Canvas fingerprinting is a special form of browser fingerprinting developed and used primarily (over 95 percent) by web analytics firm AddThis, although other companies such Plenty of Fish and German digital marketer Ligatus are also guilty.
As with browser fingerprinting, it is a sneaky way to uniquely identity web users’ browsers, so that individuals can be tracked for advertising purposes as they visit different sites across the web.
It is a script that works by asking your browser to draw a hidden image, and uses tiny variations in how the image is drawn to generate a unique ID code, which can then be used to track you.
In theory you can install the AddThis opt-out cookie to opt out of targeted advertising by AddThis, but this means that you have to trust AddThis to keep their keep its word over not targeting you for ads, and does not anyway protect you from actually being fingerprinted.
Canvas fingerprint before using CanvasBlocker
Canvas fingerprint using CanvasBlocker in default ‘fake readout’ mode (screenshot also shows available CanvasBlocker options)
In addition to the default ‘fake readout’ mode, you can chose how CanvasBlocker deals with canvas requests by default (block readout, ask for readout, block everything, allow only on whitelist, ask for permission, block only black list, and allow everything)
An interesting option is to allow canvas in PDF’s, as Firefox’s native PDF reader uses canvas to display PDF content.
You can check whether CanvasBlocker (or any other canvas fingerprinting blocking method) is working, visit the HTML5 Canvas Fingerprinting test page on Browserleaks.com.
The CanvasBlocker Add-on for Firefox can be downloaded here, and Chrome users can download a similar extension called CanvasFingerprintBlock here.