
What is TLS fingerprinting? How JA3 and JA4 identify a client
TLS fingerprinting identifies the software behind a connection from its TLS handshake. How it works, what JA3 and JA4 are, and what it reveals.
Vasil Makarchuk is the Chief Technology Officer at ShieldLabs with 10 years of experience in engineering and building scalable systems for online businesses.

TLS fingerprinting identifies the software behind a connection from its TLS handshake. How it works, what JA3 and JA4 are, and what it reveals.

WebRTC fingerprinting uses a browser's real-time connection setup to expose network data, including a local or real IP behind a VPN. How it works.

What IP reputation is, how the 0 to 100 score is built, and why a clean IP score alone will not catch fraud. The lagging, shared, and recycled-IP problem.

What JA4 fingerprinting is, how it fixes JA3's weakness to TLS randomization, the JA4 string format and JA4+ suite, and what it can and cannot identify.

How to detect VPNs in 2026: the methods that actually work, why an IP check alone fails, and how masked traffic ties to abuse and risk.

What is device fingerprinting: the signals that make up a device fingerprint, how the recognition works across browsers, web vs mobile, and what teams use it for.

How proxy detection works for fraud prevention: 13 techniques, why residential proxies are hard to spot, and why an IP check alone is never enough.