An anonymity set is the group of users among whom an individual cannot be distinguished based on observable characteristics. In the context of browser fingerprinting, a large anonymity set means that many other users share an identical fingerprint, making it harder to single out any one person. Tor Browser deliberately minimises fingerprinting signal diversity to maximise the anonymity set — every Tor user appears to share the same fingerprint, providing strong protection. Conversely, a browser with a very rare or unique configuration has an anonymity set of one, offering no protection at all. The concept was formalised by Pfitzmann & Hansen in their 2010 terminology framework for privacy research.

Anti-fingerprinting refers to a set of browser features, extensions, or configurations designed to obstruct or neutralise fingerprinting scripts. Techniques include noise injection (returning slightly randomised values for canvas or audio APIs), blocking high-entropy JavaScript APIs, reporting a generic user agent, and sandboxing third-party scripts. Browsers like Brave and Tor Browser have built-in anti-fingerprinting measures. Anti-fingerprinting is most effective when many users share the same configuration, reinforcing anonymity through a large common set rather than through blocking alone. Excessive or poorly-implemented anti-fingerprinting can paradoxically increase uniqueness if it produces rare, distinctive outputs.

AudioContext fingerprinting exploits the Web Audio API to generate a unique identifier based on how a device's audio hardware and software stack process sound. A script creates an oscillator, routes its output through a set of audio processing nodes (AnalyserNode, DynamicsCompressorNode, etc.), and reads the resulting floating-point sample values. Tiny differences in DSP implementations, driver versions, and hardware characteristics cause numerically distinct outputs across devices. The technique was described in detail by Englehardt & Narayanan in their 2016 Princeton web tracking measurement study. Because it requires no special permissions and produces highly stable values, AudioContext fingerprinting has become one of the most reliable passive fingerprinting signals available to tracking scripts.

The Battery Status API is a browser interface that allows web pages to query a device's battery charge level, charging state, and estimated time to full charge or discharge. Although intended for legitimate power-management use cases, researchers demonstrated in 2015 (Olejnik et al.) that the highly granular values returned — up to 0.01% precision — could be combined with other signals to create a cross-site identifier even when the user changed their IP address or deleted cookies. The API has since been deprecated or restricted in most major browsers, but it remains a landmark example of how seemingly innocuous device APIs can be weaponised for fingerprinting.

Behavioral fingerprinting builds a unique identifier from the way a user physically interacts with their device rather than from static browser or hardware characteristics. Observable signals include mouse movement trajectories, typing cadence and dwell times, scroll velocity, touch pressure, device tilt (via gyroscope), and click patterns. Because these patterns are shaped by individual motor habits, they are extremely difficult to mimic or mask. Behavioral fingerprinting is widely used in authentication contexts (continuous authentication) and fraud detection. Unlike passive fingerprinting, it requires active user interaction, but once a baseline profile is established, subsequent sessions can be matched with high confidence.

Browser entropy is a measure of how much identifying information a single browser attribute contributes to a fingerprint, expressed in bits. An attribute that takes one of two equally likely values contributes 1 bit of entropy; one that can take 1,024 equally likely values contributes 10 bits. Summing the entropy across all independent attributes gives an estimate of how many bits are needed to uniquely identify a browser in a population. The EFF's Panopticlick project calculated that the average browser exposes roughly 18 bits of identifying entropy — enough to distinguish it among 262,144 others. High-entropy attributes include the user agent string, installed plugins, canvas hash, and list of installed fonts.

A browser fingerprint is a composite identifier derived from the collection and hashing of dozens of browser- and device-specific attributes, including user agent string, screen resolution, installed fonts, timezone, language, canvas rendering, WebGL renderer, audio processing characteristics, and more. The identifier is computed entirely from information the browser reveals during normal operation, with nothing stored on the user's device. Because the identifier derives from the user's environment rather than from an assigned token, it persists across cookie deletion, cache clearing, and private-browsing sessions. Fingerprints are not always deterministically stable — minor software updates or settings changes can alter individual attributes — but tracking services often employ fuzzy matching to maintain continuity despite small changes.

Canvas fingerprinting is a technique that renders a predefined drawing or text string onto an HTML5 <canvas> element and reads back the pixel data as a Base64-encoded image string. Because the output depends on the GPU, graphics driver, operating system font rasteriser, and anti-aliasing settings, different hardware and software combinations produce subtly different pixel values. Hashing the pixel data produces a compact, stable identifier. The technique was first documented in large-scale deployment by Mowery & Shacham in 2012, and a 2014 Princeton study found it on over 5% of the top 100,000 websites. It requires no user interaction or browser permissions and is therefore very difficult to detect without dedicated tools.

The CCPA, effective January 2020, is a California state privacy law that grants consumers the right to know what personal information is collected about them, the right to delete that information, and the right to opt out of the sale of their data. Amended and strengthened by Proposition 24 (CPRA) in 2023, it now includes a right to correct inaccurate data and restrictions on sensitive personal information. Browser fingerprinting data qualifies as personal information under the CCPA if it can reasonably be linked to a specific consumer or household. Businesses subject to the CCPA that use fingerprinting for advertising or analytics are required to disclose this in their privacy policy and honour opt-out requests submitted via the Global Privacy Control (GPC) signal.

Clock skew fingerprinting exploits minute differences in the rate at which a device's system clock drifts relative to a reference time. Every physical oscillator runs at a slightly different frequency, causing measurable divergence over time. By repeatedly measuring precise timestamps in JavaScript (e.g. performance.now()) and comparing them against a server's authoritative time, an attacker can derive a stable device-specific drift signature. The technique is passive, invisible to the user, and survives IP changes, VPN usage, and browser restarts. It was studied in depth by Kohno et al. in their 2005 paper "Remote Physical Device Fingerprinting," which applied the method to TCP timestamps at the network level. Modern implementations bring it to the browser through high-resolution JavaScript timers.

A Consent Management Platform is a software framework used by websites to obtain, record, and manage user consent for data processing activities — particularly those governed by GDPR and the ePrivacy Directive. CMPs present users with consent banners or preference centres, collect consent signals, and relay those signals to the advertising and analytics vendors embedded on the page. The IAB Europe's Transparency and Consent Framework (TCF) is the dominant CMP standard for programmatic advertising. Critics note that many CMP designs use dark patterns (pre-ticked boxes, confusing UI, rejection buried in sub-menus) that coerce rather than enable genuine choice. Fingerprinting without a CMP-collected consent signal is considered non-compliant in most EU jurisdictions.

