Detecting and evaluating browser fingerprinting
Kauppinen, Satu (2025)
2025
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2025110527207
https://urn.fi/URN:NBN:fi:amk-2025110527207
Tiivistelmä
This thesis investigates the persistence of browser fingerprinting as an online tracking technique and evaluates the effectiveness of modern browsers and privacy tools in mitigating the impact. The research questions are ‘How do modern fingerprinting techniques operate, and which browser/device attributes are most exploited?’, ‘To what extent can fingerprinting persist across privacy tools such as incognito mode or anti-fingerprinting extensions?’ and ‘How effective are widely used browsers and tools at re-ducing fingerprint uniqueness and preventing tracking?’
The theoretical framework is based on prior research into web tracking and fingerprinting. The work builds on existing literature, highlighting both the technical mechanisms and the limitations of counter-measures. Methodologically the research combines manual tests with automated experiments, testing different browsers with varying configurations.
The results answer to the research questions, while demonstrating that fingerprinting remains effective in all cases with stable attributes such as time zone and platform as well as high entropy attributes such as canvas fingerprinting and user agent strings. Privacy tools, privacy-focused browsers and more se-cure settings reduce fingerprinting activity, in some cases even significantly, but cannot eliminate it. Chrome and Edge exposed consistently the richest fingerprints, while Tor and Brave offer the strongest protections through spoofing. The conclusion is that browser choice and configuration significantly in-fluence fingerprinting resilience, yet no existing solution fully prevents tracking. Mitigation therefore requires a combination of technical defences, informed user practices and broader regulatory measures.
The theoretical framework is based on prior research into web tracking and fingerprinting. The work builds on existing literature, highlighting both the technical mechanisms and the limitations of counter-measures. Methodologically the research combines manual tests with automated experiments, testing different browsers with varying configurations.
The results answer to the research questions, while demonstrating that fingerprinting remains effective in all cases with stable attributes such as time zone and platform as well as high entropy attributes such as canvas fingerprinting and user agent strings. Privacy tools, privacy-focused browsers and more se-cure settings reduce fingerprinting activity, in some cases even significantly, but cannot eliminate it. Chrome and Edge exposed consistently the richest fingerprints, while Tor and Brave offer the strongest protections through spoofing. The conclusion is that browser choice and configuration significantly in-fluence fingerprinting resilience, yet no existing solution fully prevents tracking. Mitigation therefore requires a combination of technical defences, informed user practices and broader regulatory measures.