Browser Fingerprinting

Google has created your permanent trackable browsing identity during your daily use of the web. That identity follows you to each site you visit. Every. Single. Day.

Like it or not, Google has implemented digital fingerprinting as of February 16, 2025. This means that your browser has been uniquely identified, stored in a Google database, and sold to advertisers. You can now be identified by each web site that uses Google's platforms and analytics tools to have advertisements specifically targeted to you. If you are logged in to an Amazon, Facebook, Google, or Microsoft account with your identified browser, your logged-in account data is also tied to that unique browser.

Search for doughnuts? You'll see more ads for doughnuts in search results and many other web sites. Search for medicines or medical conditions? Receive ads for drugs or treatments. Click on an item while online window shopping, receive ads for that or similar items at other retail sites or in search results.

While the database is usually used for ads, it is potentially a nightmare for political activists and journalists. The government can currently subpoena your Google Account and search history. Now data can be specifically tied to the browser and you as part of the subpoena. What could go wrong?

Google is not the only storage location for your browser fingerprint and identity. There is a vast Data Surveillance Industrial Complex that has grown out of the online advertising industry whose sole purpose is to track, categorize, and package groups of similar identities to sell to advertisers, governments, corporations, and anyone else willing to pay their fees. The U.S. Government routinely purchases data and profiles for intelligence gathering and law enforcement. Profile databases are also gold mines for those organizations attempting to shape public opinion and, combined with voter registration records, are used to promote political outcomes, as was the case with Facebook and Cambridge Analytica.

Google Chrome's tracking and fingerprinting capability generates a vast array of user behavior and insights. Customer online behavior has become so important that some sites are designed to collect the maximum tracking data available within Chrome. Those sites will present reduced functionality or may not function at all when using an alternative browser. If the site provides important product or service desired, you must then make an informed decision to use Chrome to purchase those products or services instead of a web browser that defends against online tracking.

Google reCAPTCHA

Have you ever been prompted by a web site with a visual puzzle to identify all the squares with a bicycle in them prior to being allowed access? This is Google reCAPTCHA, which stands for "repeated Completely Automated Public Turing test to tell Computers and Humans Apart". Your browser and human behavior are being fingerprinted.

Here is how Google reCAPTCHA works:

• in your local browser local storage, a small file is delivered, known as a cookie. The cookie identifies you and your specific device.

• Pixel-by-pixel fingerprinting: reCAPTCHA takes a pixel-by-pixel snapshot of your browser window, capturing information such as:

  • Your network address

  • Browser type and version

  • Screen resolution and size

  • Operating system and version

  • Language and locale settings

  • Browser plugins and extensions

  • Mouse and keyboard behavior

• Risk analysis engine: reCAPTCHA uses a risk analysis engine to evaluate your behavior and device characteristics. This engine assesses the likelihood of you being a human or a bot.

• Score-based verification: reCAPTCHA returns a score to the website, indicating the risk level of your interaction. If the score is above a certain threshold, you are considered human and are allowed to proceed.

• It's worth noting that reCAPTCHA also uses other methods to verify human users, such as:

  • Account verification: If you are currently logged in to your Amazon, Meta/Facebook/Instagram, Google or Microsoft account, reCAPTCHA uses this information to verify your identity by reading their cookies in your browser's local storage. There is no easy or practical way to prevent other sites from reading any of the other cookies in local browser storage.

  • Behavior analysis: reCAPTCHA analyzes your behavior, such as mouse movements and click patterns, to determine if you are a human or a bot.

  After having your browser fingerprint stored, the cookie dropped into your browser identifies and connects you and your browser with that fingerprint. You can return to the site and, if your browser cookie and fingerprint matches the ones stored online, you are allowed access without solving the puzzle again. The fingerprint and cookie lookups take mere milliseconds, short enough to be imperceptible to humans.

How can you protect your privacy?

Clear Browser Cookies

The first way to protect your privacy is to adjust your browser settings to forget all cookies upon session and browser exit. This does not erase your fingerprint and you will likely be required to solve the visual reCAPTCHA puzzle at next login to any sites using them.

Disrupt Fingerprint Databases

We cannot prevent browser fingerprinting but we can make those profile databases less reliable to advertisers and data brokers. We do this by switching from Google Chrome to a browser with built-in fingerprint resistance. Microsoft Edge has some fingerprint resistance, however, it does store browser behavior information in Microsoft's databases.

• The objective of fingerprint resistance is to disrupt fingerprint databases by presenting a unique browser fingerprint to each web site encountered, thereby filling databases across the web with unreliable data. The result: Garbage in, garbage out. How many web sites do you visit in a week? With a fingerprint resistant browser, each of those sites thinks you are a unique user again, and again, and again. This makes it much more difficult to track your daily browsing activity across the web resulting in fewer "relevant" advertisements and less reliable data collected by data brokers.

  Several browsers and extensions have been developed that are specifically designed to present random fingerprints to sites, also known as fingerprint resistant or fingerprint defenders. Examples of fingerprint resistant browsers are Firefox, Brave, Opera, and several others.