A cookie is a small piece of text data stored by a browser on behalf of a website. First-party cookies are set by the site the user is visiting; third-party cookies are set by external domains — typically advertising or analytics networks — and have historically been the primary mechanism for cross-site tracking. Cookies are visible to users, can be inspected with browser developer tools, and can be deleted or blocked through browser settings. Because of these controls, cookies are subject to consent requirements under GDPR and the ePrivacy Directive. The gradual phase-out of third-party cookies by major browsers has accelerated industry adoption of fingerprinting as a cookieless alternative, raising significant privacy concerns because fingerprints lack the visibility and user-control properties that cookies possess.

Device fingerprinting is the broader practice of identifying a specific physical device — rather than just a browser — by aggregating low-level hardware characteristics. While browser fingerprinting focuses on software configuration, device fingerprinting incorporates hardware signals such as CPU instruction timing, GPU shader precision, microphone noise floors, accelerometer bias, battery capacity, and even electromagnetic emissions. Device fingerprints are particularly relevant on mobile platforms, where app-based SDKs have access to a wider set of hardware sensors than web browsers. The resulting identifier can persist across browser reinstalls, factory resets, and even device re-sales when partial hardware remains unchanged. Enterprise security and fraud detection vendors commonly deploy device fingerprinting to detect account takeover attempts and unusual login patterns.

A DNS leak occurs when DNS resolution requests are routed through a user's default ISP resolver rather than through the encrypted tunnel of a VPN or proxy, exposing browsing activity to the ISP and potentially to surveillance. DNS leaks often arise from OS-level DNS settings that bypass VPN routing rules, WebRTC STUN lookups, or browser DNS-over-HTTPS settings conflicting with a VPN's internal resolver. For fingerprinting purposes, the DNS resolver's IP address can serve as an auxiliary identifier — if a user's ISP-assigned resolver is consistent, it can correlate with other signals even when the VPN changes the user's apparent IP. DNS leak testing tools (e.g., dnsleaktest.com) allow users to verify that all DNS traffic is tunnelled correctly.

Do Not Track is an HTTP request header field (DNT: 1) that browsers can send to signal a user's preference not to be tracked across websites. Introduced in 2009 and standardised by the W3C in 2019, DNT was intended to create a browser-based opt-out mechanism analogous to the telephone "Do Not Call" registry. However, compliance was always voluntary, and major advertising networks largely ignored the signal. As a result, most browsers have now deprecated or removed the DNT header — Firefox removed it in 2024. Ironically, enabling DNT in browsers that still support it can slightly increase fingerprint uniqueness because most users do not send the header, making it a rare attribute. The Global Privacy Control (GPC) signal is a successor standard that has received limited legal recognition in California under the CPRA.

A dynamic fingerprint is a fingerprinting approach in which the collected attributes change over time, either because the script gathers timing-dependent or session-dependent values, or because a tracker intentionally re-fingerprints a user periodically and applies evolution-tracking algorithms to maintain identity continuity despite changes. Dynamic fingerprints contrast with static fingerprints, which rely on attributes unlikely to change between sessions. Sophisticated tracking systems combine static and dynamic signals, using static attributes as a stable anchor and dynamic attributes for cross-session correlation. The AmIUnique longitudinal study demonstrated that even when individual attributes change, the overall fingerprint often remains uniquely identifiable because only a subset of attributes changes at a time.

Information entropy, as used in fingerprinting research, quantifies how much uncertainty — and therefore identifying power — is carried by a random variable. For a browser attribute, entropy is calculated as H = −Σ p(x) log₂ p(x) over all possible values x, where p(x) is the observed probability of that value in a population. A uniform distribution across n values yields log₂(n) bits of entropy. The total entropy of a fingerprint, assuming independence, is the sum of per-attribute entropies. The EFF's Panopticlick study used this metric to conclude that the average browser fingerprint carries approximately 18 bits of entropy, making it unique among 2¹⁸ ≈ 262,000 users. Higher entropy means a rarer, more identifying configuration.

The ePrivacy Directive (Directive 2002/58/EC, amended in 2009 by Directive 2009/136/EC) is a European Union law that governs the confidentiality of electronic communications and the use of information stored on or read from users' devices. Its Article 5(3) requires informed consent before accessing information from a user's device — a provision that European data protection authorities have consistently interpreted to cover browser fingerprinting. Unlike the GDPR, which applies to personal data processing generally, the ePrivacy Directive applies specifically to the access of information in the "terminal equipment" (e.g., the browser environment), regardless of whether that information constitutes personal data. A proposed replacement Regulation (ePrivacy Regulation) has been under negotiation since 2017, but as of 2026 it has not yet entered into force.

EverCookie is a JavaScript library created by Samy Kamkar in 2010 that demonstrates how an identifier can be stored and regenerated across more than a dozen browser storage mechanisms simultaneously, making it extremely difficult to erase. Mechanisms used include standard HTTP cookies, HTML5 localStorage, sessionStorage, IndexedDB, WebSQL, the browser cache (ETags), window.name, userData (Internet Explorer), PNG cookies (hiding data in image pixel values), and more. If any one storage is cleared, the identifier is restored from the others. EverCookie is not widely deployed for commercial tracking but serves as a cautionary reference for privacy researchers illustrating how determined trackers could circumvent standard cookie-clearing measures.

FingerprintJS is an open-source browser fingerprinting library originally released in 2012 by Valentin Vasilyev that collects and hashes dozens of browser attributes to produce a stable visitor identifier. The open-source version (v3) provides a probabilistic fingerprint; a commercial product, Fingerprint Pro, adds server-side processing, TLS fingerprinting, IP intelligence, and bot-detection layers to achieve claimed 99.5% identification accuracy. FingerprintJS is used by thousands of websites for fraud prevention, bot detection, and analytics. It has become a standard reference implementation in fingerprinting research, and its GitHub repository is among the most-starred security-related JavaScript projects. Critics argue that commercial deployments of FingerprintJS constitute stateless tracking that circumvents cookie consent requirements.

