Canvas-based fingerprint: what is it and how does it work?

Canvas-based fingerprint: what is it and how does it work?

I erased my traces, replaced the IP. I even wiped the mouse with a wet napkin, but my actions were tracked anyway. But how is this possible? After all, all digital traces were erased. And Canvas?

Privacy on the Internet is not so simple right now… Or rather, there is no privacy at all. And no matter how hard a user tries to cover their tracks, the long-nosed ad networks, analytics platforms and antifraud systems will still track down and determine their interests, tastes and preferences. And then they find out your gender, age... And then it's not far from your first and last name and address. Therefore, you should protect your data properly by replacing them with someone else's. Including Canvas, which many antidetect users forget about… Because they don't know what kind of "canvas" it is.

Let's go through all the components of the fingerprint

Hiding with anonymous browsers is both convenient and effective. With their help, sometimes you can disguise yourself so that you don't recognize yourself. And such cases have happened in practice. But to achieve such high results, it is necessary to properly prepare digital prints. It is these that anti-detectors use to hide the true characteristics of the user.

Fingerprint is a set of features encapsulated in one general term. The signals included in it allow antidetects to bypass all site blockages. As well as carry out any volume of multi-account activity on them.

The parameters that make up the digital fingerprint parameter set can be divided into several groups:

  • The main ones are: OS, browser, its version, screen resolution, CPU clock speed, RAM. As well as the values included in the User-Agent.

The User-Agent string is part of the HTTP header sent by the application (in our case, the browser) to the server. This line contains the values of the characteristics of the user device and its local settings. Some of the parameters specified in the User-Agent match the parameters passed through other parts of the fingerprint. Therefore, it is important to ensure their compatibility. To do this, Undetectable has added a tool in the digital fingerprint settings to check the identity of these values.

  • Network – time zone, geolocation, WebRTC.

The WebRTC protocol is used to transmit packets of information on the Internet using peer-to-peer technology. It is most often used for transferring multimedia data (voice and audio) between web applications. The work of all streaming services is based on it. This protocol also allows trackers and antifraud systems to bypass the proxy server to determine the client's IP.

  • System – application window size, font set, WebGL and Canvas.

The WebGL library is used to add the ability to create three-dimensional graphics to JavaScript in any browser. The library also allows security systems to retrieve information about the video processor of the user's device.

And so gradually, step by step, we got to our goal for today - the Canvas fingerprint system parameter. It will now have our full attention, and here's why...

What is Canvas?

The essence and purpose of this element is easy to understand from its name. Canvas allows the browser to draw graphical content on a web page by itself. It is most often used together with a JavaScript script embedded on the page. But it will not be possible to characterize and explain the meaning of Canvas in two sentences. Because it is multifaceted.

First of all, Canvas is a hypertext language tag that became part of it after the launch of HTML5. With this tag you can not only draw two-dimensional graphic primitives on a web page, but also embed multimedia content on the canvas. Including video and audio.

At the moment Canvas is a generally accepted standard in web development. It is supported by all versions of mobile and desktop browsers. Including Internet Explorer, which is practically no longer used, and its support by Microsoft has been discontinued.

And this is not a lyrical digression about the plight of IE, but an indisputable fact that will allow us to understand how important Canvas is for quality multi-account activity with anti-detects.

But what does anonymity, fingerprints and anti-detection browsers have to do with it? After all, an HTML tag cannot be used to track user actions and identify him. Since Canvas is an established, widespread technology and these tags are present (used) in the markup of millions of sites...

All these questions arise because we are unaware of the other side of Canvas. But one that advertising and analytics platforms are so well aware of, sticking their noses into every aspect of users' online lives.

Other talents of Canvas

Each person has his own handwriting, which is unique to him. Therefore, by means of graphological examination, it is possible to establish the author of a particular text. But it turns out that not only people have handwriting, but also computers.

