On this page
- How it works
- JA3 — original standard (2017)
- JA4 — current standard
- JA4+ suite — extensions beyond core TLS fingerprint
- How it applies to ecommerce fraud
- Residential proxy bypass
- Browser impersonation detection
- OS mismatch via JA4+JA4T
- Post-quantum TLS as a new detection signal (as-of 2026)
- Accuracy
- Vendor landscape (as-of 2026)
- Evasion techniques
- Cipher stunting (legacy — defeated by JA4)
- Cyclic TLS / utls / curl_cffi (current primary bypass)
- Limitations and false-positive risks
- Emerging threat: Encrypted Client Hello (ECH)
- Key terms
- Benchmarks (as-of 2026-06-21)
- Frontier links
TLS Fingerprinting (JA3/JA4)
TLS Fingerprinting (JA3/JA4)
Server-side technique that extracts the TLS ClientHello message — transmitted in plaintext before encryption begins — to build a stable fingerprint identifying the client's TLS implementation. Because cipher suites and TLS libraries are coupled to specific language runtimes and browsers, fingerprinting reveals whether a request truly originates from a real browser or from a bot scripted in Python, Go, or Java — regardless of IP address, User-Agent header, or residential proxy routing.
How it works
JA3 — original standard (2017)
JA3 was developed by Salesforce engineers in 2017 and open-sourced the same year (packet.guru, 2026-02-15). It concatenates five decimal fields from the TLS ClientHello: SSLVersion, Ciphers, Extensions, EllipticCurve, and EllipticCurvePointFormats, then MD5-hashes the resulting string to produce a portable 32-character fingerprint (packet.guru, 2026-02-15).
JA3 became brittle for three documented reasons (packet.guru, 2026-02-15):
- Order sensitivity — any reordering of cipher or extension fields produces a completely different hash
- GREASE — Google's randomised-extension mechanism, designed to prevent TLS ecosystem ossification, broke static JA3 hashes
- Cipher stunting — attackers learned to shuffle cipher suite order; Akamai documented this evasion technique as early as 2018 (Akamai, 2024-updated)
Starting in 2023, modern browsers including Chrome (Chrome 108, late 2022) and Firefox began randomising the order of TLS extensions in ClientHello messages, rendering JA3 unreliable as a stable fingerprint (Auth0, 2026-03-10).
JA4 — current standard
JA4 was developed by FoxIO and addresses JA3's brittleness by sorting cipher suites and extensions alphabetically before hashing, producing a stable fingerprint regardless of field-order randomisation (Auth0, 2026-03-10). It uses SHA-256 (truncated) rather than MD5, and produces a human-readable three-part structured string (e.g., t13d1516h2_8daaf6152771_e3547807c630) rather than an opaque hash (Auth0, 2026-03-10).
The three segments encode (Trueguard.io, 2025-est.):
- (A) Protocol type (TCP/QUIC), TLS version, SNI presence, counts of cipher suites and extensions, and ALPN first value
- (B) Truncated SHA-256 hash of the sorted cipher list
- (C) Truncated SHA-256 hash of the sorted extensions and signature algorithms
By 2026, JA4 is described as universally adopted by Cloudflare, AWS WAF, VirusTotal, and Akamai (Auth0, 2026-03-10).
JA4+ suite — extensions beyond core TLS fingerprint
JA4+ is a family of related fingerprinting methods (Peakhour.io, 2025-est.):
| Method | What it fingerprints |
|---|---|
| JA4 | TLS ClientHello (core) |
| JA4S | TLS ServerHello (server-side) |
| JA4X | Certificate data |
| JA4H | HTTP request metadata (method, version, User-Agent) |
| JA4T | TCP SYN packet — OS-level fingerprint |
| JA4L | Round-trip latency — geophysical proxy detection |
JA4T fingerprints the TCP SYN packet, extracting TCP Window Size, TCP Options order, Maximum Segment Size (MSS), and Window Scale — values hardcoded by the OS kernel and extremely difficult to spoof without rewriting the kernel or using raw sockets (Trueguard.io, 2025-est.).
JA4L (Light Distance) measures round-trip time at the packet level; if a request claims to originate from New York but packet physics indicate Eastern European latency, it is flagged as a proxy (packet.guru, 2026-02-15).
