Browser fingerprinting is the collection of browser and device attributes β canvas rendering output, installed fonts, GPU model, timezone, screen resolution, and dozens more β to generate a statistically unique identifier without storing any data on the user's device. Unlike cookies, fingerprints survive clearing history, private browsing mode, and VPN use.
Key facts (illustrative, approximate entropy figures drawn from published fingerprinting research β EFF Cover Your Tracks / Panopticlick and the academic literature; not our own measurements):
| Signal | Entropy (approx.) | Notes |
|---|---|---|
| Canvas (desktop Chrome) | ~16 bits | Among the highest-entropy vectors |
| WebGL renderer + shader | ~14 bits | GPU vendor/model |
| Audio (OfflineAudioContext) | ~10 bits | Stable across versions |
| Font enumeration (CSS) | ~10 bits | Indirect detection |
| Hardware concurrency + memory | ~5 bits | Coarse but additive |
| Canvas (Brave Shields) | Substantially reduced | Randomization applied |
| Canvas (Tor / Mullvad Browser) | ~0 bits | Uniformity defense |
Browser fingerprinting has graduated from a research curiosity to the dominant cross-site tracking method on the open web. Cookie deprecation, accelerated by Google's third-party-cookie phase-out in Chrome and already complete in Safari and Firefox, did not reduce tracking β it accelerated the shift to stateless, device-derived identifiers. This guide covers every vector, every defense, and the empirical data you need to evaluate your real exposure in 2026.
See also: Testing methodology Β· Privacy browsers comparison Β· Browser fingerprint test tool Β· Browser privacy glossary
1. The fingerprinting threat landscape in 2026
The economic logic of fingerprinting is straightforward: advertising networks need persistent cross-site identifiers to attribute conversions, build behavioral profiles, and price inventory. Cookies were the industry standard until browser vendors began enforcing SameSite restrictions and ITP (Intelligent Tracking Prevention) starting in 2017. As cookie reliability eroded, the industry invested heavily in cookieless alternatives.
By 2026, fingerprinting-derived identifiers have become widespread in programmatic bid requests, and large data brokers operate fingerprinting networks that cover a substantial share of active browsers, refreshing profiles periodically. A fingerprint that changes β because the user updated their GPU driver or changed their screen β is re-associated with the profile using probabilistic matching against behavioral signals.
Three economic segments drive investment in fingerprinting technology:
Ad-tech. Real-time bidding requires a stable identifier to match a bid request to a user profile in well under a second. Canvas and audio fingerprints, combined with IP subnet and User-Agent, deliver an identifier with a very low collision rate for desktop browsers.
Fraud detection. Payment processors and e-commerce platforms use device fingerprinting to distinguish legitimate users from automated fraud. This use case is often treated sympathetically in regulation β it complicates legislative carve-outs and browser vendor stances on API restriction.
State-level surveillance. Fingerprinting has been documented in at least 14 national SIGINT programs. Unlike cookie-based tracking, fingerprinting requires no cooperation from the device owner and leaves no forensic trace. Cross-border requests to CDNs and analytics endpoints deliver fingerprinting payloads that persist outside user awareness.
What are the main active browser fingerprinting vectors?
Browser fingerprinting uses JavaScript APIs to collect device-derived signals as identifiers. Published research (such as the EFF's "How Unique Is Your Web Browser?" / Panopticlick study and later academic work) finds that the highest-entropy vectors include canvas rendering output, WebGL GPU data, AudioContext processing, and installed font enumeration β each on the order of roughly 10β16 bits on desktop. Combined, a desktop fingerprint readily exceeds the ~33 bits needed for unique identification globally.
Active fingerprinting uses JavaScript-accessible browser APIs that process or render content, with the output collected as an identifier.
Canvas fingerprinting remains the single highest-entropy active vector. A script draws text and shapes to a hidden <canvas> element and reads back pixel data via toDataURL() or getImageData(). Sub-pixel rendering, font hinting, GPU-accelerated compositing, and OS-level anti-aliasing produce signatures that differ across GPU models, driver versions, and operating systems. Published fingerprinting research puts canvas alone among the highest-entropy vectors β on the order of ~16 bits on desktop Chrome β enough to single out one user among tens of thousands.
WebGL fingerprinting extracts GPU vendor and renderer strings via WEBGL_debug_renderer_info and benchmarks shader execution. The combination of VENDOR string and a Perlin-noise shader output adds entropy on top of canvas β published research places it on the order of ~10 bits β with very low within-GPU-family collision rates.
AudioContext fingerprinting processes a 1000 Hz sine wave through an OfflineAudioContext and hashes the output buffer. The compressor characteristics, resampler coefficients, and floating-point rounding differ per OS and audio stack. Studies report entropy on the order of ~7 bits. The technique completes quickly and requires no user interaction or permissions.
Font enumeration was historically done by measuring rendered text width in a hidden <span>. Modern scripts use FontFace.load() and document.fonts.check() for faster and more reliable enumeration of installed system fonts. On a desktop OS with hundreds of fonts, the installed set is a high-entropy vector (reported on the order of ~10 bits or more). Mobile devices have smaller and more uniform font sets, yielding far less.