The main condition that must be met to identify the user through Canvas is to make the devices draw some primitive. After that, a sample of the "handwriting" should be sent to a graphologist, who, in the case of fingerprints, are anti-fraud systems and analytical platforms.

The Canvas tracking mechanism itself is based on the way each computer, smartphone or other type of user device processes the same drawn graphic element.

The Canvas-based identification mechanism proceeds as follows:

  • When a user visits a site that is integrated with the tracker, the browser is instructed to draw some graphical primitive.
  • A unique token is then derived from the rendering analysis data, which allows you to determine the "identity" of the device with an accuracy of up to 90%.
  • At the same time, the value of the generated token is not stored in cookies, but is recorded in a global database.
  • After that, each subsequent visit to any tracking resource will be a similar rendering of the graphical primitive, and the resulting identifier is compared with the values in the database.

When determining a user's digital identity using Canvas, the following device specifications are taken into account:

  • Central processor.
  • Video card.
  • OS.
  • Features of the processing mechanism.
  • The level of image compression.
  • Export parameters.

Also as a sample for identification instead of a graphical primitive the browser can send a text string. In that case, to the above set are added anti-aliasing and sub-pixel rendering settings.

At the same time, it should be understood that using Canvas as a separate source of information for determining the device is ineffective. Since the information aggregated for token generation is transmitted only through the User-Agent string, which provides low identification accuracy.

In addition, the entire mechanism of Canvas-based fingerprints depends entirely on the browser's support for JavaScript. It is in it are written the scripts needed to load and render graphical primitives on demand. If the browser does not support JS or has disabled scripts execution, the tracking system will not be able to get the data to generate the token value.

In addition, no site tracking and security system relies solely on Canvas information. We mentioned above the efficiency of this method of identification at the level of 90%. But such a high indicator is achieved only in laboratory conditions. And in practice?

How much can Canvas be trusted?

In reality, if all antifraud systems applied identification only on the basis of the "canvas", then the need to use such high-quality antidetects as Undetectable would disappear once and for all.

To get a nonvalid Canvas-generated token, the user only needs to change their browser or even upgrade to a newer version. Therefore, this mechanism is only a secondary part of the technology for obtaining fingerprints.

Field tests of this digital identity identification method also prove its low effectiveness. To check the accuracy of Canvas-based fingerprints, the authors of the experiment used more than a hundred computers. Most of them worked on Windows 10. Which made it possible to create even more stringent conditions for the test. But at the same time, computers, tablets and laptops were radically different from each other in technical stuffing. First of all, the models and characteristics of video cards, as well as the installed set of drivers.

A brief extract from the results of the experiment:

  • The tokens of many discrete cards coincided with the Canvas tokens of computers with integrated video cards.
  • Fifteen laptops tested in a row had the same fingerprints.
  • Even the digital prints of computers from different manufacturers matched.

For example, the 2018 Dell laptop has the same Canvas-based fingerprint as the 2012 HP laptop.

  • All MacBook Pro models that were released within six years (from 2012 to 2018) also have the same tokens.
  • Tablets and laptops on Windows have similar fingerprints.

As you can see, it is difficult to achieve the uniqueness of digital prints based on Canvas. Therefore, it is very easy to pass verification for this type of fingerprint. Because the probability of matching the value of the token with the token of another user is very high. Including due to the constantly increasing number of mobile and desktop devices with Internet access.

It is also possible to question the validity of databases in which Canvas-based tokens are stored. Most likely, about 10-15% of their values are repeated. So using these databases to identify users without other fingerprint parameters is ineffective.

So is it worth worrying?

Based on the above facts, it is clear that Canvas is a weak signal for antifraud systems because of the low identification accuracy it provides.

However, in some situations, the value of this parameter may be decisive. Therefore, it is present in the Undetectable fingerprint settings. At the same time, the user of the antidetector can turn it off or select the "Noise" mode, in which the Canvas value will be generated randomly.