On the net you can often meet users' reports that various scanners detect the use of anti-detection. And the reason for this can be not only in the browser, but also in the actions of the user himself. We have collected all the basic parameters that make it appear that a user is tampering with fingerprints and suggested ways to reduce the risk of detection. 🤏
Why are there problems with emulation at all 😐
Any antidetector has two key functions:
Fingerprint spoofing. The anti-detect must change the real data of the user's digital fingerprint.
Emulation. Make you look like a normal user as much as possible.
The truth is that so far there is not a single publicly available antifraud detector that can completely make an ordinary user out of you.
This is due to the fact that each antifraud system has its own unique mechanisms: they analyze a different amount of data, in a different order, and draw conclusions from this data in different ways. Because of this, it happens that one antifraud tool is better suited for Twitter and another one - for Zuckerberg's social network.
However, there are some recommendations, following which you can significantly increase the quality of emulation.
The main parameters that cause the replacement of prints
Below are the main parameters by which you can most often see data spoofing:
1️⃣ IP is one of the most popular parameters with which problems arise.
What's the problem
Not hiding the real IP. Some users think that antidetect automatically changes their IP address. In reality, antidetects have the functionality to change the data, but the new IP address itself needs to be taken somewhere. To do this, you need to buy a proxy or VPN. Some browsers have the option of buying proxies from company partners in-house.
They use proxies of the wrong geo. For example, the user plans to work with Brazilian users and creates a Brazilian account, but buys Russian proxies. As a result, his data is detected as Russian, which can cause problems on the site.
They buy unsuitable proxies. In order to save money users buy cheap proxies or use free ones. In this case there is a risk that the IP has already been used in many places and is blocked by most popular sites. Moreover, such proxies can be dangerous as they can be used by intruders.
What to do
Use proxies when working with the antidetector, otherwise your real IP address will not be masked.
Buy proxies only from trusted vendors.
Make sure your IP address matches the geo of your account.
Choose proxies depending on your tasks. The most secure proxies are those using HTTPS and SOCKS5. However, if you need many IP addresses for different profiles, it's better to choose mobile proxies. They are more expensive, but due to the ability to update IP, they can be much cheaper.
2️⃣ Fonts are one of the main parameters that give away the fact of a spoofed print.
What's the problem
Every operating system has a set of used fonts: standard and system fonts. The standard fonts are the well known ones: Arial, Times New Roman, etc. You can see them in any operating system.
But the system fonts may be unique to each particular system.
How it works: Let's imagine that the user has a Windows laptop, but in the digital print it specifies macOS. Because of the difference in system fonts, antifraud systems will realize that he is encrypting his digital fingerprint. Moreover, the difference will be visible not only in the font set itself, but also in its design: macOS and Windows can display even the same font differently.
What to do
If possible, select the operating system of the device from which you plan to work in the digital anti-detection print.
If you have a powerful PC and laptop, install Linux as a second operating system, then install the system fonts of the operating system you want on it. Linux acts as an intermediate system between Windows and MacOS, so you can smooth out the differences in fonts with it.
3️⃣ Browser. All antidetectors work on the basis of some standard browser. As a rule, they are Chrome, Chromium or Firefox. Chrome is the same Chromium but with Google services enabled and some changes in the browser's internal functionality.
What's the problem
Each browser has unique attributes and features that differentiate it from the others. Normal users will not notice these features, but antifraud systems will. This way they will understand that the user is tampering with the fingerprint.
What to do
Pay attention that your digital fingerprint has data that matches the anti-fraud browser. This is shown in Useragent. All antidetect vendors voice which browsers they are based on. For example, Dolphin{anty} runs on Chromium.
4️⃣ The characteristics of the device. Some users, in an attempt to convince antifraud of the reality of their print, change the data of the parameters of the device itself: Audio, Canvas 2d(just Canvas), Canvas 3d, etc.
What's the problem.
The print can become:
unrealistic, because the parameters in the device prints are linked together, manually changing them may result in a combination of data that doesn't occur at all or occurs too infrequently.
Too unique, which will attract the attention of antifraud systems.
What to do
Do not change the imprint settings that concern the device itself: Canvas, Audio, WebGL.
5️⃣ WebRTC — describes parameters for transferring audio, video, and content between browsers and applications. The project has come to be used as a replacement for Flash.
What's the problem
It often happens that this parameter shows your real IP, even if you use a proxy.
What to do
If you see your real IP leaked by WebRTC, the best solution is to ask the antivirus vendor what to do with this setting. The reason is that some antifraud systems see that a person changes IP, but take no action against the user. This is especially true now, when many sources and sites are blocked in Russia.
6️⃣ Mobile device on the web. Some users try to emulate a mobile device from the web versions of antidetects.
What's the problem
Mobile devices differ from web versions by hundreds of parameters, including screen resolution, network performance, data transmission methods, device types, etc. Considering that anti-detects do not give 100% emulation even on the web version, it will be even lower with the mobile version.
What to do
Even if your antidetector has the functionality to emulate the web version for the mobile version, you'd better use it with caution and not test on accounts that are important to you. Otherwise, there is a risk that they may be sent for verification or even blocked.
Setup recommendations
We provide only general guidelines for the PSU setup, since you are the only one responsible for flooding or changing the selected settings to make it work better.
All settings are made here: three dots next to the profile name - "Edit".
IP - this is one of the most popular parameters with which problems arise.1. Use proxies when working with anti-detection, otherwise your real IP address won't be masked.2. Buy proxies only from trusted vendors. 3. Make sure that your IP address matches your account geo. 4. Choose proxies depending on your goals. The most secure proxies are those using HTTPS and SOCKS5. However, if you need many IP addresses for different profiles, it's better to choose mobile proxies. They are more expensive, but due to the possibility to update IP, they can be much cheaper.
It is important that each new profile has a random screen resolution. For example, 1920*1080.
Fonts are one of the main parameters that give away the fact that the print is swapped.1. If possible, select the operating system of the device from which you plan to work.2. If you have a powerful PC and laptop, install Linux as a second operating system, then install the system fonts of the operating system you want. Linux acts as an intermediate system between Windows and MacOS, so it can smooth out the differences in fonts.
Browser. All anti-detectors work on the basis of some standard browser. Typically, this is Chrome, Chromium or Firefox. Chrome is the same Chromium but with Google services enabled and some changes in the browser's internal functionality. Pay attention that your digital fingerprint has data that matches the anti-detection browser. This is shown in Useragent. All antidetect vendors voice which browsers they are based on. For example, Dolphin{anty} runs on Chromium.
If your proxies are good, we recommend putting noise on the Canvas parameter. This parameter will be recreated each time you create a profile, if "noise" is set.
If you are using the user agent 114 version and above, then install WebGPU Real, because Off - disables this option but for the 114 kernel can have a bad effect on some sites (as in the usual chrome this option is present), if you are sure that the option you do not need, then unload it.
Final recommendation, webrtc try to disable.This is a special plugin that supports video and audio transmission on a web page. To speed things up, this plugin gives web resources access to your media devices. For example, your headphones and camera. Your real IP address can be shown through this option, even if you use a proxy.Therefore, we recommend disabling it.