WysLeap
IDENTIFY

Identify Visitors Without Cookies

Track complete user journeys with typically 95-99.5% accuracy in matching returning visitors on the same device/browser—no cookies needed. Based on testing across millions of visitor sessions.

Accuracy Definition: 99.5% precision (avoiding false matches) with 98%+ recall (catching return visitors). Accuracy varies by browser diversity—typically 95-99.5% depending on your audience's device/browser combinations.

Get Started FreeSee It in Action

Accuracy Breakdown by Scenario

Real-world accuracy varies based on device and browser conditions

99.5%

Same Device, Same Browser

Optimal conditions—highest accuracy

96%

Same Device, Browser Updated

ML models adapt to minor changes

85%

Same Device, Privacy Mode

Reduced accuracy in incognito sessions

70%

Shared Devices

Family computers, kiosks, public devices

Comparison Metrics

  • 3-5x more accurate than IP-based identification
  • Comparable to first-party cookie tracking without the consent complexity
  • Collision rate under 0.1% for sites with diverse traffic

Fingerprint Stability

  • • ML models identify return visitors even when 20-30% of fingerprint characteristics change
  • • Behavioral patterns help confirm identity when fingerprint partially changes
  • • Fingerprint matching is robust to minor browser/OS updates

Technical Transparency

Understanding what browser characteristics we use and how fingerprinting works

Browser Characteristics Used

We create fingerprints using only basic, publicly available browser characteristics—no invasive tracking methods:

  • Browser type and version (Chrome, Firefox, Safari, etc.)
  • Screen resolution (standard web API)
  • Timezone and language settings
  • Page views and navigation paths
  • Click and scroll interactions
  • Session duration and timing

What we don't use: Canvas fingerprinting, audio fingerprinting, WebGL fingerprinting, installed fonts detection, or hardware characteristics. We explicitly avoid techniques that privacy advocates consider invasive.

Fingerprint Example

Visitor ID

a8f3b2c1-d4e5-...

First Visit

Jan 15, 2024, 2:30 PM

Last Visit

Feb 7, 2024, 10:15 AM

Total Visits

5

Browser

Chrome

Country

United States

Theme

light

Language

en

Fingerprint Match Confidence

Confidence this visitor matches a previous visit

99.2%

How Fingerprinting Works

1. Fingerprint Creation

On first visit, we collect browser characteristics and create a unique fingerprint hash. This hash is one-way encrypted and cannot be reverse-engineered to identify the user.

2. Fingerprint Matching

On return visits, we compare the new fingerprint to stored fingerprints. ML models use fuzzy matching to identify return visitors even when 20-30% of characteristics change (e.g., browser updates, OS updates).

3. Cross-Device Limitations

Important: Fingerprinting works per device/browser combination. We cannot track across completely different devices without login events. If a user visits from a laptop and then a phone, they appear as two separate visitors unless they log in.

Privacy & Compliance

Transparent about what we collect and how it's used

What We Don't Collect

We create pseudonymous identifiers—not personal data. Specifically:

  • No names, emails, or directly identifying information
  • No IP addresses stored or used for identification
  • No cookies or local storage
  • No cross-site tracking—fingerprints are site-specific

GDPR & Privacy Compliance

Important Legal Note: GDPR applicability depends on how data is used, not just collection method. While WysLeap is designed to minimize personal data collection:

  • • Fingerprinting for analytics purposes may still require disclosure in your privacy policy
  • • GDPR compliance depends on your specific use case and jurisdiction
  • We recommend consulting legal counsel for your specific situation
  • • Some regulators consider fingerprinting similar to cookies and requiring consent under ePrivacy Directive

Our Approach: We recommend a privacy-first approach with transparency. Even if consent isn't strictly required, disclosing fingerprinting in your privacy policy builds trust with users.