How it applies to ecommerce fraud
Residential proxy bypass
Standard HTTP/HTTPS residential proxies do not change the TLS fingerprint seen by the origin server, because the proxy forwards the TLS handshake from the attacking client — the fingerprint belongs to the HTTP library making the request, not to the proxy IP (databay.com, 2024–2025). Even when attackers rotate through thousands of residential proxy IPs to defeat IP-reputation signals, if those requests originate from the same attack script, they share the same JA4 fingerprint, enabling defenders to correlate the distributed attack (Auth0, 2026-03-10). As one practitioner source states: "Residential proxies only change your IP address, not your TLS fingerprint — they're not enough on their own" (databay.com, 2024–2025).
Browser impersonation detection
Major TLS libraries produce distinct handshake characteristics (Fingerprint.com, 2025-07-10):
| Library | Browser |
|---|---|
| BoringSSL | Chrome |
| NSS | Firefox |
| Apple Secure Transport | Safari |
| SChannel | Microsoft Edge (legacy) |
A request presenting a "Safari" User-Agent but Chrome-style cipher preferences is an immediate detection signal (Fingerprint.com, 2025-07-10). Auth0 integrated JA4 signals into its bot detection ML model in March 2026 specifically to defeat credential-stuffing bots that rotate residential proxy IPs, and headless browser bots (Puppeteer/Playwright) whose User-Agent strings appear identical to human browsers but whose JA4 fingerprints reveal their automated runtime (Auth0, 2026-03-10).
OS mismatch via JA4+JA4T
The combination of JA4 (application fingerprint) and JA4T (OS fingerprint) enables detection of "impossible mismatch" attacks: a bot hosted on an AWS Linux server claiming to be "Chrome on Windows" still emits Linux TCP window sizes and TCP options ordering, creating a detectable contradiction (Trueguard.io, 2025-est.).
Post-quantum TLS as a new detection signal (as-of 2026)
Chrome adopted X25519MLKEM768 post-quantum key shares by default in April 2024; Firefox in November 2024; Apple in October 2025. By early 2026, 57.4% of all browser-initiated connections include a PQ key share (scrapfly.io, 2025–2026). Any request claiming to be a modern Chrome browser but lacking a PQ key share is flagged before the first byte of HTTP traffic arrives — a detection signal that existing scraping libraries (including curl_cffi) may not yet synthesise correctly (scrapfly.io, 2025–2026).
Accuracy
A 2026 arXiv study (2602.09606, 2026-02) trained a CatBoost classifier on JA4 features and achieved AUC 0.998 and accuracy 0.9863 in detecting bad bots from web traffic. A secondary source (proxies.sx, undated) cites Akamai research claiming 92–98% bot classification accuracy via cross-layer TLS analysis; no direct Akamai publication URL was retrieved to verify this figure independently — treat as unverified.
Accuracy claims unverified. The 92–98% Akamai figure (proxies.sx, undated) could not be traced to a primary Akamai publication. The arXiv 0.9863 figure (2026-02) reflects controlled research conditions; real-world accuracy at production scale, against sophisticated adversaries using browser-mimicking tools, is likely lower and not publicly disclosed by vendors.
Vendor landscape (as-of 2026)
All major anti-bot vendors incorporate TLS/JA4 fingerprinting as one signal within multi-layer ML-driven bot scoring models, rather than blocking on raw hash values alone (Fastly, 2025-08-14): Bot Management|Cloudflare Bot Management, DataDome, HUMAN Security/PerimeterX, Akamai Bot Manager, Imperva Advanced Bot Protection, Fastly Bot Management. Cloudflare analyses over 15 million unique JA4 fingerprints generated from more than 500 million user agents and billions of IP addresses daily, using per-customer ML models trained per zone (Auth0, 2026-03-10; Cloudflare, 2024).
Evasion techniques
Cipher stunting (legacy — defeated by JA4)
Attackers randomised cipher suite order to defeat JA3's order-sensitive hash (Akamai, 2018/2024). JA4's alphabetical-sort design directly defeats this technique.
Akamai cipher-stunting research originally published 2018; updated/referenced in 2024 context. The evasion technique and architectural response (JA4 sort) are well-documented beyond the 2018 primary.
Cyclic TLS / utls / curl_cffi (current primary bypass)
The only reliable way for bots to bypass JA4 detection is to use tools that mimic the exact handshake of a real browser at the TLS library level — effectively impersonating the full TLS implementation, not just the User-Agent string (packet.guru, 2026-02-15). curl_cffi (Python bindings for curl-impersonate) is the practitioner-consensus tool for spoofing TLS fingerprints, impersonating Chrome/Safari/Edge down to cipher suite order, extensions, and HTTP/2 settings (brightdata.com/capsolver.com, 2024–2026).
curl_cffi as reliable bypass vs. temporary. Scraping practitioners treat curl_cffi as a reliable bypass for TLS fingerprinting (brightdata.com, 2024–2026). Detection vendors (Cloudflare 2024) note that fingerprint reuse patterns at scale still expose well-crafted TLS impersonation. Additionally, post-quantum key share absence (2025+) further erodes curl_cffi coverage unless the library is actively updated — creating an ongoing arms race rather than a stable bypass (scrapfly.io, 2025–2026).