A first-party cookie is a cookie set by the domain the user is directly visiting (e.g., example.com sets a cookie readable only by example.com). First-party cookies are used for legitimate purposes such as session management, authentication, shopping carts, and user preferences. They are generally considered less privacy-invasive than third-party cookies because they cannot be read cross-site by default. However, as third-party cookies are phased out, some advertisers have shifted to "first-party data" strategies where publishers embed a tracking SDK under the publisher's own domain, effectively converting what was formerly third-party tracking into a first-party context. This practice, sometimes called CNAME cloaking, is used alongside fingerprinting to maintain cross-site identity graphs.

Font fingerprinting infers which fonts are installed on a user's system — a configuration that varies based on operating system, locale, installed software, and user customisation. The classical CSS-based method measures the rendered width of text strings in a test font versus a generic fallback; if the dimensions match a test font's metrics, that font is present. A more accurate canvas-based method renders text in a suspected font and compares the pixel hash against a known-good sample. The list of installed fonts can exceed several hundred entries on a typical desktop, contributing multiple bits of entropy to a fingerprint. Font detection is partially mitigated by browsers that only expose a standard system font list, which is the approach taken by Tor Browser and Brave's fingerprint-randomisation mode.

The General Data Protection Regulation (Regulation 2016/679) is the EU's primary data protection law, effective since May 2018. It establishes rights for individuals (access, erasure, portability, objection) and obligations for organisations processing personal data, including requirements for lawful basis (consent, legitimate interest, contract, etc.), transparency, data minimisation, and security. A browser fingerprint constitutes personal data under the GDPR when it can be used to identify an individual, directly or indirectly — a threshold that the fingerprinting of most users satisfies. Consent is generally required for fingerprinting-based tracking, and it must be freely given, specific, informed, and unambiguous. GDPR fines can reach €20 million or 4% of global annual turnover.

GPU fingerprinting uses the WebGL API to extract identifying characteristics of a device's graphics processing unit. The most direct signal is the WEBGL_debug_renderer_info extension, which exposes the GPU vendor (e.g., "NVIDIA Corporation") and renderer (e.g., "NVIDIA GeForce RTX 4070/PCIe/SSE2") as plain text strings. Even without this extension, rendering the same 3D scene produces subtly different pixel outputs across different GPU models, drivers, and operating systems — a technique called WebGL fingerprinting. The combination of renderer string, supported extension list, max texture size, and shader precision values creates a high-entropy composite signal. Many browsers have now restricted or randomised the debug renderer info extension, but the rendering-based approach remains largely unmitigated.

Hardware concurrency refers to the number of logical CPU threads exposed by a device, accessible in JavaScript via navigator.hardwareConcurrency. It reflects the number of CPU cores (including hyperthreaded virtual cores), which is a function of the specific CPU model and configuration. Common consumer devices range from 2 to 32, and the value remains constant between sessions. While hardware concurrency alone provides limited entropy, it combines with other hardware signals (DeviceMemory, screen resolution, GPU renderer) to narrow the population of devices that share an identical configuration. High core counts (16–32) are rare enough to make a meaningful contribution to fingerprint uniqueness, particularly in combination with other signals.

HTTP header fingerprinting derives an identifier from the headers a browser sends with every request — without any JavaScript. Key signals include the User-Agent string (browser, version, OS), Accept-Language (locale preferences), Accept-Encoding (supported compression algorithms), Accept (supported MIME types), Connection and Upgrade-Insecure-Requests directives, and the order in which these headers appear. Differences in header order are stable across HTTP/2 implementations and can distinguish browser families with high confidence. HTTP header fingerprinting is entirely passive — it requires no JavaScript execution — making it invisible to script-blocking tools. Combined with TLS fingerprinting (which examines the TLS ClientHello), server-side passive fingerprinting is a powerful complement to JavaScript-based active fingerprinting.

Incognito mode (called "Private Browsing" in Firefox and Safari) instructs the browser not to persist cookies, browsing history, form data, or downloads to disk after the session ends. However, it provides no protection against browser fingerprinting because it does not alter the browser's environment. The screen resolution, installed fonts, GPU renderer, language settings, timezone, and all other attributes that form a fingerprint are identical inside and outside incognito mode. The AmIUnique Project confirmed that fingerprints produced in private browsing windows are indistinguishable from normal-mode fingerprints. Incognito mode prevents local storage of session data but does nothing to limit what remote servers observe about the browser. Users who believe incognito mode makes them untraceable are subject to what privacy researchers call the "private browsing misconception."

An IP address is a numerical label (e.g., 192.0.2.1 in IPv4 or 2001:db8::1 in IPv6) assigned to a device on a network that enables routing of internet traffic. It is one of the most visible identifiers transmitted with every web request. IP geolocation can pinpoint a user's country, city, and sometimes ISP or approximate street-level location. While IP addresses change frequently for home users (DHCP reassignment), they can be fairly stable on mobile networks or business connections. Because IP addresses alone are insufficient for persistent tracking (they change, are shared via NAT, or hidden by VPNs), they are typically used as a component of a larger fingerprint rather than as a standalone identifier. IPv6 addresses may embed device MAC addresses via SLAAC, creating additional privacy risks.

JavaScript API fingerprinting is the umbrella term for any fingerprinting technique that relies on executing JavaScript to query browser and device APIs. This covers canvas fingerprinting (via HTMLCanvasElement.getContext), WebGL fingerprinting (WebGLRenderingContext), audio fingerprinting (AudioContext), font detection (CSS measurement via DOM elements), navigator property collection (navigator.userAgent, navigator.languages, etc.), screen properties (screen.width, devicePixelRatio), hardware APIs (navigator.hardwareConcurrency, navigator.deviceMemory), and timing-based techniques. Because JavaScript APIs must be available for legitimate web functionality, blocking all of them would break most websites. Tracking scripts typically collect these values opportunistically in a few milliseconds during page load, making the process transparent to the user.

In browser privacy research, a latent fingerprint refers to identifying information that is not collected by a fingerprinting script in a given session but could be extracted in the future as techniques evolve. Examples include accelerometer bias (not yet widely exploited on the web), EEG-like typing patterns derivable from high-resolution timing APIs, or radio frequency emissions accessible via hardware sensors. The concept underscores that the browser's attack surface for fingerprinting expands as new APIs are added to web standards. Privacy advocates use the term to argue for a "privacy by default" approach to new browser API design, where features are evaluated for fingerprinting potential before standardisation rather than after exploitation is documented.

