Browser Fingerprinting: The Tracking Your IP Blocker Can't Stop
Browser fingerprinting collects data points about your browser and device — screen resolution, installed fonts, GPU renderer, language settings, time zone, installed plugins, Canvas rendering output — and combines them into a unique identifier that persists regardless of cookies, IP changes, or VPN use. Studies have shown it can uniquely identify over 90% of browsers.
The Data Points That Make You Unique
Your user agent string includes your browser name, version, and operating system. Your screen resolution and colour depth are reported. The list of installed fonts (queried by asking the browser to render text in many fonts and measuring the result) varies from person to person. Your GPU's canvas rendering output differs subtly between different hardware configurations. Combined, these create a fingerprint that's often more unique than a cookie.
The Electronic Frontier Foundation's Panopticlick study found that only 1 in 286,777 browsers shared the same fingerprint among their test population. Even if your browser is common — Chrome on Windows — the specific combination of your version, screen resolution, installed fonts, and timezone likely uniquely identifies you.
Why It Persists Through Privacy Tools
Fingerprinting doesn't use cookies — clearing cookies does nothing. It doesn't use IP addresses — a VPN changes your IP but not your browser's installed fonts or canvas hash. It doesn't require storage on your device at all — the fingerprint is computed fresh each visit from your browser's reported properties. The tracker remembers the fingerprint; your device doesn't need to store anything.
Here's the thing — this is why sophisticated trackers use fingerprinting alongside cookies. If you clear cookies, they can still match your return visit to your history via the fingerprint. If you block third-party cookies, the fingerprint still links your sessions.
What Actually Helps
Tor Browser aggressively normalises fingerprinting data — all Tor Browser users appear identical in the key metrics, making the fingerprint useless for individual identification. Firefox with the privacy.resistFingerprinting setting enabled takes a similar approach. Chrome-based browsers with various extensions can reduce but rarely eliminate fingerprinting.
Brave Browser has built-in fingerprint randomisation — it varies the canvas output and other values slightly on each visit, making cross-site tracking harder. The downside is that this can occasionally break sites that use canvas for legitimate rendering purposes.
AudioContext and Font Fingerprinting
Beyond canvas, browsers expose other fingerprinting surfaces. The AudioContext API — used for web audio processing — produces slightly different output on different hardware due to variations in floating-point computation. Font fingerprinting works by measuring which fonts are installed: pages render text in hundreds of fonts and measure the resulting dimensions to build a list of which fonts are present on your system. Your font installation is surprisingly unique — it reflects your OS version, language settings, software you've installed, and whether you've added custom fonts.
WebGL — the browser's 3D graphics API — fingerprints your GPU renderer string and graphics capabilities. Combined, AudioContext + Canvas + WebGL + fonts + screen resolution + timezone + language can create a fingerprint that's unique to one browser in several million. This is why browser fingerprinting tests show even 'privacy-focused' browsers as highly unique unless they actively normalise these values. Uniqueness is the enemy.
Check What Your Browser Reveals
See your current IP and connection details — part of the broader picture trackers use.
Check My IPAbout Kunal Khatri
Kunal is a network security specialist and systems administrator with 8+ years of experience auditing secure connections and building network infrastructure.
Related Articles
How to Stay Actually Anonymous Online (Not Just Kinda)
Real anonymity online is harder than using a VPN and clearing cookies. It requires understanding the full stack of tracking mechanisms and making deliberate trade-offs.
How Accurate Is IP Geolocation, Really
IP geolocation is used for fraud detection, content licensing, and advertising targeting. Its accuracy varies wildly — from city-level precision to being hundreds of miles wrong.
How Tor Actually Works (And When You Should Use It)
Tor provides strong anonymity — but it's not magic and it's not for everyone. Understanding the actual mechanism helps you decide when it's the right tool.
What Is Geo-Blocking and How to Get Around It
Geo-blocking restricts content based on your location. The mechanism is simple, the implications are wide-ranging, and bypassing it is easier than most people think.