Limitations and false-positive risks
Corporate MITM proxies (e.g., Zscaler) terminate TLS connections and re-establish new ones at the network edge, so the WAF sees the proxy's fingerprint rather than the end-user's — creating "collapsed entropy" where thousands of employees share the same JA4 signature, generating false positives (packet.guru, 2026-02-15).
Privacy browsers / unusual configurations: Users running extension-heavy browsers or configurations that randomise TLS parameters may present unusual JA4 fingerprints not in the "known-good" database, and outdated browsers or rare operating systems carry the same false-positive risk (packet.guru, 2026-02-15).
Not an individual identity signal: TLS fingerprints are not unique to individual users — different clients can share the same fingerprint. TLS fingerprinting classifies client types effectively but is insufficient for individual identity attribution; it is most effective combined with Device Fingerprinting, Behavioural Biometrics, and other fraud signals (Fingerprint.com, 2025-07-10).
Emerging threat: Encrypted Client Hello (ECH)
ECH, now deployed broadly in 2026, encrypts sensitive parts of the ClientHello (including SNI) behind a CDN-level outer wrapper, collapsing entropy available to TLS fingerprinting systems: all users behind a CDN using ECH look identical at the metadata layer, forcing defenders to shift toward behavioural analysis of request timing, volume, and HTTP/3 vs HTTP/2 ratios (packet.guru, 2026-02-15).
ECH deployment timeline. packet.guru (2026-02-15) describes ECH as already collapsing fingerprinting entropy in 2026. fingerprint.com (2025-07-10) does not mention ECH as a live concern, focusing instead on post-quantum hybrid handshakes. The divergence likely reflects a 7-month publication gap during which ECH deployment accelerated.
Key terms
| Term | Meaning |
|---|---|
| ClientHello | First message in TLS handshake; transmitted in plaintext; contains cipher suites, extensions, TLS version, ALPN |
| JA3 | 2017 TLS fingerprinting standard; MD5 hash; now brittle due to browser extension-order randomisation |
| JA4 | Current standard (FoxIO); SHA-256; alphabetically sorted before hashing; order-stable |
| JA4T | TCP SYN fingerprint; OS-level; kernel-hardcoded values; complements JA4 |
| JA4L | Latency-based fingerprint; detects geophysical proxy inconsistency |
| JA4H | HTTP request fingerprint; links TLS layer to application-layer behaviour |
| Cipher stunting | Attacker technique: randomising cipher order to defeat JA3 |
| Cyclic TLS / utls | Tool family enabling full TLS library impersonation; primary current bypass |
| GREASE | Google mechanism inserting random TLS values to prevent ecosystem ossification; broke JA3 |
| ECH | Encrypted Client Hello (ECH); encrypts sensitive ClientHello fields; reduces fingerprinting entropy for CDN users |
| PQ-TLS | Post-quantum TLS; X25519MLKEM768 key share; Chrome default Apr 2024; absence detectable as bot signal |
| curl_cffi | Python library (curl-impersonate bindings); primary tool for TLS fingerprint spoofing |
| MITM proxy | Man-in-the-middle SSL inspection proxy (e.g., Zscaler); collapses TLS entropy for corporate users |
Benchmarks (as-of 2026-06-21)
- JA4 adoption: Cloudflare, AWS WAF, VirusTotal, Akamai (as-of 2026-03-10, Auth0)
- Cloudflare: 15M+ unique JA4 fingerprints / 500M+ user agents / billions of IPs daily (as-of 2026, Auth0/Cloudflare)
- PQ key share presence: 57.4% of browser connections carry X25519MLKEM768 (as-of early 2026, scrapfly.io)
- arXiv 2026-02 CatBoost classifier on JA4: AUC 0.998 / accuracy 0.9863 (controlled conditions)
- Akamai cross-layer accuracy: 92–98% (unverified secondary citation — no primary URL)
Frontier links
- Encrypted Client Hello (ECH) — emerging structural threat to TLS fingerprinting; newly prominent from this run
- Post-Quantum TLS — X25519MLKEM768 adoption creates new bot detection signal; no standalone page
- Waveless Picking — still dangling from WES run (68)
- Warehouse Control System (WCS) — device layer below WES; no standalone page
- International Ecommerce — dangling from Frontend Address Validation (run 67)