Visual Demonstration of Canvas Anti-Fingerprinting

Canvas fingerprinting draws hidden graphics and re-reads the raw pixels to collect a stable, device-specific hash; some browsers randomise those pixels to break the signature.

More about canvas fingerprinting

JavaScript can draw text or shapes on an off-screen canvas, then call toDataURL() or getImageData() to read back the exact pixels. Those pixels encode subtle details of your GPU, driver, fonts and sub-pixel rendering. Trackers hash them into a high-entropy identifier that survives state clearing. Privacy-focused browsers disrupt the attack by randomizing a few bits of the returned pixels, so the hash is no longer stable between sites and sessions.

  1. Expected: mint-green reference canvas.
  2. Actual read-back: what the browser returned and what the user would see. Any injected noise is subtle.
  3. Noise highlighted: differing pixels flipped to a contrasting color to exaggerate the noise.
Expected pattern
Actual read-back
Noise highlighted