Browser Fingerprint Generator with Fraud Detection & Bot Protection

FingerprinterJS is a modern JavaScript library that generates unique and reliable browser fingerprints for web applications.

The library enables you to create a consistent identifier for a user’s browser by collecting various attributes like screen resolution, installed fonts, and WebGL properties.

We found most practical is its built-in intelligence. It automatically filters out unstable data that changes frequently, so the fingerprint remains consistent across sessions.

It also includes a powerful suspect analysis feature to detect bots and other suspicious activity right out of the box.

Features:

• Complete fingerprinting using multiple techniques, including Canvas, WebGL, Audio, and Fonts.
• TypeScript support with included type definitions for a better developer experience.
• Modular architecture that lets you exclude specific collectors you don’t need.
• Works across all modern browsers with no external dependencies.
• Lightweight bundle optimized for production environments.
• SHA-256 hashing for secure fingerprint generation when available.
• Automatic filtering of unstable data to maintain fingerprint consistency.
• Built-in bot and fraud detection capabilities with risk scoring.

How to use it:

1. Install fingerprinter-js with NPM and import it into your project.

# NPM
$ npm install fingerprinter-js

import Fingerprint from "fingerprinter-js";

<!-- OR -->
<script type="module">
import { Fingerprint } from "../dist/index.esm.js";
window.Fingerprint = Fingerprint;
</script>

2. Generate a fingerprint with a single static method call.

// Generate the fingerprint
const result = await Fingerprint.generate();

// The unique identifier string
console.log(result.fingerprint); // "123456..."

// A score indicating the fingerprint's reliability
console.log(result.confidence); // 80

The confidence score is a percentage that tells you how reliable the fingerprint is. A score above 90 is very reliable, while anything below 50 suggests many browser attributes were unavailable.

3. You can create a Fingerprint instance to pass in custom options. This is where you can exclude certain collectors or add your own stable data.

const instance = new Fingerprint({

  // Exclude collectors you don't need
  excludeScreenResolution?: boolean;
  excludeTimezone?: boolean;
  excludeLanguage?: boolean;
  excludeCanvas?: boolean;
  excludeWebGL?: boolean;
  excludeAudio?: boolean;
  excludePlugins?: boolean;
  excludeFonts?: boolean;
  allowUnstableData?: boolean; // Allow including temporal data (default: false)

  // Add your own stable data to the fingerprint
  customData: {
    version: "1.2",
    userId: "user-id-from-your-db",
  },

});

4. One of the library’s most powerful features is its suspect analysis. To use it, set the includeSuspectAnalysis option to true. The suspectAnalysis object contains a score from 0-100, a riskLevel (LOW, MEDIUM, HIGH), and an array of signals that describe what triggered the score.

const result = await Fingerprint.generate({
  includeSuspectAnalysis: true,
});

if (result.suspectAnalysis.score > 70) {
  // High probability of being a bot or fraudulent user
  console.log("Suspicious activity detected!");
  console.log("Signals:", result.suspectAnalysis.signals);
}

5. You can access individual fingerprint components without generating the final hash:

const instance = new Fingerprint();
const components = await instance.getComponents();

console.log(components);
// {
//   userAgent: "Mozilla/5.0...",
//   language: ["en-US", "en"],
//   timezone: "America/New_York",
//   screen: { width: 1920, height: 1080, ... },
//   canvas: "data:image/png;base64,...",
//   webgl: { vendor: "Google Inc.", ... }
// }

FAQs

Q: How stable is the fingerprint if a user updates their browser?
A: It depends on the update. Minor patch updates usually don’t change the fingerprint. A major version update, like from Chrome 138 to 139, might alter the WebGL renderer or other attributes, which would change the fingerprint. The library is designed to be resilient, but no fingerprint is permanent. The confidence score helps you understand its reliability at any given time.

Q: Can I use this on Node.js?
A: No. The library is designed for the browser environment only. It depends on browser-specific APIs like Canvas, WebGL, and the navigator object, which are not available in a Node.js runtime.

Q: What’s the performance impact of generating fingerprints?
A: Fingerprint generation typically takes 50-200 milliseconds depending on enabled collectors and device performance. Canvas and WebGL collectors are the most resource-intensive, while basic browser property collection is nearly instant. You can optimize performance by excluding heavy collectors an

The post Browser Fingerprint Generator with Fraud Detection & Bot Protection appeared first on CSS Script.