LocalStorage is a Web Storage API that allows websites to store key-value pairs in the browser with no expiration date, persisting across sessions until explicitly deleted. Unlike cookies, localStorage data is not sent with HTTP requests; it is only accessible via JavaScript on the same origin. Because it persists indefinitely and is not cleared by incognito mode in most browsers (though some do clear it), localStorage can be used as a persistent tracking vector — a lightweight form of "supercookie." Fingerprinting scripts may use localStorage to cache a previously computed fingerprint hash, reducing re-computation overhead and ensuring a consistent identifier even if minor browser attributes change between sessions.

The MediaDevices API (navigator.mediaDevices) provides access to connected media input devices such as microphones, cameras, and screen capture streams. The enumerateDevices() method returns a list of available media devices and, in browsers that expose device labels without explicit permission, can reveal device identifiers that are stable across sessions and contribute to a fingerprint. Even without labels, the number of available microphones and cameras, their grouping, and their device IDs (which are origin-scoped but consistent) provide modest fingerprinting signal. Modern browsers have tightened MediaDevices permissions so that label details require prior user consent, but device count and topology remain accessible without permission in many implementations.

Mouse movement fingerprinting captures the trajectory, speed, acceleration, curvature, and micro-tremor patterns of cursor movements to construct a behaviorally unique identifier. Because motor control is shaped by individual neuromuscular characteristics, mouse dynamics are difficult to replicate and distinguish users with high accuracy. Machine learning classifiers trained on mouse movement datasets have achieved per-user re-identification accuracy exceeding 95% in controlled studies. This form of behaviorally anchored fingerprinting is particularly concerning because it cannot be blocked without also disabling pointer events, which would render interactive websites non-functional. It is used commercially in applications such as online exam proctoring, fraud detection, and continuous authentication systems.

The Navigator object is a JavaScript interface (window.navigator) that exposes metadata about the browser and operating system. Key properties include userAgent (the full browser identification string), platform (OS identifier), languages (preferred language array), cookieEnabled, javaEnabled(), hardwareConcurrency (CPU thread count), deviceMemory (approximate RAM), connection (network type and speed), and onLine (connectivity status). Collectively these properties contribute several bits of entropy to a browser fingerprint. Some browsers have begun sending reduced or generic Navigator values to limit fingerprinting exposure, a practice encouraged by the Privacy CG's "reducing fingerprinting surface" guidelines.

Network fingerprinting identifies a device or user based on observable network-layer characteristics rather than browser-level signals. Relevant attributes include IP address geolocation, autonomous system (ASN), ISP, round-trip time (RTT) to known servers, TCP window size and options, HTTP/2 frame ordering, and TLS handshake parameters. By correlating these network-level attributes with application-level signals, trackers can establish identity across network topology changes. Passive network fingerprinting (observing traffic without injecting probes) is particularly powerful for ISPs, CDNs, and large hosting providers who see traffic from millions of users. Network fingerprinting is largely invisible to application-layer privacy tools like browser extensions, which operate above the transport layer.

The OfflineAudioContext is a Web Audio API interface that processes audio entirely in memory without playing it back, making it invisible to the user and faster than real-time audio rendering. It is the primary mechanism used for AudioContext fingerprinting: a script creates an offline context, generates an oscillator signal, processes it through a series of nodes, renders it to a buffer, and reads the resulting floating-point samples. Because the computation runs silently without user permission, it produces a highly consistent fingerprint signal. The offline context approach was preferred over the online AudioContext by fingerprinting libraries because it completes faster and does not trigger browser audio-permission prompts. Brave and some Firefox configurations return fuzzed values from the OfflineAudioContext to mitigate this attack.

OS fingerprinting identifies a device's operating system from browser-exposed attributes. The most direct source is the User-Agent string, which typically names the OS and its version (e.g., "Windows NT 10.0", "Mac OS X 14_3", "Android 14"). Additional OS-level signals include system fonts installed with the OS, default timezone, platform string, touchscreen capability, and rendering quirks in canvas or WebGL outputs that differ across OS graphics stacks. Knowing the OS allows trackers to narrow a user's anonymity set significantly — for example, macOS users make up approximately 15–20% of desktop web users globally, while niche OS variants (BSD, ChromeOS, older Windows) are rarer still. OS version is particularly sensitive on mobile platforms where adoption is slower, making it an effective differentiator.

Panopticlick was a browser fingerprinting research project launched by the Electronic Frontier Foundation (EFF) in 2010, later rebranded as "Cover Your Tracks" (coveryourtracks.eff.org). It was among the first large-scale empirical demonstrations of browser fingerprint uniqueness, analysing over 470,000 browser fingerprints and finding that 83.6% of browsers had unique fingerprints across all users tested, and 94.2% were unique among those with Flash or Java enabled. The project established the bit-of-entropy methodology for measuring fingerprint identifying power and remains one of the most cited references in privacy research. The rebranded Cover Your Tracks version now also tests against known tracking scripts and provides a real-time assessment of how "trackable" a given browser is.

Passive fingerprinting collects identifying information entirely from data the browser transmits without any JavaScript execution. This includes HTTP request headers (User-Agent, Accept-Language, Accept-Encoding), TLS ClientHello parameters, IP address, and timing metadata visible in network packets. Passive fingerprinting is invisible to users and cannot be blocked by script-blocking tools such as uBlock Origin or NoScript because it occurs at the network layer. It is used by CDNs, load balancers, and web application firewalls for bot detection and traffic analysis. Unlike active fingerprinting (which requires script execution), passive fingerprinting is always "on" for any web request, including API calls, resource fetches, and background beacon requests.

The device pixel ratio (window.devicePixelRatio) is the ratio of physical screen pixels to CSS logical pixels on a display. High-DPI (Retina, HiDPI) screens have ratios of 2 or 3, while standard-resolution displays report 1. The value is highly stable (it changes only when the user moves a browser window between monitors of different densities) and partially correlated with device model. In combination with screen resolution and colour depth, the pixel ratio helps narrow the population of devices sharing a given display configuration. Privacy-oriented browsers have considered returning rounded or discretised pixel ratio values to reduce this fingerprinting vector, though it has not yet been widely implemented.

