What is browser fingerprinting?

Browser fingerprinting is a technique that collects information about your browser and device to create a unique identifier. This includes your screen resolution, installed fonts, browser plugins, timezone, and many other attributes that, when combined, can uniquely identify you across websites.

How unique is my browser fingerprint?

Most browser fingerprints are surprisingly unique. Our database shows that over 90% of browsers have a unique combination of attributes. Factors like installed fonts, screen resolution, and graphics card information contribute most to uniqueness.

Can I prevent browser fingerprinting?

While difficult to completely prevent, you can reduce your fingerprint uniqueness by using privacy-focused browsers like Tor or Brave, disabling JavaScript, using standard screen resolutions, and minimizing installed fonts and plugins.

Is browser fingerprinting legal?

Browser fingerprinting legality varies by jurisdiction. Under GDPR in Europe, it may require user consent. Many websites use it for fraud prevention, security, and analytics. Our tool helps you understand what information is exposed.

What are the Three-Lock hashes?

AmiUnique.io uses a Three-Lock system: Gold Lock (hardware fingerprint surviving browser reinstalls), Silver Lock (software fingerprint tied to browser installation), and Bronze Lock (full session fingerprint including network factors).

Edge-first fingerprint API

Developer Documentation

Integrate browser fingerprinting into your applications with our open-source SDK and globally distributed API. Collect 80+ dimensions and verify uniqueness in under 100ms from anywhere in the world.

~80ms

Sub-100ms latency

Worldwide

Global coverage

80+

Dimensions collected

10 req/min

Rate limiting

Quickstart

Get started in 5 minutes

Install the collector SDK

pnpm add @amiunique/core

Collect and analyze fingerprints

import { collectFingerprint } from '@amiunique/core';

// Collect all 80+ dimensions
const fingerprint = await collectFingerprint();

// Submit to API
const response = await fetch('https://api.amiunique.io/api/analyze', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify(fingerprint),
});

const { data } = await response.json();

console.log('Hardware Hash (Gold):', data.hardware_hash);
console.log('Software Hash (Silver):', data.software_hash);
console.log('Full Hash (Bronze):', data.full_hash);
console.log('Uniqueness:', data.uniqueness.overall * 100 + '%');

Note: Collectors run entirely in the browser. The normalized payload is then POSTed to the Worker API. Response includes gold/silver/bronze hashes, uniqueness verdicts, and metadata for UI display.

Architecture

Three-Lock Hash System

Gold Lock

Hardware fingerprint

Device-level identity based on GPU, screen, audio context, and hardware capabilities. Survives browser reinstalls.

Stability: Most stable

Silver Lock

Software fingerprint

Browser-level identity combining plugins, fonts, feature flags, and rendering behavior. Tied to browser installation.

Stability: Stable

Bronze Lock

Full fingerprint

Session-level identity including network factors (IP, ASN, TLS) and all dimensions. Most granular tracking.

Stability: Session-bound

Collectors

80+ Fingerprint Dimensions

Hardware & Rendering

Canvas hashWebGL rendererAudio fingerprintGPU vendorScreen dimensions

System & OS

PlatformUser-AgentTimezoneInstalled fontsIntl APIs

Browser Capabilities

Storage APIsWeb WorkersWASM supportPermissionsDeviceMemory

Media Codecs

H.264H.265VP8VP9AV1OpusAAC

Network Edge

ASNTLS cipherHTTP protocolIP typeServer location

Behavior & Lies

Timezone consistencyWebGL spoofingCanvas noiseUA mismatch

Reference

API Endpoints

Base URL

https://api.amiunique.io

POST/api/analyze

Submit fingerprint payload and receive Three-Lock hashes with uniqueness metrics.

Response Example

{
  "success": true,
  "data": {
    "hardware_hash": "a1b2c3...",  // Gold Lock
    "software_hash": "d4e5f6...",  // Silver Lock
    "full_hash": "g7h8i9...",      // Bronze Lock
    "uniqueness": {
      "hardware": 0.0012,
      "software": 0.0089,
      "overall": 0.0003
    },
    "verdict": "highly_unique"
  }
}

GET/api/stats

Global counters including total fingerprints, unique sessions, and device counts.

Response Example

{
  "success": true,
  "data": {
    "total_fingerprints": 1234567,
    "unique_sessions": 892341,
    "unique_devices": 456789,
    "updated_at": 1701234567890
  }
}

GET/api/stats/browsers?limit=10

Browser distribution with counts and percentages for dashboard visualizations.

Response Example

{
  "success": true,
  "data": {
    "distribution": [
      { "name": "Chrome", "count": 45231, "percentage": "67.2" },
      { "name": "Firefox", "count": 12453, "percentage": "18.5" }
    ],
    "total": 67312
  }
}

GET/api/stats/daily?days=30

Time-series data for throughput trends and unique device tracking.

Response Example

{
  "success": true,
  "data": {
    "trends": [
      { "date": "2024-01-15", "total_visits": 4521, "unique_devices": 3892 }
    ],
    "period_days": 30
  }
}

GET/api/stats/os?limit=10

Operating system distribution across all analyzed fingerprints.

Response Example

{ "success": true, "data": { "distribution": [...] } }

GET/api/stats/countries?limit=20

Geographic distribution based on visitor location data.

Response Example

{ "success": true, "data": { "distribution": [...] } }

GET/api/stats/screens?limit=15

Screen resolution distribution for viewport analysis.

Response Example

{ "success": true, "data": { "distribution": [...] } }

GET/api/health

Health check endpoint for monitoring and uptime verification.

Response Example

{
  "status": "healthy",
  "timestamp": 1701234567890,
  "latency_ms": 2
}

TypeScript Support

Full type definitions included. Types mirror packages/core/src/types.ts for end-to-end type safety.

Hash Stability

Keep payload field ordering stable to avoid hash drift. The SDK handles normalization automatically.

Limits

Rate Limiting

Endpoint	Limit	Window
/api/analyze	10 requests	60 seconds
/api/stats/*	60 requests	60 seconds
/api/health	120 requests	60 seconds

Rate limits are per-IP and enforced at the edge. Exceeding limits returns 429 Too Many Requests.

Need enterprise features?

Turnstile protection, custom retention policies, dedicated export jobs, and SLA guarantees.

Contact Engineering View on GitHub

SOC 2 compliantGDPR ready99.9% uptime SLA