Hardware concurrency and memory. navigator.hardwareConcurrency reports CPU core count; navigator.deviceMemory returns one of eight discrete values (0.25β8 GB). Together they add a few bits and correlate strongly with device class β useful for demographic inference and fraud scoring.
Screen and window geometry. screen.width, screen.height, screen.colorDepth, window.devicePixelRatio, and window.outerWidth vs. window.innerWidth (which leaks browser chrome size) collectively contribute several bits on desktop, and fewer on mobile where display resolutions cluster tightly.
Timezone and locale. Intl.DateTimeFormat().resolvedOptions().timeZone returns the IANA timezone string. Combined with navigator.language, navigator.languages, and Intl.NumberFormat locale, this adds several more bits and narrows geographic origin to city-region level in many cases.
Combined active fingerprint entropy across all vectors above readily exceeds the ~33 bits needed for unique identification across the global internet on desktop, and remains high on mobile.
3. Passive fingerprinting vectors
Passive fingerprinting requires no JavaScript β it operates on network-layer signals present in every HTTP request.
User-Agent and Client Hints. The User-Agent header historically leaked browser name, major and minor version, OS name and version, and CPU architecture in a single string. The Chrome team introduced User-Agent Client Hints (UA-CH) to migrate to a lower-entropy default UA and opt-in high-entropy hints. In practice, sites request full CH via Accept-CH headers, and Chrome fulfills them β the entropy migrated from passive to semi-passive but did not decrease. Firefox and Safari maintain frozen or simplified UA strings that reduce passive entropy to ~8 bits.
HTTP header order and grammar. The order, capitalization, and presence of Accept, Accept-Encoding, Accept-Language, Sec-Fetch-*, and Priority headers vary by browser and version in detectable ways. This technique requires no JavaScript and works against any HTTP client β browsers, bots, and automation frameworks all have distinct header fingerprints.
IP and TLS fingerprinting. The TLS ClientHello message contains cipher suite list, extension order, supported groups, and ALPN values that differ per TLS implementation. JA3/JA4 fingerprinting extracts these fields and produces a hash. A Chromium-based browser on Windows produces a different JA4 hash than the same Chromium on Linux or macOS. IP geolocation adds 5β8 bits for city-level and 2β3 bits for ISP-level attribution. Combined passive fingerprint on desktop: ~22 bits with no JavaScript executed.
Behavioral signals. Mouse movement trajectories, keystroke timing, scroll velocity, and touch pressure patterns are used by fraud detection systems and increasingly by ad-tech for cross-session re-identification. These require JavaScript for collection but are classified as passive because the user provides them implicitly during normal interaction. Published research reports that behavioral models can achieve high re-identification accuracy for returning users in controlled studies.
How do browsers defend against fingerprinting?
Two strategies exist. Randomization (Brave, LibreWolf) injects per-session noise into canvas, WebGL, and audio outputs, breaking cross-session correlation. Uniformity (Tor Browser, Mullvad Browser) makes every user present the same fingerprint, preventing identification within the population. Randomization is more usable; uniformity is stronger for anonymity but requires fixed window sizes and disabled JIT.
Tor Browser. The reference implementation of the static cover strategy. All Tor Browser users present the same standardized fingerprint: frozen Firefox ESR User-Agent, canvas API returning white noise at a consistent level, WebGL disabled or returning generic fallback strings, AudioContext clamped, fonts restricted to a built-in set, and viewport coerced to 1000Γ1000. The defense model assumes that within the Tor user population, individual browsers are statistically indistinguishable. Effectiveness depends on population size: with fewer than 3β4 million active Tor Browser users, cover set size is the binding constraint.
Firefox Resist Fingerprinting (RFP). Firefox's privacy.resistFingerprinting flag (available since Firefox 41, formally supported in Firefox 68+) applies a broad set of spoofed values: frozen screen resolution, spoofed timezone to UTC, simplified navigator values, canvas randomization, reduced font metrics precision, and suppressed window.performance.timing granularity. RFP in 2026 covers 34 distinct API surfaces. Tradeoff: some web applications break, particularly those using requestAnimationFrame timing for animation or Intl for localized date display.
Brave Shields. Brave applies per-session, per-site noise to canvas, WebGL, and AudioContext outputs. The noise is calibrated to be imperceptible to users but sufficient to break cross-site correlation. Brave also strips third-party Referer headers, enforces Storage Partitioning, and randomizes hardwareConcurrency and deviceMemory. The defense model differs from Tor: rather than uniform cover, Brave aims to make cross-site linking unreliable through inconsistency. Within-session tracking remains possible for a determined adversary.
Mullvad Browser. Based on Tor Browser's anti-fingerprinting patch set but without the Tor network requirement. Ships with uBlock Origin in hard-mode by default. Designed to be paired with a trusted VPN to separate network identity from browser identity. Mullvad Browser applies the same static cover strategy as Tor Browser β it is the strongest off-Tor option for fingerprinting resistance.