Privacy Sandbox is Google's initiative, announced in 2019, to replace third-party cookies and cross-site identifiers with a set of privacy-preserving browser APIs that provide ad-targeting and measurement capabilities without exposing individual user identities to advertisers. Key APIs include the Topics API (interest-based targeting via on-device topic classification), the Protected Audience API (remarketing without cross-site identity), and Attribution Reporting (conversion measurement). Privacy advocates and regulators have raised concerns that Privacy Sandbox replaces one privacy risk (third-party cookies) with another (browser-mediated tracking that still creates detailed profiles, now consolidated within Chrome). The UK's Competition and Markets Authority (CMA) subjected the initiative to binding commitments before allowing cookie deprecation to proceed. Fingerprinting behaviour in a post-cookie ecosystem remains an open research question.

resistFingerprinting is a Firefox browser preference (privacy.resistFingerprinting) that, when enabled, makes the browser return standardised or randomised values for many JavaScript APIs commonly used for fingerprinting. Effects include reporting a generic user agent, locking screen resolution to a fixed value, returning white noise for canvas readings, faking timezone as UTC, disabling battery status, reducing timer precision, and spoofing a number of navigator properties. Originally developed for Tor Browser and contributed upstream to Firefox, resistFingerprinting significantly reduces fingerprint entropy but can also break websites that depend on accurate environment data. It is generally considered a more aggressive approach than Brave's randomisation strategy, which aims to balance privacy with compatibility.

Round-trip time is the time it takes for a network packet to travel from a client to a server and return, measured in milliseconds. RTT is observable server-side in HTTP timing headers and TCP handshake logs, and can also be exposed to scripts via the Network Information API (navigator.connection.rtt). RTT varies with network topology, physical distance to the server, and congestion. While an imprecise fingerprinting signal on its own, RTT combined with IP geolocation and ISP data can help correlate sessions from the same geographic location and ISP, even when IP address changes. Consistent RTT patterns also appear in TCP fingerprinting tools such as p0f, which use timing alongside window size and option fields to identify the remote operating system.

Screen resolution is the number of horizontal and vertical pixels on a display (e.g., 1920×1080, 2560×1440), accessible in JavaScript via screen.width, screen.height, and related properties. Combined with window.innerWidth (viewport size), screen.colorDepth, and devicePixelRatio, screen geometry provides a composite display fingerprint. While common resolutions (1920×1080, 1366×768) are shared by millions of users, less common resolutions or unusual aspect ratios significantly increase fingerprint uniqueness. Maximised vs. non-maximised window sizes also reveal additional information about monitor and taskbar dimensions. Screen resolution is one of the oldest and most widely collected fingerprinting signals, present in virtually every implementation since the early 2000s.

SessionStorage is a Web Storage API that stores key-value data for the duration of a browser tab's session, clearing the data when the tab is closed. Unlike localStorage, session storage data does not persist across tabs or windows, even on the same origin. While its short lifespan limits its use as a persistent tracking vector, fingerprinting scripts can use sessionStorage to cache computed fingerprint values during a session, avoiding redundant re-computation. Session storage is always cleared in private browsing modes that properly implement the spec, making it less useful than localStorage for long-term tracking. Its significance in the fingerprinting context lies primarily in its role as a temporary buffer rather than a persistent identifier store.

A supercookie is any tracking mechanism that behaves like a cookie — storing a persistent identifier — but uses a storage channel that is difficult or impossible for users to clear through standard browser controls. Examples include HSTS supercookies (which exploit HTTP Strict Transport Security policy caches to encode a bit pattern), ETag-based caching (storing identifiers in HTTP cache validation headers), IndexedDB/localStorage persistence outside of cookie storage, CSS-based history sniffing (now blocked), and cache-timing attacks. Supercookies can "respawn" standard cookies by re-reading the supercookie value if the user clears their cookies but not other browser storage. Several HSTS supercookie techniques were demonstrated to work across browsers and were partially mitigated by partitioning browser caches by top-level site (Storage Partitioning), implemented in Firefox, Chrome, and Safari.

TLS fingerprinting analyses the parameters of the TLS/SSL ClientHello message — the first message a client sends when establishing an encrypted connection — to identify the software making the request. The ClientHello contains the cipher suites the client supports, TLS extensions, compression methods, elliptic curves, and signature algorithms, all in a specific order that varies by TLS library and version. JA3 and JA3S are popular hashing algorithms (created by Salesforce in 2017) that reduce these parameters to a 32-character MD5 hash. A JA3 hash can identify not just the browser family but also specific library versions, distinguishing legitimate browser traffic from automated tools or malware. TLS fingerprinting is entirely passive and server-side, requiring no JavaScript and leaving no browser-visible trace.

Tor Browser is a hardened, privacy-focused browser built on Firefox that routes all traffic through the Tor anonymity network and implements aggressive anti-fingerprinting measures. Its fingerprinting protections include a shared user agent and platform string for all users, fixed window dimensions (a multiple of 200×100), disabled battery status, reduced canvas precision (with a randomised noise injection prompt), disabled WebRTC, limited font list, and many other standardisation measures. The goal is to make all Tor Browser users appear identical, maximising the anonymity set. According to EFF research, Tor Browser achieves fingerprint uniqueness rates below 5% compared to 83.6% for the general browser population. The tradeoff is reduced compatibility with websites that rely on standard browser APIs for legitimate functionality.

A tracking pixel (also called a web beacon or pixel tag) is a 1×1 transparent image embedded in a webpage or email that, when loaded, sends an HTTP request to a remote server. Because every request includes HTTP headers (User-Agent, Accept-Language), the requester's IP address, and a timestamp, the server can log when and where the pixel was loaded without any JavaScript. Tracking pixels are used for email open tracking, ad impression measurement, and cross-site analytics. While simple, they remain effective because they are difficult to block reliably — email clients that fetch remote images, and browsers that load embedded resources, will trigger them. Modern email clients increasingly block remote images by default to prevent email tracking pixel abuse.

