularly insidious, as it happens unbeknownst to most users. Cookies are somewhat outdated web
trackers stored on your PC that you can see and delete; fingerprinting happens undetected on
websites and within apps.
Fingerprinting takes advantage of your browser automatically giving websites information about your
computer’s hardware during the course of your web browsing. This fairly innocuous data collection
functions mostly to make websites load properly. But with enough information gathered, fingerprinting
can reliably intrude on your privacy and compromise your identity—and it is very difficult to opt out of.
How Hack-Friendly Are Your Passwords?
If you want to use the password management tool, ByePass™, you can buy the full version of System
Mechanic Ultimate Defense.
Download Now
Secure Your Digital Life
Get ultimate protection with System Mechanic® Ultimate Defense™—secure password management,
anonymous browsing, malware blocking, and so much more—all in one easy-to-use software suite.
Get It Now

One click to the rescue

Privacy Guardian is designed to help stop online data thieves by randomizing the information sent
from your PC so malicious entities can’t deploy fingerprinting, digital profiling, and data-mining
techniques against you.
Become a Privacy Power User
Digital Fingerprinting Protection is just one of the many features within Privacy Guardian that help
safeguard your online activities. Privacy Guardian also provides:
 Anonymous Browsing: Ensures your browsing habits remain private.
  Disabling Aggressive Data-Collection Services: Turns off intrusive Windows personal data-
collection services.
 Phishing Email Blocker: Keeps dangerous phishing emails at bay.
 Automated Cookie and Web History Clearance: Regularly clears tracking cookies and browsing
history to maintain your privacy.
To learn how to optimize your internet privacy and security, refer to our support
page which offers comprehensive guides and tips for becoming a Privacy Power User.
As the importance of online privacy protection and data mining prevention grows globally, we invite
you to follow our upcoming articles that will delve into the latest features of Privacy Guardian.

Browser Fingerprinting Protection: How to Prevent

Tracking in 2024
A browser fingerprint can reveal a lot of information about you. While websites need some of that
information to provide basic functionality, browser fingerprinting poses a privacy concern due to the
amount of data it collects. This guide to browser fingerprinting protection can help you stay anonymous
online.

Written by Aleksandar Kochovski (Writer)

Reviewed by Aleksander Hougen (Co-Chief Editor)
Facts checked by Vildana Bratic (Video Editor, Fact-Checking Editor)
Last Updated: 29 Jan'24
All our content is written fully by humans; we do not publish AI writing. Learn more here.
In order to protect themselves from fraud and other types of malicious attacks, many websites employ what’s
called browser fingerprinting. Browser fingerprinting collects data about your web browsers to create a unique
digital fingerprint. However, your fingerprint can also facilitate online tracking. This article will discuss the best
methods for browser fingerprinting protection.
Key Takeaways: Browser Fingerprints Explained
 Websites collect information about your browser and hardware configuration, and compile it into a
unique identifier called a browser fingerprint.
 Although websites need that identifier for certain functions, your browser fingerprint contains a lot of
sensitive data.
  If you want to keep websites from fingerprinting you, you can use a privacy-focused browser, install
protective browser extensions or use a VPN.
Your browser fingerprint can contain all sorts of sensitive personal information that data brokers can use to
identify you and subsequently sell your profile to advertisers, government surveillance agencies or hackers.
Our private browsing guide will explain how browser fingerprinting works, what data it collects and how you
can protect yourself using simple measures, like using a VPN or browser extensions.

