Short definition: A technique that identifies users by collecting unique combinations of browser and device attributes.
1 min read
What It Is
Browser fingerprinting gathers technical details from a device such as screen size, installed fonts, plugins, timezone, graphics rendering, and user-agent data to generate a unique profile. Unlike cookies, a fingerprint persists across sessions, private browsing modes, and even after clearing storage, which makes it hard for users to stay anonymous.
Why It Matters
Cybercriminals can use fingerprinting to track users invisibly, bypass fraud controls, or correlate activity across multiple sites. For organizations, unusual or repeated fingerprints may indicate bot activity, account takeover attempts, or automated reconnaissance against exposed services.
How to Reduce Risk
- Use bot mitigation tools and anomaly detection
- Minimize unnecessary client-side data exposure
- Monitor device patterns during logins
- Enforce MFA to prevent device-based impersonation
Related Terms
- Session Hijacking
- Identity Threat Detection & Response (ITDR)
- Cross-Site Tracking
External Resources
- EFF: Cover Your Tracks — https://coveryourtracks.eff.org