GlossaryAnti-BotAdvanced

Canvas Fingerprinting

Canvas fingerprinting is a tracking technique that uses the HTML5 Canvas API to draw hidden graphics and measure tiny rendering differences unique to your device. These differences form a stable identifier used to track and detect users.

Last updated June 8, 2026

Definition

Canvas fingerprinting is a browser fingerprinting method that exploits the HTML5 <canvas> element to generate a near-unique identifier for a device. It works without cookies and persists across sessions, making it a favorite tool of anti-bot and tracking systems.

How It Works

A script instructs the browser to render text or graphics onto a hidden canvas, then extracts the pixel data using toDataURL(). Because GPU, graphics drivers, operating system, font rendering, and anti-aliasing all vary between devices, the resulting image differs subtly from one machine to another. Hashing this output produces a stable fingerprint.

  • Cookieless: No data is stored on the device.
  • Persistent: Survives clearing cookies and incognito mode.
  • Hardware-driven: Reflects GPU and driver characteristics.

Why It Matters for Scraping

Headless browsers and automation frameworks often produce canvas outputs that are identical across many sessions or match known bot signatures. Anti-bot vendors use canvas fingerprints to link requests, detect emulated environments, and flag automation even behind clean residential proxies. Scrapers counter this with anti-detect browsers that randomize or spoof canvas readings.

Examples

1

A site rendering hidden text to a canvas and hashing the pixels to track a returning visitor

2

An anti-detect browser injecting noise into canvas output to defeat fingerprinting

3

Headless Chrome producing an identical canvas hash across thousands of requests, flagging it as a bot

Common Use Cases

Tracking users across sessions without cookies
Detecting headless and automated browsers
Linking multiple scraping requests to a single device
Fraud prevention and account-abuse detection

Frequently Asked Questions

No. Canvas fingerprinting stores nothing on your device; it derives an identifier from how your hardware renders graphics, so it survives cookie clearing and incognito mode.
Anti-detect browsers add randomized noise to canvas output or spoof consistent, realistic values per profile, breaking the link between requests and a single fingerprint.

Keep Learning

All terms

Browser Fingerprinting

Browser fingerprinting identifies and tracks a device by combining dozens of browser and system attributes — like fonts, canvas rendering and user agent — into a near-unique signature.

Read definition

Anti-Detect Browser

An anti-detect browser lets you run many isolated browser profiles, each with its own fingerprint, cookies and proxy, so sites see them as separate, genuine users.

Read definition

User Agent

A user agent is the identifying string a browser sends with every request, telling the server which browser, version and operating system you are using.

Read definition

Headless Browser

A headless browser is a real browser that runs without a visible interface, controlled by code — the workhorse for scraping JavaScript-heavy sites and automation.

Read definition
Back to Glossary