Browser Fingerprinting Protection Basics: What Is Browser

Fingerprinting?
Browser fingerprinting is one of many popular tracking techniques, known collectively as device fingerprinting.
In brief, websites collect data about your browser’s unique configuration to help differentiate you from other
users, compiling that data into a browser fingerprint.
Online Security
Check out our online security courses and grab a limited-time offer.
Enrollment available now!
Enroll Now
Your browser fingerprint can hold a lot of sensitive data, including:
 A user agent string that identifies your browser type and version, operating system type and version, and
device type (mobile or desktop)
 Screen resolution, screen size and color depth
 Time zone and language
 Browser cookies, including login information
 WebGL and canvas information, including installed fonts and plugins, browser settings and graphics card
drivers
 Network information, including your IP address and DNS server
 Battery and charging status
Browser fingerprints contain a shocking amount of sensitive personal data.
Websites might need this data for several reasons, the first of which is detecting suspicious activity, such as
fraud and account hijacking. Creating a unique identifier for each user can prevent them from using multiple
accounts to exploit the website, and it can also stop someone else from hijacking your account if they discover
your login info.
Note that browser fingerprint data is usually part of a larger data profile called a device fingerprint, which
includes a lot more data, such as your specific hardware configuration.
Device fingerprinting techniques include audio fingerprinting, user behavior tracking and even machine learning
tracking. This digital fingerprinting data can be used to identify you as an individual and thus poses some
privacy concerns.
How Does Browser Fingerprinting Work?
The fingerprinting process starts when a user visits a website. In order to enable certain functions and identify
fraudsters, the website uses fingerprinting scripts, such as JavaScript or another type of code, to collect data
about your browser. The data is then analyzed and processed to create a unique fingerprint.
That fingerprint can then be used to provide you with certain services, protect the website and user against fraud,
and for statistical analysis. It can also be used to track a user across multiple sites, devices and browsing sessions
in order to provide a consistent experience, preserving your preferences or tracking your progress.
Why Is Browser Fingerprinting a Privacy Concern
Your browser fingerprint can be a dangerous tracking tool in the wrong hands.
Like any other type of data harvesting, browser fingerprinting can pose a potential threat to your privacy.
Because it stores multiple data points, data brokers can use your browser fingerprint to check for matches in their
pools of anonymized data, de-anonymizing that data and identifying you personally. This data can be
surprisingly accurate.
In combination with that other data, your browser fingerprint can then be used to track your online activity or for
surveillance and targeted advertising. Even worse, you could fall victim to cyberstalking or identity theft. You
might even face discrimination based on your gender, race, age, political beliefs or economic status if a website
uses your browser fingerprint to uniquely identify you and deny you service.
How to Disable Browser Fingerprinting
Most modern browsers have some form of built-in anti-fingerprinting features or other privacy measures, at least
to a degree. Keep in mind that most of the browsers below share certain privacy features.
For example, they all allow you to disable JavaScript and third-party cookies. They also let you send a “do not
track” request, though a website can just choose to ignore it.
Below, we’ll discuss features that block fingerprinting specifically, and how you can enable these features in
some of the most popular browsers.
1. Google Chrome
Google isn’t known for respecting the privacy of its users, so it’s no surprise that its Google Chrome
browser doesn’t offer any built-in methods to block fingerprinting, apart from blocking cookies. Thankfully, you
can still protect yourself using a few methods we’ll talk about in the segment about advanced privacy techniques.

The only fingerprinting protection Chrome gives you by default is cookie management.
2. Apple Safari
Apple’s Safari browser is surprisingly privacy-friendly. Besides letting you easily prevent websites from
tracking you, it also obscures your Mac’s hardware configuration, making it seem more generic to anyone trying
to create a device fingerprint.
You can prevent tracking by going into Safari’s privacy settings and selecting the option “prevent cross-site
tracking.”
Safari lets you block cross-site trackers and adds statistical noise to your device fingerprint.
3. Microsoft Edge
Despite being a Microsoft product, Edge was built with privacy in mind. If you access its privacy settings, it
lets you choose between three levels of tracking prevention, the strictest of which might disable some website
features. You can also see a list of blocked trackers and an allowlist that lets you choose to let certain trackers
through.
Edge lets you block most trackers, though it’s not foolproof in preventing fingerprinting.
4. Mozilla Firefox
Mozilla Firefox has always been seen as a more secure alternative to Chrome, and diving into its privacy
settings instantly reveals why. Its “enhanced tracking prevention” lets you block cross-site cookies, trackers,
fingerprinters and even crypto miners.
There are two default protection levels, and, like in Edge, the stricter one will break a few website elements.
There’s also a third custom option that lets you choose exactly what types of cookies to block and whether to
apply that protection to all windows, or private ones only.
Firefox offers detailed settings to protect against fingerprinting.
5. Opera Browser
Opera might not be the best or most popular browser, but it comes with some nifty privacy features, including its
own ad blocker and VPN. It also lets you disable trackers. You don’t even have to go into any menus to find
the option — it’s right there in the dropdown box when you click on the sandwich icon in the top-right corner.
Opera lets you disable trackers without even going into the settings menu.
However, Opera itself collects some data you might not be comfortable with. You need to opt out of data
collection during installation, though if you provide consent, you can always revoke it from the “privacy &
security” tab in the browser settings.

Despite its dedication to user privacy, Opera collects some data for its own analytics and advertising purposes.
6. Brave Browser
Most popular among crypto enthusiasts, Brave is a privacy-focused browser that blocks trackers, fingerprinting
and cross-site cookies by default. However, you can’t customize its blocking behavior globally, though you can
customize it per website domain.
When you visit a website, you can click on the shield icon on the right end of the address bar. The default
option is “block fingerprinting,” though you can change it to “aggressively block fingerprinting” (might
break some website features), and there’s also an option to block scripts.

