https://engineering.tamu.edu/news/2025/06/websites-are-tracking-you-via-browser-fingerprinting.html Skip To Main Content Departments Info For Giving Contact Search * Aerospace * Biological & Agriculture * Biomedical * Chemical * Civil & Environmental * Computer Science & Engineering * Electrical & Computer * Engineering Technology & Industrial Distribution * Industrial & Systems * Materials Science & Engineering * Mechanical * Multidisciplinary * Nuclear * Ocean * Petroleum * Prospective Students * Current Students * Faculty & Staff * Former Students Search [ ] Search Texas A&M University Engineering Menu About Academics Admissions and Aid Student Life Research Partner With Us Search [ ] Search * About * Academics * Admissions and Aid * Student Life * Research * Partner With Us * Giving * Contact About * About Us * The Vice Chancellor and Dean * Facts and Figures * News * Our Departments * Contact Us * Zachry Engineering Education Complex Academics * Academics * Advising and Support * Degree Programs * Engineering Academies * Online Degrees by Department * Online Courses * Our Departments * Engineering Global Programs Admissions and Aid * Admissions and Aid * Advising and Support * Undergraduate Admissions * Graduate Admissions * Transfer Students * Entry to a Major * Explore Engineering Career Paths * Visit With Us Student Life * Student Life * Find Your Community * Get Creative * Interact with Industry * Solve Problems * ENGR[X] * SuSu and Mark A. Fischer '72 Engineering Design Center * Meloy Engineering Innovation and Entrepreneurship Program Research * Research * Undergraduate Research * Autonomy and Robotics * Education and Training Research * Energy Systems and Services Research * Health Care Research * Infrastructure Research * Materials and Manufacturing Research * National Security and Safety Research * Space Engineering Partner With Us * Partner With Us * Industry * Donors * Spark! PK-12 Engineering Education Outreach * Researchers * Volunteers * Reach Our Divisions * Home * News * Websites Are Tracking You Via Browser Fingerprinting Websites Are Tracking You Via Browser Fingerprinting New research provides first evidence of the use of browser fingerprints for online tracking. June 18, 2025 By Department of Computer Science and Engineering Media Contact Engineering News engineeringnews@tamu.edu * Computer Science and Engineering * Current Students * Cybersecurity * Faculty * Graduate * Research * Texas A&M Engineering Experiment Station (TEES) A cursor hovering above a "Reject-nonessential cookies" button. Image: Danielle Benavides/Texas A&M Engineering Clearing your cookies is not enough to protect your privacy online. New research led by Texas A&M University found that websites are covertly using browser fingerprinting -- a method to uniquely identify a web browser -- to track people across browser sessions and sites. "Fingerprinting has always been a concern in the privacy community, but until now, we had no hard proof that it was actually being used to track users," said Dr. Nitesh Saxena, cybersecurity researcher, professor of computer science and engineering and associate director of the Global Cyber Research Institute at Texas A&M. "Our work helps close that gap." When you visit a website, your browser shares a surprising amount of information, like your screen resolution, time zone, device model and more. When combined, these details create a "fingerprint" that's often unique to your browser. Unlike cookies -- which users can delete or block -- fingerprinting is much harder to detect or prevent. Most users have no idea it's happening, and even privacy-focused browsers struggle to fully block it. "Think of it as a digital signature you didn't know you were leaving behind," explained co-author Zengrui Liu, a former doctoral student in Saxena's lab. "You may look anonymous, but your device or browser gives you away." This research marks a turning point in how computer scientists understand the real-world use of browser fingerprinting by connecting it with the use of ads. "While prior works have studied browser fingerprinting and its usage on different websites, ours is the first to correlate browser fingerprints and ad behaviors, essentially establishing the relationship between web tracking and fingerprinting," said co-author Dr. Yinzhi Cao, associate professor of computer science and technical director of the Information Security Institute at Johns Hopkins University. Think of it as a digital signature you didn't know you were leaving behind. You may look anonymous, but your device or browser gives you away. Zengrui Liu To investigate whether websites are using fingerprinting data to track people, the researchers had to go beyond simply scanning websites for the presence of fingerprinting code. They developed a measurement framework called FPTrace, which assesses fingerprinting-based user tracking by analyzing how ad systems respond to changes in browser fingerprints. This approach is based on the insight that if browser fingerprinting influences tracking, altering fingerprints should affect advertiser bidding -- where ad space is sold in real time based on the profile of the person viewing the website -- and HTTP records -- records of communication between a server and a browser. "This kind of analysis lets us go beyond the surface," said co-author Jimmy Dani, Saxena's doctoral student. "We were able to detect not just the presence of fingerprinting, but whether it was being used to identify and target users -- which is much harder to prove." The researchers found that tracking occurred even when users cleared or deleted cookies. The results showed notable differences in bid values and a decrease in HTTP records and syncing events when fingerprints were changed, suggesting an impact on targeting and tracking. Additionally, some of these sites linked fingerprinting behavior to backend bidding processes -- meaning fingerprint-based profiles were being used in real time, likely to tailor responses to users or pass along identifiers to third parties. Perhaps more concerning, the researchers found that even users who explicitly opt out of tracking under privacy laws like Europe's General Data Protection Regulation (GDPR) and California's California Consumer Privacy Act (CCPA) may still be silently tracked across the web through browser fingerprinting. Based on the results of this study, the researchers argue that current privacy tools and policies are not doing enough. They call for stronger defenses in browsers and new regulatory attention on fingerprinting practices. They hope that their FPTrace framework can help regulators audit websites and providers who participate in such activities, especially without user consent. This research was conducted in collaboration with Johns Hopkins University and presented at the ACM Web Conference (WWW) 2025. Funding for this research is administered by the Texas A&M Engineering Experiment Station (TEES), the official research agency for Texas A&M Engineering. * Computer Science and Engineering * Current Students * Cybersecurity * Faculty * Graduate * Research * Texas A&M Engineering Experiment Station (TEES) * Facebook * Twitter * LinkedIn * Email * Print In This Story Nitesh Saxena * Nitesh Saxena Related Stories Engineering Texas A&M University Texas A&M University College of Engineering, 3127 TAMU, College Station, TX 77843-3127 (ZACH) * easa@tamu.edu * 979-845-7200 * Staff Directory * Site Map * Site Policies * About this Site * Employment Follow Us: Facebook Twitter LinkedIn Instagram YouTube * The College of Engineering is a member of Texas A&M University * Texas A&M Engineering is a member of The Texas A&M University System Copyright (c) 2023, Texas A&M Engineering Communications, All Rights Reserved * State of Texas * Texas Homeland Security * Open Records * Risk, Fraud, & Misconduct Hotline * Accommodations * Statewide Search * Texas CREWS * Environmental Health, Safety, & Security