Did you know that there is one way you can be tracked on the Internet without an IP address? That’s right, and it’s through browser fingerprinting.
Browser fingerprinting is one of the most accurate ways of tracking a particular device on the Interne, and it’s practically impossible to fully evade. You could evade it for short periods but it will take a lot of work and inconvenience that an average person would not spend time on.
Browser fingerprinting by itself does not discover your actual identity. However, when matched with other data that tracks you like an email address, an IP address, or a location, then the effect of browser fingerprinting is devastating. Browser fingerprinting is actually a device fingerprint but the data used comes from your browser.
Researchers found that statistically, a unique user can be identified by some characteristics of your device as reported by your browser. Examples are:
This has only gotten more sophisticated due to tricks related to cookies. For example, a collection of HTTP addresses you visited and traces of other apps on your device.
As it turns out, a specific computer can be picked out among millions based on these criteria and it is very accurate particularly for short periods of time.
This means that if an ad tracker discovers that you went to Amazon, and that later you went to YouTube, the ad tracker can figure out that it is the same device and it is able to connect the two events into one person.
So if the ad tracker assigns an ID number to you when it first encounters you on the Internet, it can then use that same ID number to track you and verify that it is you when you go visit other websites. It is able to do this because the same ad trackers are often in multiple websites, for example, as part of Google Ads.
This is how ad trackers effectively track your actions on the Internet. It is very invasive and unfortunately they often collect information beyond just serving ads.
These trackers collect your location for example, and because it can be matched to your device, they can discover all the places you been in all day without tracking an IP address. This is one of the pieces of information sold to data mining companies.
However, the problem gets worse because you cannot think of a browser or device fingerprint as an isolated data point. Your browser fingerprint can be matched to an IP address or an email discovered as a login to a website.
Here’s a specific case: one of the biggest and scariest propagators of browser fingerprinting is Facebook. Because of the ubiquitous Facebook ‘Like’ button which is functioning as an ad tracker, every website that has a Facebook ‘Like’ button actually has a built-in Facebook spyware. So you are being tracked across all websites which have the Facebook ‘Like’ button.
Where it becomes ultra-invasive is when you log into Facebook and then the browser fingerprint ID is then matched to your real name and your Facebook account. The rest of your Facebook data such as your location, preferences, likes, friends, and contact lists become part of one big database.
This is like a multiplier effect. It’s bad enough that they are tracking your Internet movements, but it is this extreme tracking which is more detailed. All your Internet activity is attached to a real account with a real name.
Outside of Facebook, there are enough pieces of data in a browser fingerprint that can be matched to other databases which reveal your real identity, such as your IP address.
This is why a Virtual Private Network (like BolehVPN) is still an important defence mechanism. Even if a browser fingerprint tracks you all over the Internet, as best you can you would want to deny it information on your real identity.
There are a number of websites which allow you to test the safety and privacy of your browser. Among them include Panopticlick which is run by the Electronic Frontier Foundation which can be used to test if your browser is safe against tracking.
Another popular website to test what details your browser is revealing about you is deviceinfo.me/.
AmIUnique can be used to identify how many users in the world have a browser fingerprint similar to yours, or rather how unique is your browser fingerprint which enables you to be profiled.
More like this