Brave is the only browser that explicitly mentions browser fingerprinting in its settings.
Advanced Browser Fingerprint Protection
Using privacy-focused browsers can only get you so far. Luckily, there are privacy tools out there for IP address
and browser fingerprinting spoofing. Plus, most browsers let you disable certain features commonly used in
browser fingerprinting, though these come with a disclaimer that disabling them might break certain features.
Install Fingerprinting Protection Browser Extensions
Canvas fingerprinting collects information about your device’s hardware. Add-ons like Canvas Fingerprint
Defender and Canvas Blocker — Fingerprint Protect can block this type of fingerprinting. To test if they’re
working properly, visit the BrowserLeaks website and refresh it a few times. If the extension works, you’ll see
different information every time you refresh.
Use a VPN
VPNs are at the forefront of online privacy tools. They hide your IP address, encrypt your online traffic and
route it through a VPN server. Because websites only see the VPN server when you interact with them, they
can’t fingerprint your browser or device. Most VPNs allow you to protect multiple devices, preventing
fingerprinting on all connected devices.
VPNs come in many shapes and sizes, and not all of them are completely dedicated to user privacy. You can
peruse our list of the best VPNs if you need help choosing the right one for you.
Use the Tor Browser
The Tor browser is most famous for being a gateway to the deep web. It connects you to the Tor network,
encrypting and rerouting your traffic along the way. Although this will definitely prevent any kind of
fingerprinting, the volunteer-operated Tor network itself isn’t totally secure, as you might run into a malicious
exit node.
Disable Third-party Cookies
Most modern browsers let you disable cookies to some extent. By default, they usually disable third-party
cookies (those used for tracking), but you can also choose to disable all cookies. However, keep in mind that
websites need certain cookies to provide basic functions, like keeping you logged in, so this might not be the
best course of action to take.
Disable JavaScript
Many fingerprinting methods use JavaScript code, so disabling it entirely from your browser’s settings will
naturally prevent websites from using those methods. However, many innocuous website elements rely on
JavaScript, so you might find your user experience diminished if you disable it.
Delete Your Data From Data Broker Archives
Data brokers collect a ton of data from as many sources as they can. Even if the data from one source is
anonymized, they can compare it to a dataset containing identifiers, such as your browser fingerprint, to identify
you and create a profile containing a large amount of accurate information about you.
They can then sell your profile to anyone that might request it, including hackers, surveillance agencies and
advertisers. You can contact a data broker yourself to have your data deleted, but there are so many of them that
it’s impossible to do on your own.
Thankfully, services like Surfshark’s Incogni and DeleteMe can automate that process for you. You just need to
provide them your email address and some other information, and they will pester data brokers on your behalf
until they delete your personal data, including your browser fingerprint.
Final Thoughts
Websites use browser fingerprinting for a plethora of reasons, but browser fingerprints can also be used to track
you without your consent. Despite having their legitimate uses, they can pose an online privacy risk, and
incognito mode won’t save you. Thankfully, preventing browser fingerprinting can be as easy as installing a
browser extension, or better yet, using a VPN.
How do you feel about browser fingerprinting? Are you concerned about the amount of information contained in
your fingerprint? Have you ever used a VPN to protect your online activity? Let us know your thoughts in the
comments below, and as always, thank you for reading.
Browser Fingerprinting: What
Is It and How Can I Protect
Myself?
Author
Martin Gschwentner

Translation
Brendan Philipp

You're not the same as everyone else: You're unique. The somewhat cliche motivational saying can have
some dark and serious consequences when it comes to online data protection and privacy. This is because
online, the uniqueness of your identity makes you vulnerable to advertisers, data traders, and abuse - all
from a digital fingerprint.

Table of Contentsshow
Top VPN Provider 2024
Sponsored

from $3.79
per month
Visit Website
NordVPN

9.4
Review
excellent

from $6.67
per month
Visit Website
ExpressVPN
9.4
Review
excellent

from $0.00
per month
Visit Website
Proton VPN

9.1
Review
excellent

from $1.99
per month
Visit Website
Surfshark

8.8
Review
good

show all

What Is a Browser Fingerprint?

You might think that you're surfing the Internet anonymously, however, each click leaves traces of personal
information.
Whenever you're online, your device provides whatever websites you're visiting with specific data, relating to
your operating system, settings, or even hardware.
The act of using that data in order to identify an individual is known as 'browser fingerprinting'. Websites do
this, for example, in order to detect which browser, plugins, and screen resolution you're using, what language
you speak, and even which timezone you're in, amongst a variety of other factors.
In this way, it becomes possible to not only digitally identify individual visitors but also to track their activity.

