Understanding Canvas Fingerprinting

By AdsPower

According to a study by Ghostery, a renowned free software provider, over 79% of websites with unique domains have trackers that collect user data. One of the most popular fingerprinting techniques today is canvas fingerprinting.

This innovative tracking technique allows websites to identify users by examining how their computers perform the task of drawing an image.

But, many users don’t want to be identified. These users might take steps like disabling their cookies, anonymizing their IP addresses, or using browser plugins to prevent tracking measures.

What is Canvas Fingerprinting?

Canvas fingerprinting is sophisticated and very accurate, and it’ s a specific kind of browser fingerprinting. In HTML5, drawing operations can render differently depending on your computer’s software and hardware characteristics. So, you can run JavaScript code that can render an image and use it to make a unique fingerprint.

How Does Canvas Fingerprinting Work?

When you click on a website with a canvas fingerprinting script, the script draws text with random font and size and a random background. Then the result is canvas pixel data is converted to a Base64 encoded format before being hashed into the fingerprint.

The main thing you have to always keep in mind is that different computers will draw the image in a slightly different way. Even if the images produced look the same to the human eye, there are slight variations that allow them to be differentiated.

Is Canvas Fingerprinting Legal?

Although browser fingerprinting becomes a hot topic today, there are no clear laws and regulations that address browser fingerprinting, leave alone canvas fingerprinting. In the US, there are no laws that govern web tracking, but at least the California Consumer Privacy Act and Vermont’s Data Broker Law try to address online tracking and data collection but not specifically canvas fingerprinting or even device fingerprinting in general.

According to the General Data Protection Regulation (GDPR), browser fingerprinting is legal in Europe as long as website owners comply with all the related rules and regulations. Even though the GDPR doesn't specifically mention fingerprinting, the website must get consent from users before tracking them, as is the case with cookies tracking.

How to Avoid Canvas Fingerprinting?

As we known, Canvas Fingerprinting relies on an integral part of websites - the HTML5 canvas element, it’s easy for you to block cookies that track your digital activity, but not to block the HTML5 canvas element.

Blocking canvas fingerprinting sounds like a plausible idea as users will not have sent their canvas fingerprint. The reality of the matter, however, is that blocking canvas fingerprinting identifies you outrightly.

Remember, plugins and extensions that you are running are part of the key identifiers in browser fingerprinting. In a nutshell, blocking canvas fingerprinting is like wearing a mask in a crowd of people without masks, something that makes you more conspicuous.

To avoid Canvas Fingerprinting, the first thing is to ensure that you raise no eyebrows by making sure the canvas fingerprinting feature is active, so you don't appear like you are masked already.

Then, use the canvas identity consistently, so it doesn't look like you are avoiding detection. Last, switch up the identity when necessary to erase the digital tracks. However, these actions are more likely to control it but not prevent it.

The most popular option is to make use of an anti-fingerprinting tool to prevent both canvas fingerprinting and browser fingerprinting since they do work hand in hand.

One of the most popular tools for preventing canvas fingerprinting is the Browser AdsPower. It’s a separated browser that could create a totally new internet environment on your device, for example, timezone, geolocation and etc. If you want to keep your IP address anonymous, just try Ads.


Meilleur navigateur à connexions multiples pour tous les secteurs

Understanding Canvas Fingerprinting