A uniqueness score is a quantitative measure of how identifiable a browser fingerprint is within a reference population. It is typically computed by comparing a visitor's fingerprint to a database of previously seen fingerprints and reporting either the rarity of an exact match (percentage of users sharing the identical fingerprint) or the total entropy across all collected attributes (measured in bits). A uniqueness score of 100% indicates that the fingerprint is unique in the database — no other observed browser produced the same combination of attributes. Tools such as Fingerprint Tools, AmIUnique, and the EFF's Cover Your Tracks compute and display per-user uniqueness scores to help users understand their fingerprinting exposure. Lower scores are better from a privacy perspective, indicating a more common, less identifiable configuration.

The User Agent (UA) string is a text field sent in the User-Agent HTTP request header that identifies the browser, its version, the rendering engine, and the operating system. For example: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36. The UA string carries significant fingerprinting entropy because it encodes browser version, OS, and CPU architecture in a single string. Exact version numbers narrow the population of matching browsers considerably. In response, major browser vendors have adopted a "User-Agent reduction" strategy — Chrome's User-Agent Client Hints initiative (launched 2022) replaces the verbose UA string with a set of structured header fields that reveal less granular version information, reducing fingerprinting potential while preserving the legitimate use case of content negotiation.

A Virtual Private Network (VPN) routes internet traffic through an intermediary server, replacing the user's true IP address with the VPN server's IP and encrypting traffic between the user and the server. While VPNs effectively hide the user's IP from websites and prevent ISP-level traffic monitoring, they do nothing to alter browser or device characteristics. A fingerprint composed of canvas hash, WebGL renderer, installed fonts, screen resolution, navigator properties, and audio context values is completely unaffected by VPN use. A tracker that has already fingerprinted a user can re-identify them the moment they return to any tracked site, regardless of which VPN server or exit node they use. VPNs also fail to prevent WebRTC leaks, which can expose the user's real IP alongside the VPN IP if not explicitly blocked. For fingerprinting protection, VPNs are complementary to, not a replacement for, browser-level countermeasures.

WebGL fingerprinting exploits the WebGL API — a browser interface for hardware-accelerated 3D graphics — to derive a device-specific identifier from GPU rendering characteristics. The most explicit source is the WEBGL_debug_renderer_info extension, which exposes the GPU vendor and renderer name in plain text. Beyond this, WebGL fingerprinting renders a complex scene (specific 3D shapes, lighting, texture coordinates) and reads back the pixel values; subtle differences in GPU architecture, driver version, and shader compiler optimisation produce measurably distinct outputs. The combination of extension list, max texture size, shader precision formats, and rendered pixel hash creates a multi-dimensional, high-entropy fingerprint signal. WebGL fingerprinting was documented at scale in the 2014 Princeton study and is present in most commercial fingerprinting SDKs today.

WebRTC (Web Real-Time Communication) is a browser API standard that enables peer-to-peer audio, video, and data exchange directly between browsers without a server relay. It is widely used in video conferencing, file sharing, and online gaming. From a fingerprinting and privacy perspective, WebRTC is significant because the STUN protocol it uses to negotiate peer connections can expose a user's local (LAN) IP address and their public IP address — even when the user is behind a VPN — because STUN requests bypass the VPN tunnel's routing rules. This is known as a WebRTC leak. Additionally, the ICE candidate negotiation process reveals device network adapter details that can contribute to a fingerprint. WebRTC leaks can be mitigated by disabling WebRTC in the browser or using an extension that controls ICE candidate policy.

A WebRTC leak is a privacy vulnerability in which a browser's WebRTC implementation discloses the user's real IP address(es) — including local network IPs and the public IP address from the user's ISP — to any web page that requests them, even when the user is using a VPN or proxy. The leak occurs because WebRTC STUN server requests are made outside the VPN's network tunnel. A page can enumerate all ICE candidates (potential network paths) returned by the browser, which include the user's local IP (192.168.x.x), public IP, and VPN-assigned IP simultaneously. This allows a website to identify the user's true location and cross-correlate sessions regardless of VPN usage. WebRTC leaks can be tested with tools like browserleaks.com and mitigated by setting the ICE candidate policy to "relay" only, or by using a browser extension that restricts WebRTC peer connection access.

Window size refers to the dimensions of the browser viewport — the visible area of the page — accessible via window.innerWidth and window.innerHeight. Unlike screen resolution (which is fixed hardware), window size changes based on whether the browser is maximised, windowed, or tiled, and on the presence and size of browser UI chrome (toolbars, scrollbars). The combination of outer window dimensions (including browser chrome) and inner viewport size reveals information about both the display and the browser configuration. Non-maximised windows produce unusual aspect ratios that are rare in the general population, contributing to fingerprint uniqueness. Tor Browser addresses this by enforcing letter-boxed window sizing — the viewport is padded to a standard multiple of 200×100 pixels, preventing window size from being used as a fingerprinting signal.

Groupe d'utilisateurs parmi lesquels un individu ne peut pas être distingué en fonction des caractéristiques observables. Plus l'ensemble est grand, meilleure est la protection. Tor Browser maximise cet ensemble en faisant paraître tous ses utilisateurs identiques.

Ensemble de fonctionnalités de navigateur, d'extensions ou de configurations conçues pour empêcher les scripts d'empreinte. Les techniques incluent l'injection de bruit, le blocage des API JavaScript à haute entropie et le signalement d'un agent utilisateur générique.

Technique d'empreinte qui exploite les différences de traitement audio entre les appareils. Un signal audio de test est généré et analysé via l'API Web Audio — les variations du pipeline de traitement audio créent un identifiant stable et unique.

API JavaScript permettant aux pages web de lire le niveau de batterie et l'état de charge d'un appareil. En raison de préoccupations de confidentialité identifiées dans l'étude « The Leaking Battery » (2015), la plupart des navigateurs ont depuis restreint ou supprimé cette API.

Technique d'identification basée sur les patterns d'interaction de l'utilisateur : trajectoires de souris, cadence de frappe, comportements de défilement et données des capteurs de mouvement. Les classifieurs d'apprentissage automatique peuvent ré-identifier les utilisateurs avec plus de 95 % de précision.

Mesure quantitative du pouvoir d'identification d'un profil de navigateur, exprimée en bits. Plus l'entropie est élevée, plus le navigateur est unique et facilement traçable. Un navigateur moyen présente environ 18 bits d'entropie, soit une unicité parmi 262 000 appareils.

