Browser fingerprinting explained: why deleting cookies doesn't help

The tracking method that survives everything

You delete your cookies. You use private browsing mode. You install a tracker blocker. You clear your browsing history. You might think you've made yourself invisible online. You haven't.

There's a tracking technique that doesn't use cookies, doesn't need to store anything on your device, and isn't blocked by most privacy tools. It works by reading the unique configuration of your browser and device — information your browser shares with every website you visit by default. This technique is called browser fingerprinting, and it's far more powerful than most people realize.

What is a browser fingerprint?

Every browser that connects to the internet shares a large amount of technical information with each website it visits. This information was originally intended to help websites render content correctly — to know whether to serve a mobile layout or a desktop one, for example. But it turns out that the combination of all this technical data creates a profile that's unique to your specific browser installation.

A browser fingerprint is this unique combination of technical attributes. It's like a digital fingerprint: no two are exactly alike. And crucially, it doesn't require any data to be stored on your device — the website reads your browser's properties directly on each visit.

What data goes into a fingerprint?

A comprehensive fingerprint can include hundreds of signals:

• Canvas fingerprint: Your browser is asked to draw invisible graphics. The exact rendering depends on your GPU, graphics drivers, and OS. The output is hashed to create a unique identifier.
• WebGL fingerprint: Similar to canvas, but using 3D rendering. The combination of GPU model, driver version, and rendering pipeline is effectively unique.
• AudioContext fingerprint: Your browser is asked to process audio at an inaudible frequency. The output varies based on your audio hardware and drivers.
• Installed fonts: The list of fonts on your system varies based on OS, applications installed, and manual additions. It's surprisingly unique.
• Screen resolution and color depth: Your monitor's exact specifications.
• Timezone and language settings: These narrow down your location significantly.
• Browser plugins and extensions: Your specific combination of installed extensions is highly identifying.
• Do Not Track setting: Ironically, having DNT enabled makes you more unique, since fewer people use it.
• HTTP headers: User-agent string, accepted content types, compression preferences.

Why cookies are obsolete for serious tracking

Cookies were the original tracking mechanism, and they have significant limitations: they can be deleted, blocked, or expire. Modern tracking has largely moved on. Browser fingerprinting offers several advantages over cookies:

• Persistence: Fingerprints don't expire and can't be "deleted" — they're regenerated fresh on each visit.
• Cross-device potential: Household fingerprinting can link multiple devices that share hardware characteristics.
• Circumvents consent: GDPR and CCPA require consent for cookies. Fingerprinting operates differently and occupies a regulatory grey area.
• Harder to detect: Most users have no idea fingerprinting is happening.

Who uses browser fingerprinting?

Fingerprinting is used by a wide range of actors with varying intent:

• Advertisers: To track users who have blocked cookies and maintain profile continuity across sessions.
• Fraud prevention systems: Banks and payment platforms use fingerprinting to detect anomalous behavior and flag potential fraud.
• Analytics platforms: To track unique visitors without relying on cookies.
• Data brokers: To match online behavioral data with offline profiles.

Can you protect yourself?

Fully protecting against fingerprinting is extremely difficult. The most effective approaches are:

• Tor Browser: Specifically designed to make all users look identical by standardizing all fingerprintable properties. Effective but significantly limits browsing speed and functionality.
• Brave Browser: Randomizes fingerprintable values on each session, making your fingerprint inconsistent and less useful for tracking.
• Firefox with strict mode: Blocks some fingerprinting vectors but not all.
• Canvas blocker extensions: Block the canvas and WebGL fingerprinting vectors specifically.

No approach is perfect. The goal is to increase the cost and reduce the accuracy of fingerprinting, not to achieve perfect invisibility.