Privacy Mode Clarification

When we say "works in privacy mode," we mean:

  • • Fingerprinting works across normal sessions despite privacy settings
  • Within a single incognito session, fingerprinting works normally
  • Across incognito sessions, accuracy is reduced (85% vs 99.5%) because incognito mode clears some fingerprinting data between sessions
  • • Most fingerprinting has reduced accuracy in private browsing—we're transparent about this limitation

Data Retention

We retain visitor identifiers and fingerprints for 24 months of inactivity. After 24 months without visits, visitor data is automatically purged. Active visitors' data is retained as long as they continue visiting.

Privacy-Preserving Machine Learning

How ML improves accuracy while protecting privacy

What the ML Actually Does

  • Stability Learning: Models learn which fingerprint characteristics are most stable over time (e.g., screen resolution rarely changes, but browser version does). This helps identify return visitors even when some characteristics change.
  • Fuzzy Matching: Algorithms identify return visitors despite minor fingerprint changes (browser updates, OS updates). ML models can match fingerprints that are 70-80% similar, not just exact matches.
  • Behavioral Pattern Analysis: When fingerprint partially changes, behavioral patterns (visit frequency, page preferences, navigation patterns) help confirm identity.

What Makes It Privacy-Preserving

  • Aggregated Pattern Learning: Models train on aggregated patterns across all visitors, not individual visitor data. No raw fingerprints leave your infrastructure.
  • One-Way Hashing: Identifiers are one-way hashed and cannot be reverse-engineered to identify the user or reconstruct the original fingerprint.
  • Site-Specific: Fingerprints are unique to your site. We don't share fingerprints across sites or create cross-site profiles.
  • No Personal Data: ML models never see or learn from personal data—only anonymous browser characteristics and behavioral patterns.

Real-World Use Cases

Specific scenarios where visitor identification drives value

Scenario 1: Multi-Session Research Behavior

B2B buyers typically visit 5-7 times before converting. See their complete research journey to understand what content drives decisions.

Session 1 (Day 1): Homepage → Pricing → Left
Session 2 (Day 3): Blog post → Features → Pricing → Left
Session 3 (Day 5): Pricing → Signup → Converted

Scenario 2: Cart Abandonment Follow-Up

Identify return visitors who abandoned carts to understand if they're comparison shopping or lost interest. Track whether they return to complete purchases or browse different products.

Scenario 3: Content Attribution

Which blog posts lead to conversions 3 weeks later? Track the complete path from content discovery to purchase, even when visitors don't convert on their first visit.

Cookies vs. Fingerprinting

MetricCookiesFingerprinting
Accuracy (same device)98-99%95-99.5%
Works in private browsingNoLimited (85%)
Requires consent (EU)YesDepends*
User can blockEasilyDifficult
Cross-browser trackingNoNo
Data persistenceUser-controlledServer-side

* GDPR/ePrivacy interpretation varies by jurisdiction. Consult legal counsel for your situation.

Known Limitations

Building trust through transparency about what we can and cannot do

Shared Devices

Less accurate on shared devices (family computers, kiosks, public devices). Multiple users on the same device may appear as a single visitor.

Private Browsing

Reduced accuracy (85% vs 99.5%) in private browsing modes. Incognito sessions clear fingerprinting data between sessions.

Cross-Device Tracking

Cannot track across completely different devices without login. A user visiting from laptop and phone appears as two separate visitors.

VPNs & Network Changes

Users with VPNs or frequently changing network configurations may appear as new visitors if fingerprint characteristics change significantly.

Mobile Apps

Mobile app tracking requires different approach. Fingerprinting works for mobile web browsers, but native apps need device IDs or other methods.

Anti-Fingerprinting Measures

Some browsers actively resist fingerprinting (Firefox Enhanced Tracking Protection, Safari ITP, Brave randomization). We adapt to these measures, but accuracy may be reduced.

