What Is Battery Status API Fingerprinting?

Paste into ChatGPT, Claude, or any LLM

On this page

Battery Status API fingerprinting used the precise charge level and charging/discharging times exposed by navigator.getBattery() as a short-lived device identifier. In plain terms: a website could read exactly how full your battery was — fingerprinting means using such details as a clue to tell one visitor apart from another. Because that readout (level to two decimals, plus seconds-to-full or seconds-to-empty) was nearly identical across two pages loaded moments apart, two sites could tell they were seeing the same visitor. It is the textbook case of a helpful browser API that turned into a tracking and bot-detection vector, and most browsers have since restricted or removed it.

API	navigator.getBattery() (Battery Status API)
Leaked	level, charging, chargingTime, dischargingTime
Disclosed	2015 "battery privacy leak" research
Status	Removed in Firefox; restricted/secure-context in Chrome
Bot tell	Always-100%/charging, or API missing where expected

How a battery became an identifier

The 2015 research showed the readout combined the battery level (for example 0.57, meaning 57% full) with chargingTime and dischargingTime in seconds. Together those values produced roughly 14 million possible combinations at any instant — enough to pick out a single device. Two sites reading the API within a few seconds saw the same set of numbers, letting them re-identify and link a user even right after they cleared their cookies, for that short window. Firefox removed the API; Chrome restricted it to secure contexts (pages served over https) and rounded the values to be less precise. The episode is now a standard teaching example of an unintended fingerprinting surface — a feature that quietly leaks identifying detail.

The bot-detection angle

For anti-bot systems the battery readout is a coherence check — a test of whether a browser's story holds together. A server-hosted headless browser (one running on a server with no screen) has no battery, so the API is missing or reports a permanently full, charging state. A laptop user-agent (UA) that claims no battery, or a battery frozen at exactly 1.0 and charging forever, looks mildly suspicious and feeds a lie-detection score alongside stronger signals. It is rarely decisive on its own, but it is cheap to read and adds to the overall picture.

Current status and how to handle it

The Battery Status API has been walked back since its 2012 debut: Firefox removed it outright, and Chrome restricts it (notably gating it behind secure contexts and reducing its precision). That history matters for scraping because the API's presence or absence is now itself a fingerprint surface — a browser claiming to be current Firefox while still exposing navigator.getBattery() is contradicting itself, and a Chrome profile returning suspiciously round values (exactly 100%, charging, infinite time) looks synthetic.

The right move is not to invent battery values but to match the API surface to the browser you claim to be: expose it only where that browser version really does, and let the values reflect a plausible device. Patched browsers such as Camoufox keep these capability surfaces aligned with the reported identity, which is more robust than bolting a fake getBattery() onto a stock headless build.

Related terms

What Is Browser Fingerprinting?

Browser fingerprinting is a technique that identifies and tracks a visitor by combining dozens of small, observable characteristics of their…

What Is Fingerprint Lie Detection?

Fingerprint lie detection is the practice of verifying that the signals a browser reports are internally consistent and untampered, rather t…

What Is Anti-Bot Detection?

Anti-bot detection is the set of techniques websites use to tell automated traffic apart from real human visitors — and then block, challeng…

What Is Headless Browser Detection?

Headless browser detection is the set of probes anti-bot systems use to distinguish a headless or instrumented Chrome session from a real us…

What Is Sensor Fingerprinting?

Sensor fingerprinting identifies a mobile device from the minute calibration errors in its motion and environment sensors. Every acceleromet…

What Is Favicon Fingerprinting (Supercookies)?

Favicon fingerprinting (the "Supercookie" technique) abuses the browser's separate, long-lived favicon cache to store a persistent identifie…

What Is Riskified?

Riskified is a chargeback-guarantee platform for e-commerce checkout. A chargeback is the money a merchant loses when a customer disputes a …

Concept map

How Battery Status API Fingerprinting connects

The terms most directly tied to this one. Hover a node to see its neighbours, click to preview, drag to rearrange.

0 terms · 0 connections

You are here · Anti-Bot

Tools & solutions for this topic

Frequently asked questions

Is the Battery Status API still usable?

Firefox removed it entirely; Chromium keeps a restricted version behind a secure context (https) with coarser values. You should not rely on it, and its absence is itself a signal that anti-bot systems can read.

Was the battery a strong identifier?

Only briefly — it could link a visitor across a window of seconds, not permanently. Its lasting importance is as a cautionary tale about how a convenience API leaks entropy (identifying detail that narrows down who you are).

Does it matter for scraping today?

Marginally. It is a coherence and lie-detection input: a laptop UA with no battery, or a frozen full-charge value, adds a small amount to a bot score rather than triggering a block on its own.

Last updated: 2026-05-31