Choosing a Fingerprint Resistant Browser

Google Chrome is an open source browser. Google allows anyone to download and modify its Chrome source code for free. This has led to a plethora of Chrome-based browsers that have removed Google's tracking code and substituted fingerprint resistance. The public benefits from modified browsers retaining the ability to access and use a wide array of Chrome extensions available in the Chrome Web Store. Chrome extensions are used to "extend" browser functionality beyond what is provided by Google and software developers. Examples of common extension plug-ins are password managers, privacy enhancements, disabling automatic playing of audio and video, screen capture, and a host of other capabilities.

A Note on the Firefox Browser

Mozilla Foundation's Firefox browser has held second place market share for several years, well behind market leading Google Chrome. Firefox's major attraction has been its focus on privacy and security. Firefox has well developed fingerprint resistance. Mozilla operates as a nonprofit organization and funding has been challenging. In late February 2025, Mozilla created a public relations nightmare by walking back its promise to not share user browsing data. Many people are abandoning Firefox for Chrome-based browsers and Firefox's reputation has been damaged.

• LibreWolf: LibreWolf is a privacy-focused fork of Firefox, which can be used with the Chrome engine. It includes a feature called "ResistFingerprinting" which aims to prevent fingerprinting by standardizing certain browser characteristics.

• Firefox has faced reputation issues primarily due to its historical performance compared to Chrome. When Chrome was first introduced, Firefox was perceived as slower, contributing to Chrome's rapid rise in popularity. Additionally, some users remember Firefox from its earlier days when it was part of Netscape, which may influence their perception negatively.

• Another factor affecting Firefox's reputation is that many modern websites are optimized for Chrome, leading to impaired performance and reduced functionality issues when accessed with Firefox. This problem persists even if Firefox's speed and security remain competitive on other web sites.

Fingerprint Resistant Chrome-Based Browsers

Here are some Chrome-based browsers that offer fingerprint-resistant features:

• Brave Browser: Brave is a popular Chrome-based browser that offers fingerprint-resistant features, including a fingerprint randomizer and tracker blocker.

• SRWare Iron: SRWare Iron is a Chrome-based browser that offers fingerprint-resistant features, including a fingerprint blocker and tracker blocker.

• Comodo Dragon: Comodo Dragon is a Chrome-based browser that offers fingerprint-resistant features, including a fingerprint blocker and tracker blocker.

• Tor Browser (with Chrome engine): The Tor Browser is a privacy-focused browser that uses a modified version of the Chrome engine. It includes fingerprint-resistant features, including a fingerprint randomizer and tracker blocker.

• There are several more available not included in this write-up.

Brave Browser Option

I gave up Firefox years ago due to reputation issues and web site optimizations for Chrome noted above. After reviewing various Chrome-based browser comparisons, my choice has become the Brave browser.

Browser Profiles

One useful feature of most browsers is the concept of user profiles. Profiles allow different browser configurations for different purposes. For example, profiles can be configured for:

• Online financial services

• Shopping

• Bill payments

• Children's activities

• School or work

• Gardening

• Entertainment

• Health & Wellness

• Hobbies

The degree of separation of internal functionality differs between each browser. Google Chrome itself wants to be logged in to a single account on a single site. Brave browser developers have adjusted Chrome internals and fingerprint resistance to allow multiple logins to one site, each with a different site account, and remain internally separated within each profile.

For example, I have two Substack publications, each with a different associated email address: Paul's Visual Arts and Essential Risk Management. I set up a Brave profile for each account with different bookmarks and extensions. I use 1Password password manager and Malwarebytes Browser Guard in both profiles. I can then login to Substack with each profile using the appropriate account email address. Brave's internal separation makes its presence known to Substack as two different browsers, without any internal session overlap. In this scenario, standard Google Chrome is unable to present as two separate browsers due to its internal tracking mechanisms.

My use case for being logged in to Substack with two separate accounts is to enable me to apply some automation using the Scheduled Notes Extension for Google Chrome, from software developer

Setting Up Brave Profiles

Brave Profiles for Techies

To create Brave profiles, follow these steps:

• Open Brave and click on your avatar in the top-right corner, click "Settings", click "Profile name and icon", then select "Get started"

• Click on "Profile name and icon" in the window to create a new profile.

• Name your profile

• Pick themes and colors

• Done

Each profile maintains separate bookmarks, extensions, and browsing data like cookies and history, allowing you to compartmentalize your browsing for privacy. Add the bookmarks, extensions, and themes that work for the new profile. Switch profiles by clicking on your avatar in the top-right corner, then select you desired profile.

Brave Profiles for the Non-Technical

There are many amazing and brilliant people, just like you, who will read this article. Words, Cooking, The Arts, or Body/Mind/Spirit are your expertise, for example. Your encounters with technology are avoided when possible, yet necessary for daily life. You implement the steps above, then feel lost or want a helping hand to get your profiles up and configured properly.

• Do you find that tinkering with technology settings is more akin to a root canal?

• Are you frustrated with how much data is collected about your web browsing?

• Does making informed choices about how much browsing data to give up in order to purchase a product or service make you feel like a stronger consumer?

• How would it feel to play your part, however small, in disrupting the Data Surveillance Industrial Complex every day?

If you found this information helpful, you're not alone! Many people rely on our community for expert advice on staying safe online. To take your protection to the next level, consider becoming a PAID subscriber to Essential Risk Management.

For just a small fee, you'll get access to an exclusive tool, included below with this post, that will give you and your loved ones even more peace of mind when browsing the web. We're grateful for your support and look forward to helping you stay safe online.