How WysLeap Compares

vs. Cookie-Based Tracking

More resilient to cookie deletion, works in stricter privacy contexts. Comparable accuracy (95-99.5% vs 98-99%) without requiring consent banners in many jurisdictions.

vs. IP-Based Tracking

Much more accurate (3-5x improvement). Handles dynamic IPs and shared networks better. IP addresses change frequently and are shared by multiple users—fingerprinting provides device-level identification.

vs. Login-Required Tracking

Works for anonymous visitors, no authentication required. Enables multi-session analytics for visitors who haven't signed up yet—critical for understanding conversion funnels.

vs. No Tracking

Enables multi-session analytics without compromising privacy excessively. Provides insights into user journeys that single-session tracking cannot capture.

How Does This Compare to Google Analytics?

GA4 uses cookies + consent-based tracking: Google Analytics 4 relies on cookies and requires consent banners in the EU. When users reject cookies or use private browsing, GA4 loses tracking.

WysLeap uses fingerprinting: Different trade-offs—more resilient to cookie blocking but may have different privacy implications. Fingerprinting works even when cookies are blocked.

Can be used together: Many customers use GA4 for basic metrics (with consent) and WysLeap for cookieless journey tracking. They complement each other—GA4 provides Google's ecosystem integration, WysLeap provides privacy-resilient visitor identification.

Responsible Use

WysLeap's Visitor Identification is Designed For:

  • • Analytics and understanding user behavior
  • • Improving user experience
  • • Multi-session journey tracking
  • • Conversion funnel analysis

We Explicitly Prohibit Use For:

  • • Cross-site tracking without disclosure
  • • Selling or sharing fingerprint data with third parties
  • • Using fingerprints to personally identify individuals
  • • Any use that violates user privacy expectations

Privacy Policy Disclosure

We recommend disclosing fingerprinting in your privacy policy, even though it doesn't collect traditional personal data. Transparency builds trust with users and helps ensure compliance with privacy regulations.

For technical details on our fingerprinting methodology, see our technical documentation or contact support.

Frequently Asked Questions

Is fingerprinting legal?

It's a gray area that varies by jurisdiction. In the EU, fingerprinting may be considered similar to cookies under ePrivacy Directive. In the US, it's generally legal but subject to state privacy laws. We recommend consulting legal counsel for your specific jurisdiction and use case.

Can users opt out?

Yes. Users can opt out through browser settings (Firefox Enhanced Tracking Protection, Safari ITP) or by using privacy-focused browsers. We respect browser-level privacy controls and don't attempt to circumvent them. Some customers also provide opt-out mechanisms in their privacy policies.

Can users delete their visitor profile?

Yes. Users can delete their visitor profile and all associated data at any time. When a profile is deleted, it permanently removes the visitor profile data, all visit history, and all associated telemetry events. Users can access this feature on our privacy page where they can view their visitor profile and delete it if desired.

How is this different from third-party tracking?

WysLeap fingerprinting is first-party—fingerprints are created and stored only for your site. We don't share fingerprints across sites or create cross-site profiles. This is fundamentally different from third-party tracking networks that track users across multiple websites.

What happens on shared devices?

Accuracy is reduced (around 70%) on shared devices. Multiple users on the same device may appear as a single visitor. This is a known limitation of fingerprinting—it identifies devices/browsers, not individual users.

Does this work on mobile?

Yes, for mobile web browsers. Fingerprinting works on mobile Safari, Chrome Mobile, and other mobile browsers. However, native mobile apps require different approaches (device IDs, advertising IDs) as fingerprinting is primarily a web browser technology.

How do browser updates affect tracking?

ML models are designed to handle fingerprint evolution. When browsers update, 20-30% of fingerprint characteristics may change, but our fuzzy matching algorithms identify return visitors despite these changes. Behavioral patterns also help confirm identity when fingerprints partially change.

Start Tracking Complete User Journeys

Get typically 95-99.5% identification accuracy without cookies. See live examples of fingerprint characteristics, multiple sessions being connected, and journey visualizations.

Get Started FreeSee It in Action