As cross-site trackers, data breaches, and identity theft plague the internet, many have turned to Brave, Tor, Firefox, and other privacy-focused browsers to reclaim control over their personal information.

These privacy-centric platforms offer users settings and tools to browse the web privately and securely. However, they also provide cover for more sinister agendas, and bad actors increasingly leverage the anonymity given by these browsers to slip past fraud prevention systems.

While enabling privacy-focused settings does not indicate suspicion, detecting their use can serve as an additional data point in assessing the potential fraud risk of visitors.

This article will cover some of the features and settings of privacy-focused browsers, how to detect them, and the implications of their usage in the context of fraud risk assessment.

Examples of Privacy-Focused Settings

Privacy-focused browsers and settings have seen a surge in popularity as users become more privacy-aware. These browsers offer a way to navigate the web without being profiled by advertisers, avoiding surreptitious data gathering by trackers, and often with the added benefit of accessing censored content or getting around location-based restrictions.

Some privacy-focused browsers even offer settings that separate browsing sessions into multiple layers or circumvent network surveillance that could compromise user identity. These browsers provide an extra level of privacy and security and can also give activists, journalists, and those living in oppressive conditions access to uncensored information and secure communication.

These browsers usually come equipped with configurable features such as:

Tracker Blocking

Tracker blocking aims to prevent third parties from monitoring user activity, making it harder for companies to track users' movements across the web. Firefox, for instance, offers Enhanced Tracking Protection, which offers multiple levels of protection against social media trackers, cross-site tracking cookies, and more. Similarly, Safari's Intelligent Tracking Prevention uses machine learning to identify and block trackers, minimizing cross-site tracking and hiding the user's IP address by default.

Fingerprinting Protection

Browser fingerprinting analyzes data such as browser version, language, time zone, screen resolution, and more to create a unique identity or "fingerprint" for each website visitor.

Fingerprinting protection aims to disrupt this identification by limiting the amount of information websites can collect about a device, making it harder for companies to uniquely identify a user's browser without relying on cookies. Many browsers, such as Firefox and Brave, offer these capabilities as a part of their tracking protection.

Strict Cookie Management

Cookies, especially third-party cookies, are widespread for tracking user activity across multiple sites. Stricter cookie policies in privacy-focused browsers allow users greater control over their digital footprint by significantly limiting the usability or lifetime of cookies.

Google recently announced the eventual elimination of third-party cookies from Chrome altogether and added cookie management features such as CHIPS that individually partition cookie storage by site.

Traffic Redirection

Traffic redirection features offer users enhanced privacy by concealing their IP address and encrypting their internet traffic.

Tor Browser is the epitome of traffic redirection, routing user activity through its network of servers, providing anonymity and protection against surveillance. Brave also integrates Tor in private browsing tabs, allowing for encrypted browsing within a standard browser environment.

Additionally, browsers like Opera have built-in VPNs, offering straightforward traffic encryption and IP masking without needing external services.

Enhanced Encryption

Ensuring secure connections to websites is fundamental for privacy. Features like "HTTPS by Default" automatically switch websites from HTTP to HTTPS, encrypting the data sent and received to prevent eavesdropping, and are available by default in browsers like Brave and Safari.

Similarly, encrypted Domain Name System (DNS) queries can enhance user privacy. For instance, Firefox offers DNS-over-HTTPS (DoH), which encrypts DNS requests to prevent third parties from spying on which websites users visit.

Ad Blockers

Integrated ad blockers are not limited to explicitly privacy-focused browsers but are an additional way to protect users from ad trackers collecting their data. Opera, for example, includes a built-in ad blocker that removes ads and speeds up loading times, enhancing privacy and performance. Another browser with ad-blocking built-in is Brave, which comes with Brave Shields to block ads, trackers, and more.

Do Not Track (DNT)

While its effectiveness relies on websites honoring the request, the Do Not Track setting, available in browsers such as Firefox, Chrome, and Safari, signals to websites that the user prefers not to be tracked. This feature reflects a user's desire for privacy, although website compliance is voluntary.

Implications of Privacy-Focused Settings in Risk Assessment

Browsers and settings that focus on privacy offer features that protect user privacy. However, malicious actors can also use these same configurations and tools to hide fraudulent activity and maintain anonymity.

Detecting attempts to hide or obfuscate browser characteristics can suggest varying levels of suspicion, depending on the website type and its typical user activity. For instance, obfuscation might be a bigger concern for financial services compared to content streaming platforms.

Nonetheless, companies should not rely solely on this data point for decision-making. Instead, they should combine it with other inputs and data for a comprehensive risk assessment.

A user who uses privacy-focused settings without any other suspicious indicators should probably be treated differently from one who uses such settings and accesses the site from an unusual country or has multiple failed login attempts.

Detecting privacy-focused settings is an additional factor that can be used to make decisions. Including more data points as a part of fraud and security analysis allows for a more nuanced approach to risk management.

Detecting Privacy-Focused Settings

As shown above, many browsers offer various methods of privacy protection, ranging from obfuscation to feature blocking to enhance encryptions. Therefore, checking various data points when analyzing whether a user has privacy-focused settings enabled is important. Some of these checks include:

• User-Agent String Analysis: Check the User-Agent string for indications of privacy-focused browsers, though this can be unreliable due to string spoofing.
• JavaScript Tests: Execute JavaScript to detect browser capabilities and privacy settings, such as blocked APIs or unusual API responses.
• Feature Analysis: Observe patterns in website interaction that suggest using privacy settings, like not retaining cookies or blocking third-party requests.
• Canvas Fingerprinting Resistance Checks: Use the Canvas API to test for fingerprinting resistance, looking for standardized results that indicate privacy protection.
• VPNs or Tor Network Detection: Analyze IP addresses to identify connections from known VPN services or Tor exit nodes.

Making Privacy-Focused Settings Detection Easy With Fingerprint

Detecting if a user is obfuscating their browser details can be challenging when many factors and methods must be considered. Additionally, while the methods above may work for some users, some can be easily spoofed, while others can be more difficult to implement and require more sophisticated and resource-intensive analysis. Using a specialized service for this detection can be much simpler and more accurate.

Fingerprint is a Device Intelligence Platform that provides accurate and actionable data to prevent fraud and improve user experiences. Our Smart Signals make detecting privacy-focused browser settings and many other signals, such as VPN detection, incognito mode detection, or virtual machine detection, a simple and efficient process.

Quickly collect browser and device information about your visitors with a straightforward JavaScript snippet and easy-to-use APIs or webhooks. We'll let you know if visitors use privacy-focused settings to randomize and obfuscate their browser details against fingerprinting. From there, you can integrate the results directly into your existing fraud analysis workflows or use our Suspect Score to give you a head start.

We constantly research the latest browser updates, trends, and anonymity methods, ensuring our platform stays current and accurate. That way, you can stay focused on building better websites and protecting your business and users while we handle the intricacies of browser attribute detection.

Conclusion

While privacy-focused settings and browsers are excellent tools for users seeking to protect their data and privacy, they can also be advantageous for those with malicious intent. Therefore, being aware of their use and incorporating this data into your security protocols can add an extra layer of information to your risk assessments.

Smart Signals like Privacy-Focused Settings Detection are available with our Pro Plus and Enterprise Plans. Contact our team to learn more about how Fingerprint can provide you with accurate, actionable insights on your visitors, or start a free trial to try it out yourself!