Identifiant unique dérivé de la collecte de multiples attributs du navigateur et de l'appareil — résolution d'écran, polices, agent utilisateur, GPU, fuseau horaire, etc. Contrairement aux cookies, ne stocke rien sur l'appareil et ne peut pas être effacé par l'utilisateur.

Technique d'empreinte qui exploite de minimes différences de rendu graphique entre les appareils. Un texte ou une image cachée est dessiné(e) avec l'API Canvas HTML5, et le hash des données pixel résultantes constitue un identifiant stable. Découverte à grande échelle par des chercheurs de Princeton en 2014.

Loi californienne sur la vie privée des consommateurs, entrée en vigueur en 2020, accordant aux résidents californiens des droits sur leurs données personnelles, dont le droit de refuser la vente de leurs données — ce qui peut s'appliquer aux données d'empreinte de navigateur.

Légère dérive de l'horloge interne d'un appareil, mesurable de l'extérieur. Des chercheurs ont démontré qu'il pouvait servir d'identifiant passif stable, même à travers les VPN et les réseaux, car il reflète les caractéristiques physiques du matériel de l'appareil.

Système permettant aux sites web de collecter, stocker et gérer les préférences de consentement des utilisateurs, notamment pour les cookies et les empreintes de suivi. Requis par le RGPD et la directive ePrivacy dans l'UE.

Petit fichier texte stocké sur l'appareil d'un utilisateur par un site web pour mémoriser des informations entre les visites. Contrairement à l'empreinte de navigateur, les cookies peuvent être vus, supprimés ou bloqués par l'utilisateur.

Terme plus large englobant l'empreinte de navigateur, incluant également les attributs au niveau de l'OS et du matériel. Utilisé pour identifier un appareil à travers différents navigateurs ou applications sur le même appareil.

Situation où les requêtes DNS d'un utilisateur sont envoyées en dehors du tunnel VPN, exposant l'historique de navigation à l'ISP malgré l'utilisation d'un VPN. Constitue un vecteur d'identification supplémentaire au-delà de l'empreinte de navigateur.

En-tête HTTP envoyé par le navigateur indiquant que l'utilisateur ne souhaite pas être suivi. Non contraignant et largement ignoré par les traceurs — ironiquement, avoir DNT activé peut légèrement augmenter l'unicité de l'empreinte car peu d'utilisateurs l'utilisent.

Empreinte de navigateur qui change légèrement dans le temps en raison des mises à jour du navigateur, des modifications de configuration ou des installations d'extensions. Les systèmes de suivi sophistiqués utilisent des algorithmes d'évolution pour maintenir la continuité des identités malgré ces changements.

Mesure empruntée à la théorie de l'information quantifiant le pouvoir d'identification d'un attribut, exprimée en bits. 1 bit = 2 valeurs possibles ; 10 bits = 1024 valeurs possibles. L'entropie totale d'une empreinte est la somme des entropies de chaque attribut.

Directive européenne (2002/58/CE) régissant la vie privée dans les communications électroniques. L'article 5(3) exige le consentement pour l'accès à l'appareil de l'utilisateur, ce que les autorités de protection des données ont interprété comme couvrant également l'empreinte de navigateur.

Bibliothèque JavaScript créée par Samy Kamkar en 2010, démontrant comment un identifiant peut être stocké et régénéré dans plus d'une douzaine de mécanismes de stockage du navigateur simultanément. Sert de référence pour illustrer la persistance potentielle du suivi.

Bibliothèque JavaScript open-source de collecte d'empreintes de navigateur. La version Pro commerciale est largement déployée à des fins de prévention de la fraude et d'authentification. Utile pour les développeurs souhaitant comprendre les techniques d'empreinte.

Cookie défini par le site web que vous visitez directement, plutôt que par une ressource tierce. Généralement nécessaire aux fonctionnalités du site (connexion, panier). Contrairement aux cookies tiers, les cookies de première partie sont généralement acceptés même par les navigateurs axés sur la vie privée.

Technique détectant les polices installées sur le système d'exploitation via les différences de rendu CSS/JavaScript. La liste des polices installées contribue environ 13 bits d'entropie — parmi les valeurs les plus élevées de tous les attributs individuels d'empreinte.

Règlement européen sur la protection des données entré en vigueur en mai 2018. Classifie l'empreinte comme données personnelles lorsqu'elle peut identifier un individu, nécessitant une base légale (généralement le consentement), la transparence et le respect des droits des personnes concernées.

Voir Empreinte WebGL. Identifie spécifiquement l'unité de traitement graphique via les chaînes de rendu WebGL et les variations de rendu de scènes 3D. Peut atteindre plus de 99 % d'unicité dans certaines études.

Propriété JavaScript (navigator.hardwareConcurrency) révélant le nombre de cœurs logiques du processeur. Utilisée dans l'empreinte inter-navigateurs car elle reflète le matériel de l'appareil plutôt que le navigateur spécifique.

Technique passive utilisant les en-têtes HTTP envoyés automatiquement par le navigateur à chaque requête : User-Agent, Accept, Accept-Language, Accept-Encoding et leur ordre. Ne nécessite aucune exécution JavaScript et ne peut pas être bloquée par les bloqueurs de scripts.

Mode de navigation empêchant le stockage local de l'historique et des cookies, mais n'offrant aucune protection contre l'empreinte de navigateur. L'empreinte est identique en mode normal et privé car elle lit les attributs du navigateur/matériel, pas les données stockées.

Identifiant réseau numérique attribué à chaque appareil connecté à Internet. Complément courant à l'empreinte de navigateur pour la localisation géographique. Un VPN peut masquer l'IP réelle, mais l'empreinte de navigateur reste inchangée.

Terme général désignant les techniques d'empreinte utilisant les API JavaScript pour collecter des attributs du navigateur et de l'appareil. Comprend l'empreinte canvas, WebGL, audio, polices, navigator et d'autres API web.

Composante d'empreinte non immédiatement utilisable mais qui, combinée à d'autres signaux, contribue à l'identification. Par exemple, la liste des codecs multimédias pris en charge peut sembler commune individuellement, mais devient identifiante dans le contexte d'un profil plus large.

Mécanisme de stockage web côté client permettant aux sites de stocker des données persistantes dans le navigateur sans date d'expiration. Peut être utilisé comme vecteur de supercookie, mais est désormais partitionné par origine dans les navigateurs modernes.

