Browser fingerprinting is the form most people have heard of. But identification can also happen a layer down, at the operating system — and that is a distinct technique worth understanding.
What OS fingerprinting is
OS fingerprinting is identifying or characterising a device by traits that come from its operating system rather than its browser. The operating system shapes how a device presents itself on the network and to software, and those characteristics carry information — sometimes enough to tell which OS, version and configuration is in use, and to help distinguish one device from another.
Signals it uses
Several signals feed it. The most classic is the way a system builds network packets: different operating systems and versions construct connections with subtly different characteristics, which lets an observer guess the OS without any cooperation from the device — this is passive OS fingerprinting. Above the network, the OS contributes the user-agent string, the set of installed system fonts, screen and display metrics, time zone and language. None of these is secret; together they describe the platform.
How it differs from browser fingerprinting
Browser fingerprinting focuses on browser-specific traits — canvas and WebGL rendering, browser version, extensions. OS fingerprinting focuses on what the platform underneath reveals. They overlap, because a website sees both at once, but they are separate layers. Changing browsers changes the browser fingerprint; it does not change much of what the OS reveals.
Why it matters
OS fingerprinting matters in security and in tracking alike. Defensively, knowing the OS helps services tailor responses and spot anomalies. For tracking, OS traits are one more set of signals to combine with others. And it explains why "just switching browsers" does not make a device anonymous — the layer below the browser is still talking.
The takeaway
OS fingerprinting identifies a device by what its operating system reveals — from network-packet characteristics to fonts and display metrics. It is a separate layer from browser fingerprinting, which is why a full picture of device identity has to consider both.