Browser Fingerprinting: Good or Bad?

International marketing services are after your data. This is because it enables websites to display ads that are
relevant and might result in users purchasing products or services. However, that same data can also be
manipulated by digital miscreants, such as data thieves or malware developers.
With that said, there are good reasons why platforms collect your data. Banks, for example, can use your online
fingerprint to prevent fraud.
As a result, in and of itself, browser fingerprinting isn't good or bad, however, something that should be kept in
mind.

How Accurate Is Fingerprinting?

There's a reason why the process is referred to as fingerprinting. As soon as a digital fingerprint is created, it
becomes possible to ascertain someone's identity. According to Mozilla, the method is "capable of successfully
identifying users 99% of the time."
Even if you block cookies, use a VPN, or adhere to any other recommended security protocols for surfing the
Web, your digital fingerprint can still give you away.

How Can I Find Out My Personal

Browser Fingerprint?
On sites like Cover Your Tracks and Am I Unique, it's possible to gain insight into what your browser
fingerprint looks like. Test your browser and find out whether you can be easily identified online and if you need
to act. EXPERTE.com also offers a Browser Privacy Check for doing this which tells you what kind of traces
you leave behind when surfing.
Why Should I Protect My Browser
Fingerprint?
Whenever personal data is collected, there's a risk that it will be misused. Unlike other means of identification,
such as your IP address, your digital fingerprint is invisible, making it much more difficult to protect. In most
cases, users don't even know that they're giving away such data.
Some of the risks include companies selling the data to third parties, or its use in increasing the efficacy of
malware attacks.
How Can I Protect Myself From
Browser Fingerprinting?
First, the bad news: It's almost impossible to entirely protect yourself from digital fingerprinting. With that said,
you can mitigate how much fingerprinting occurs by employing a few simple methods.
1.

Use Your Browser in Incognito Mode

Surfing in incognito or private mode, a feature common to nearly all browsers, is the simplest method to
reduce your fingerprint.
When surfing in this manner, your browser doesn't save browsing history. Your browser profile is set to a certain
standard which is the same for every user surfing privately. As a result, all users' digital fingerprints appear very
similar, making their individual profiles less unique.
This method isn't particularly effective though, since a multitude of other data remains unaffected or
unaltered which contributes to your browser fingerprint.
2.

Surfing With Tor

Should you be serious about reducing your browser fingerprint, you shouldn't just switch your browser's mode,
but also your browser. The Tor browser is configured so that every user's fingerprint is identical. In addition, the
browser does a very good job of blocking JavaScript.
Depending on which features you've activated in your Tor browser, your identity only remains hidden to a
certain degree though. In addition, the Tor browser isn't particularly user-friendly for beginners or those without
some knowledge of computing.
3.

Deactivate JavaScript
Websites use JavaScript to detect plugins and collect information, which in turn helps to define the contours of
your digital fingerprint. It's possible to manually deactivate JavaScript in your browser or neutralize it through
tools like NoScript or AdBlock Plus.
However, as some websites rely on JavaScript, deactivating it can severely impair your browsing experience.
4.

Mask Your IP Address With a VPN

A virtual private network (VPN) grants users access to a secure and self-contained network through a
protected tunnel, allowing them to conceal their IP addresses. In this article, we explain how this works in
greater detail as well as which providers can be chosen from.
VPNs serve as intermediaries for your data, preventing web servers from coming into direct contact with your IP
address.
However, your IP address is only one aspect of your digital identity, and VPNs don't mask browser settings. As
such, a VPN alone doesn't offer much protection and is only effective in combination with other measures such
as deactivating JavaScript.
5.

Use Special Privacy Software and Extensions

Software developers pay a significant amount of attention to privacy and data protection, with the result that
many offer effective applications and extensions. Privacy Badger, for instance, blocks certain domains that use
fingerprinting technology, and Disconnect works similarly. In combination with a powerful ad blocker, these
extensions should protect your online identity from malicious domains.

Browser Fingerprinting: Perfect

Protection Doesn't Exist
As we've shown, no foolproof way of protecting yourself from browser fingerprinting exists, with each measure
having both advantages and disadvantages.
To ensure the highest degree of protection, it's advisable to combine several different methods, however, this
could be too much hassle for the average Internet user.
Whatever you decide to do, we suggest keeping your digital fingerprint as generic or obscure as possible.
Software that you've probably heard of before, or might even have already, such as ad blockers or anti-malware,
can help quite a bit.
We recommend checking your current settings with Cover Yout Tracks or Am I Unique, taking the measures
that seem most prudent to you, and then checking again with the two services to make a before and after
comparison. This will show if you've successfully reduced your browser fingerprint.