Am I Unique Online? Tracking Not just IP address and cookie But browser fingerprint!
Wondering what browser fingerprinting is and what it is used for? As a privacy concerned individual, you should know, In the past, cookies and IP Addresses were the two major ways in which websites identify users and track their behaviors online. As time passes by, privacy concerned individuals started looking for ways to hide their IP Addresses.
As for cookies, you can prevent a website from storing it on your browser. With these practices, websites began losing grip of their users’ information and as such, they turned to use the information provided by browsers by default, to enable websites to be responsive and appear differently to users based on their individual browsers and their settings – this information provides the bases for Browser Fingerprinting.
What is a Browser Fingerprint?
A Browser Fingerprint is a set of browser attributes and devices information accessible from the browser that can be used for identifying unique browsers. While it sounds like it is used for identifying browsers, the uniqueness it provides makes it a technique for partially identifying individuals online – depending on how unique your system and browser attributes and settings are; it can be used for fully identifying not just your browser but also you online.
Browser Fingerprinting exploits the information that must be provided for a better web experience to get these attributes. This is seen as an invasion of privacy as you can actually be tracked and identified if the Browser Fingerprint computed for you is unique.
However, Browser Fingerprints becomes useless when a browser is not unique; that is when it shares the same sets of settings and attributes known as the fingerprint with other browsers. It makes use of the underlying reason for collecting human fingerprints – for analysis purposes. But what it analyzes becomes the reason for concern.
How Unique is a Browser?
The question above usually pops up in the minds of many the first time they hear of the term Browser Fingerprints and what they are used for. The information collected seems fragmented and generic, providing no real information about you.
How then can such be used to partially or fully identify an individual online? For tiny bits of information about your browser to be used as a means of identification, it has to be unique. How unique are these tiny bits of information collected?
It might interest you to know that a study was carried out by EFF and it was discovered that when all the attributes and information are brought together, 83.6 percent of browsers have unique fingerprints – and if you consider those with Flash and Java enabled only, that number rises to 94.2 percent. According to research carried out by Panopticlick, only 2 browsers might share the same fingerprint in a collection of 286,777 browsers. That’s how unique your browser is and in many cases, they might get lucky and a unique fingerprint of your browser is gotten.
What is My Browser Fingerprint?
What information about your browser and machine gets leaked to websites? All of this information for what is known as a Browser Fingerprint. Before any website gets hold of them, it is important you know what’s been revealed.
Browser Fingerprint Components
Your system font list is also used in building your Browser Fingerprints. The system font list varies depending on a good number of factors and sites exploit these variations to create a more accurate fingerprint. The more fonts available for them to analyze, the better you become unique.
The User-Agent is a string of text that identifies your browser. This information is provided in the HTTP header and can be used for determining how a page should appear in a browser. An example of User-Agent information is “Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36” as you can see, it contains not just information about your browser but also reveals the Operating System you are using.
Very important is the screen resolution of your browser. This means that the more you resize the window of your browser, the better you give them the chance to provide a more accurate fingerprint of you. It might interest you to know how the smallest change in this can become the reason you will be unique.
There is a canvas API that can come with HTML5 that is being used for fingerprint. The Tor Project describes it as the largest source of fingerprint source after plugin-related information. Canvas was actually introduced to bring graphic design capabilities to the web. Just like any other features and attributes, it has become part of the Browser Fingerprinting process.
The number one information that is used by websites to build a fingerprint of your browser is the Plugins installed on your browser and their versions. Aside from plugins you install yourself, there are other plugins that come preinstalled with the browser. These sites use your plugins data as an integral part of your Browser Fingerprint.
The above information is not all. Sites that make use of Browser Fingerprinting needs as much information as they can get because the more information they lay their hands on, the better they can create unique fingerprints of each browser. Some of the other information collected includes the user interface details, TCP stack, JS behaviors, clock skew measurements, supercookies, time zone, and HTTP Accept, among others.
What is Browser Fingerprinting Used for?
As you already know, it is used for identification. But what for exactly? Identification does not provide the real picture. Do not worry that will be discussed in this section.
All the information they collect does not necessarily reveal your real identity – not even your home address or location; if your IP Address is masked. However, it can be used to group people into certain classes. The first set of companies that started Browser Fingerprinting were Advertisement companies. They can use this collected information to better track their users anywhere they go to on the internet that they have permission to check. With this, they can identify your interest and serve you better ads that will convert well.
Aside from the advert industry, there are other industries that make use of fingerprinting to provide better services. The banking industry, for example, uses it to track its users so that if there is an attempted login from an unfamiliar browser, users will be notified, and certain actions will be taken to prevent fraud. Browser Fingerprinting can also be used in other industries as well.
Privacy Concern and Why You Should Care
Many people are already pissed with ads company. They hate it when they visit a particular site or search for particular information and after then, when they visit Facebook, they get ads about it, when they go to read their favorite blogs, they see ads about them too. While some wouldn’t mind, some do as your identity has already been fingered and saved somewhere without your consent.
Not only for the sake of privacy, have you think of what malicious sites could do when they get hold of your Browser Fingerprint?
That, together with some of your device information, could be used to clone your identity and carry out malicious acts online.
While the practice has been on for sometimes, there has not been any study that looks into what malicious websites and users have used this information for, and as such, we have to be careful as we do not know the extent of damage that can be caused with this yet, aside from profiling and identification.
- Top 20 Free Web Proxy Server to surf website anonymously
- IP Scrambler – What is it and How does it work?
- How to Find Someone IP Address on Instagram
The activities carried out on the web has always been a source of controversy, and Browser Fingerprinting is one of such. Without your consent and even knowledge, a website that builds a profile of you using bits of information provided by your browser.
As a way of preventing websites from getting fingerprints of your browser, we have written an article on how to prevent browser fingerprinting.