Randomization vs. static cover trade-off. Randomization (Brave, some Firefox extensions) prevents cross-site linking but can be detected: if a tracker loads in an iframe on two sites and receives two different canvas hashes from the same IP within a short session, it can infer that fingerprinting protection is active. Static cover (Tor, Mullvad) prevents detection of the defense itself and within-population linking, at the cost of requiring all users to present the same appearance.
5. How these figures are sourced (and how to check your own browser)
Entropy is measured in bits using Shannon's formula applied to the distribution of observed values. If a vector takes N distinct values with frequencies pββ¦pN, its entropy H = -Ξ£ pα΅’ logβ(pα΅’). A single bit of entropy halves the population. Around 20 bits is enough to single out one person in roughly a million, and published research finds that a combined desktop fingerprint comfortably exceeds the ~33 bits needed for global uniqueness.
The approximate entropy ranges used throughout this guide are drawn from published fingerprinting research, not from any proprietary dataset of our own. The foundational reference is the EFF's Panopticlick study, "How Unique Is Your Web Browser?" by Peter Eckersley, which first measured per-vector entropy on a large volunteer sample and found the majority of browsers to be unique. The EFF's current Cover Your Tracks project continues this work, and a broad academic literature on canvas, WebGL, audio and font fingerprinting has reproduced the same general picture: canvas is among the highest-entropy vectors, and a handful of vectors combined are enough to make most desktop browsers unique.
The most reliable way to know your own exposure is to test your actual browser rather than trust any single table:
- Run the EFF's Cover Your Tracks tool (coveryourtracks.eff.org) to see which of your browser's signals are most identifying.
- Use our own browser fingerprint test tool to inspect the canvas, WebGL, audio, font and header signals your browser exposes right now.
The relative ordering is what matters and is well established in the literature: canvas, WebGL and font enumeration sit at the top; hardware, screen geometry and timezone add fewer bits but stack additively. Defenses change the picture β Brave's per-site noise is designed to substantially reduce canvas and WebGL uniqueness, while Tor Browser and Mullvad Browser aim to make every user look identical (close to ~0 distinguishing bits within their population), at the cost of being trivially recognizable as Tor/Mullvad users.
6. The 2026 frontier
Privacy Sandbox maturation. Google deployed the Topics API to stable Chrome in 2025 and Protected Audience API (formerly FLEDGE) for remarketing in 2024. Storage Partitioning β isolating storage per top-level site β shipped in Chrome 115 and Firefox 109. Bounce Tracking Mitigation, targeting redirect-based cookie syncing, is in stable Chrome from version 127. These mechanisms reduce cookie-based tracking but introduce new attestation surfaces.
FedCM (Federated Credential Management). FedCM replaces third-party cookie-based SSO flows. It routes identity requests through the browser as a mediator, reducing the IdP's ability to track user navigation. However, the browser itself becomes aware of the user's identity provider relationships β a new signal for browser-vendor-level profiling that privacy researchers are scrutinizing.
Trust Tokens / Private State Tokens. Private State Tokens allow fraud detection systems to verify that a user previously passed a human verification challenge without linking the specific verification event. The token is device-scoped and does not rotate across sites, creating a potential stable cross-site identifier. The W3C Privacy CG has flagged this as an open concern.
Storage Partitioning. Chrome, Firefox, and Safari now partition localStorage, sessionStorage, IndexedDB, and SharedWorker by top-level origin. This eliminates the cache-timing channel and the shared-storage tracking vector that were active for a decade. Impact on fingerprinting: indirect. Partitioning does not reduce API-based fingerprinting but eliminates several passive storage-based identifiers.
WebAuthn and passkeys. Passkey authentication binds credentials to a device rather than a password, which reduces phishing risk but creates a stable device identity signal. A passkey relying party receives cryptographic proof that the same device key signed multiple authentication events β which is precisely the cross-session linkability that fingerprinting provides, now with explicit user opt-in.
7. What to use right now: decision matrix
| Profile | Recommended browser | Notes |
|---|---|---|
| High-risk (journalist, activist, whistleblower) | Tor Browser | Only option with provably uniform fingerprint. Accept 2β5Γ slower page loads. |
| Strong privacy, usable daily | Mullvad Browser + VPN | Static cover + uBO default. VPN hides Tor-exit-pattern from ISP. |
| Mainstream privacy, normal use | Brave (Shields default) | Best UX-to-protection ratio. Not fingerprint-proof but breaks mass tracking. |
| Developer / power user on Firefox | Firefox + RFP + uBO | Manual, breaks some sites, highest entropy reduction outside Tor/Mullvad. |
| Mobile iOS | Safari + iCloud Private Relay | CNAME uncloaking blocked, IP masked by relay. No canvas defense β weakest option on this list. |
| Mobile Android | Brave for Android | Shields active on mobile. Prefer over Chrome. |
No VPN alone is sufficient β network identity and browser identity are separate attack surfaces that require separate mitigations.
Entropy figures in this guide are approximate ranges drawn from published fingerprinting research β the EFF's Panopticlick study ("How Unique Is Your Web Browser?", Peter Eckersley), the EFF Cover Your Tracks project, and the broader academic literature β not from any proprietary dataset of our own. Test your own browser with the EFF Cover Your Tracks tool and our browser fingerprint test.
Related reading
