MyIPScan
Guide

What Is Browser Fingerprinting? How It Works and How to Reduce It

Browser fingerprinting identifies you by combining dozens of browser and hardware characteristics into a unique signature — without cookies, local storage, or any data that can be cleared. Understanding it helps you interpret privacy test results and make better browser choices.

By: Katia Belokon · Updated June 2026

What is browser fingerprinting?

Browser fingerprinting is a method of identifying or tracking a user based on the unique combination of attributes that their browser and device expose through standard web APIs. Unlike cookies, fingerprinting does not require storing anything on the user's device — the information is collected passively from what the browser reports to websites by default.

The concept is similar to a physical fingerprint: no single attribute is unique enough to identify you, but the combination of dozens of small details — browser version, screen resolution, installed fonts, GPU model, language, time zone — creates a profile that is often unique to one device and browser configuration among millions of others.

Check your own browser fingerprint now with MyIPScan's Browser Fingerprint Test.

What data is collected in a browser fingerprint?

A comprehensive browser fingerprint combines data from many browser APIs:

  • User-agent string: Browser name, version, and operating system. Exposed in every HTTP request.
  • Screen resolution and color depth: The physical resolution of your display and how many colors it can render.
  • Time zone: Your system's configured time zone, which often reveals your approximate location even with a VPN.
  • System fonts: A list of fonts installed on your system. Different operating systems and configurations have different font sets, making this highly identifying.
  • Canvas fingerprint: The Canvas API is used to render text and shapes. Subtle differences in how GPUs, drivers, and operating systems render the same canvas produce a unique pixel-level hash.
  • WebGL fingerprint: Similar to Canvas, but for 3D rendering. Returns the GPU vendor, renderer string, and rendering characteristics — often very unique per hardware configuration.
  • AudioContext fingerprint: Audio processing through the Web Audio API produces subtly different outputs depending on audio hardware and drivers, creating a unique hash.
  • Browser plugins and extensions: The list of installed browser plugins. Unusual extensions make a fingerprint more unique.
  • Language and locale: Browser language settings and accepted languages.
  • Hardware concurrency: The number of CPU logical cores your device reports.
  • Device memory: The approximate amount of RAM (reported in rough bands).
  • Touch support: Whether the browser reports touch screen support.
  • Do Not Track and Global Privacy Control headers: Ironically, having these enabled can make a fingerprint more unique because fewer users have them set.

How unique is a browser fingerprint?

Research by the Electronic Frontier Foundation's Panopticlick project found that approximately 83% of browsers have a unique fingerprint out of the population they tested. More recent research shows that combining Canvas, WebGL, and AudioContext fingerprints alone can achieve uniqueness rates above 90% on desktop browsers.

Mobile browsers tend to have less unique fingerprints because more devices share the same hardware model and default configuration. However, mobile fingerprinting accuracy has improved as datasets have grown.

How browser fingerprinting differs from cookies

Cookies are small pieces of data stored on your device by a website. You can delete cookies, block them, or use private browsing mode to prevent them from persisting. Browser fingerprinting collects data that the browser exposes by design as part of normal web API behavior — you cannot clear it, and it persists across private browsing sessions, different browsers opened side by side, and even across device restarts.

Fingerprinting is also cross-domain: a fingerprinting script loaded from a third-party analytics provider can see the same fingerprint regardless of which website you are visiting, allowing them to track you across sites without cookies.

Can a VPN prevent browser fingerprinting?

No. A VPN changes your visible IP address and ASN but does not change any of the browser or hardware characteristics that make up a fingerprint. Your screen resolution, GPU, installed fonts, Canvas hash, and time zone are identical whether or not a VPN is active. A website that fingerprints your browser can re-identify you even if you connect through a different VPN server each time.

To see what your browser exposes beyond the IP layer, run MyIPScan's Browser Fingerprint Test.

How to reduce your browser fingerprint

  • Use Brave browser: Brave has built-in fingerprint randomisation that slightly alters Canvas, WebGL, Audio, and font fingerprints on each session and domain. This makes your fingerprint appear different to different sites while remaining consistent enough for normal browsing.
  • Use Firefox with Enhanced Tracking Protection (Strict mode): Firefox blocks known fingerprinting scripts and adds some Canvas fingerprint resistance. Adding the arkenfox user.js configuration hardenes Firefox further.
  • Disable Canvas and WebGL in uBlock Origin: In uBlock Origin's advanced settings, you can block Canvas and WebGL fingerprinting at the script level.
  • Avoid unusual browser extensions: Each extension changes what the browser reports. A very unique combination of extensions makes your fingerprint more identifiable. Use only common, widely-used extensions.
  • Use common screen resolutions: Unusual resolutions (e.g., from ultra-wide monitors or scaling adjustments) make your fingerprint less common. Standard 1920×1080 is shared by millions of users.
  • Keep browser and OS updated: Running the current version of Chrome or Firefox means your user-agent and rendering engine match millions of other users on the same version.

No single measure provides complete fingerprint resistance. The most effective approach for high-privacy use cases is using the Tor Browser, which is designed to make all users appear identical to each other, at the cost of some browsing performance and website compatibility.

Frequently asked questions

What is browser fingerprinting?

Browser fingerprinting is a tracking technique that identifies users by combining browser and hardware characteristics (such as GPU, fonts, screen resolution, and time zone) into a unique identifier — without requiring cookies or local storage.

What information is used in a browser fingerprint?

A browser fingerprint combines: user-agent string, screen resolution and color depth, time zone, installed fonts, Canvas rendering hash, WebGL renderer (GPU), AudioContext hash, browser plugins, hardware concurrency, device memory, language, touch support, and privacy header settings.

Is browser fingerprinting legal?

In the EU, GDPR and ePrivacy Directive require user consent for fingerprinting used to track individuals. In the US, no unified federal law covers it, though CCPA in California may apply. Fraud prevention and security uses are generally treated differently from advertising tracking.

Can a VPN prevent browser fingerprinting?

No. A VPN changes your visible IP address but does not change any browser or hardware characteristics. Your Canvas hash, GPU, fonts, screen resolution, and time zone are the same regardless of which VPN server you connect through.

How do I reduce my browser fingerprint?

Use Brave (built-in fingerprint randomisation), Firefox with arkenfox or Strict ETP, or Tor Browser for maximum protection. Avoid unusual extensions, use common screen resolutions, and keep your browser updated so your version is shared by many users.