API JavaScript exposant les appareils multimédias disponibles : microphones, caméras, haut-parleurs. Même sans permission d'accès, l'énumération des types et du nombre d'appareils disponibles peut contribuer à l'empreinte.

Forme d'empreinte comportementale analysant les trajectoires et micro-tremblements de la souris pour créer un identifiant biométrique comportemental. Nécessite une interaction active de l'utilisateur mais produit des signatures très stables.

Interface JavaScript (window.navigator) exposant des métadonnées sur le navigateur et le système d'exploitation : agent utilisateur, plateforme, langues, état des cookies, concurrence matérielle, mémoire de l'appareil, et plus. Contribue plusieurs bits d'entropie à l'empreinte.

Identification d'un appareil ou d'une connexion basée sur les caractéristiques réseau : délais de connexion TCP, comportement TLS, résolution DNS, et informations de connexion via l'API Network Information. Complément passif à l'empreinte de navigateur.

Interface de l'API Web Audio utilisée dans l'empreinte audio. Traite l'audio sans sortie sur le périphérique audio réel, rendant la technique invisible pour l'utilisateur. Le rendu audio hors ligne révèle les variations du pipeline de traitement audio spécifiques à l'appareil.

Identification du système d'exploitation sous-jacent à travers les informations exposées par le navigateur : chaîne de plateforme, polices système, comportement de rendu, et APIs matérielles. Utilisée dans l'empreinte inter-navigateurs pour lier des sessions sur différents navigateurs du même appareil.

Outil de recherche pionnier de l'EFF (rebaptisé « Cover Your Tracks ») démontrant l'unicité des empreintes à grande échelle. L'étude initiale a analysé plus de 470 000 empreintes et trouvé que 83,6 % étaient entièrement uniques.

Collecte de données à partir des informations que le navigateur transmet automatiquement — en-têtes HTTP, paramètres TLS — sans exécution de JavaScript. Entièrement invisible et impossible à bloquer par des extensions de navigateur.

Rapport des pixels physiques aux pixels CSS logiques (window.devicePixelRatio). Les écrans haute résolution (Retina, HiDPI) ont des ratios de 2 ou 3. Stable sur le même écran, contribue à l'identification de la configuration d'affichage.

Initiative de Google visant à remplacer les cookies tiers par des API alternatives de ciblage publicitaire préservant davantage la vie privée. Critiquée par les défenseurs de la vie privée comme remplaçant une forme de suivi par une autre.

Préférence Firefox (privacy.resistFingerprinting) activant des protections avancées contre les empreintes : normalisation de l'agent utilisateur, résolution d'écran fixe, timezone UTC, bruit dans les API canvas et audio. Réduit significativement l'unicité de l'empreinte.

Temps nécessaire à un paquet réseau pour voyager vers une destination et revenir. Exposé par l'API Network Information, contribue à l'empreinte réseau et peut révéler des informations sur la localisation géographique et le type de connexion.

Nombre de pixels horizontaux et verticaux sur un écran, accessible via screen.width et screen.height. Combinée à window.innerWidth, la profondeur de couleur et le ratio de pixels, elle constitue une empreinte d'affichage composite.

Mécanisme de stockage web similaire à LocalStorage, mais limité à la session de navigation courante. Effacé à la fermeture de l'onglet. Moins utile pour les supercookies persistants que LocalStorage.

Tout mécanisme de suivi stockant un identifiant persistant dans un canal de stockage non effaçable par les contrôles standard du navigateur — caches HTTP, HSTS, ETags. Les navigateurs modernes atténuent ces techniques via le partitionnement du stockage.

Identification d'un client à partir des paramètres du handshake TLS. L'algorithme JA3 crée un hash MD5 à partir des suites de chiffrement, extensions et courbes elliptiques du ClientHello. Entièrement passif et non bloquable par les extensions de navigateur.

Navigateur conçu pour l'anonymat maximisant l'ensemble d'anonymat en standardisant toutes les empreintes utilisateurs. Achemine le trafic par plusieurs nœuds Tor et normalise les attributs du navigateur pour rendre tous les utilisateurs identiques.

Image transparente d'un pixel intégrée dans une page web ou un email, permettant de notifier un serveur lors du chargement. Peut être combinée avec l'empreinte pour confirmer l'identité d'un utilisateur ou suivre l'ouverture d'emails.

Mesure de la rareté de votre empreinte de navigateur dans une population de référence, exprimée en pourcentage. Un score de 100 % signifie qu'aucune autre empreinte dans la base de données ne correspond exactement à la vôtre. Pour la vie privée, vous voulez un score aussi bas que possible.

En-tête HTTP identifiant le navigateur, la version, le système d'exploitation et l'architecture. Contribue plusieurs bits d'entropie car encode de nombreuses informations dans une seule chaîne. Peut être modifiée mais un User Agent inhabituel peut lui-même devenir un signal identifiant.

Un VPN masque l'adresse IP et chiffre le trafic réseau, mais n'offre aucune protection contre l'empreinte de navigateur. Votre empreinte (canvas, WebGL, polices, résolution, etc.) reste identique avec ou sans VPN. Outil complémentaire, non substitutif aux protections de confidentialité du navigateur.

Technique exploitant les différences de rendu GPU via l'API WebGL. La chaîne de rendu identifie le modèle de GPU, et le rendu de scènes 3D complexes produit des variations de pixels mesurables entre les appareils. Peut atteindre un taux d'unicité supérieur à 99 %.

API Web permettant les communications en temps réel (appels vidéo, partage de fichiers) directement dans le navigateur. Peut révéler l'adresse IP locale de l'utilisateur même derrière un VPN via un processus appelé « fuite WebRTC ».

Divulgation de l'adresse IP locale et parfois réelle d'un utilisateur via l'API WebRTC, même lorsqu'un VPN est actif. Constitue un risque de confidentialité distinct de l'empreinte de navigateur. Peut être atténuée en désactivant WebRTC ou en utilisant des extensions appropriées.

Dimensions de la fenêtre de navigation (window.innerWidth et window.innerHeight). Varie selon que le navigateur est maximisé ou non, et la présence de barres d'outils. Tor Browser impose une taille de fenêtre standardisée pour prévenir l'identification par cette caractéristique.