AudioContext Fingerprinting: The Browser Tracker Nobody Talks About

Canvas fingerprinting gets all the attention. AudioContext fingerprinting flies under the radar — and it's just as persistent.

What is AudioContext Fingerprinting?

The Web Audio API processes audio through your sound hardware. The exact output of an audio signal varies based on:

• Audio hardware (sound card model)
• OS audio processing pipeline
• Driver version

This produces a unique numeric hash per device.

function getAudioFingerprint() {
  const audioCtx = new AudioContext();
  const oscillator = audioCtx.createOscillator();
  const analyser = audioCtx.createAnalyser();
  const gainNode = audioCtx.createGain();
  const scriptProcessor = audioCtx.createScriptProcessor(4096, 1, 1);

  gainNode.gain.value = 0; // Muted — user hears nothing
  oscillator.type = 'triangle';
  oscillator.connect(analyser);
  analyser.connect(scriptProcessor);
  scriptProcessor.connect(gainNode);
  gainNode.connect(audioCtx.destination);

  scriptProcessor.onaudioprocess = (bins) => {
    const samples = new Float32Array(analyser.frequencyBinCount);
    analyser.getFloatFrequencyData(samples);
    const hash = samples.slice(0, 20).reduce((a, b) => a + Math.abs(b), 0);
    console.log('Audio fingerprint:', hash); // unique per device
    audioCtx.close();
  };

  oscillator.start(0);
}

The user hears nothing. The fingerprint is extracted silently.

Combined With Canvas = Very High Accuracy

Neither technique alone is 100% unique. Together:

• Canvas hash (GPU-based) + AudioContext hash (audio hardware) → collision probability drops to near zero

This is why changing your VPN or clearing cookies doesn't help: both signals come from hardware, not network or storage.

Who Uses This

• Ad networks for cross-site tracking
• Anti-fraud systems (banking, e-commerce)
• Platform integrity teams (Twitter, Amazon, LinkedIn)

Protection

Block or randomize both canvas AND audio fingerprints per profile. FireKey handles this — each profile gets randomized audio fingerprint output, free open beta.

Posted from a FireKey isolated browser environment with spoofed AudioContext.