Skip to content
Pricing
Log InStart Free TrialBook a Demo
Bots & Automation

WebDriver Detection

WebDriver detection is the identification of browsers controlled through the W3C WebDriver standard, the interface behind tools like Selenium. The classic signal is the navigator.webdriver property, though robust detection looks well beyond it.

How it works

How WebDriver Detection works

WebDriver is a standardized protocol for automating browsers, originally popularized by Selenium and now supported natively across major browser engines. When a browser is launched under WebDriver control, the specification requires it to set the navigator.webdriver property to true, which is the single most well-known automation signal on the web.

Because that flag is so obvious, attackers routinely patch or override it, so detection cannot stop there. Automated sessions launched through WebDriver often carry additional artifacts: specific properties injected by the driver, altered default window and permission states, missing or inconsistent browser features, and behavioral characteristics typical of scripted rather than human interaction.

Detection scripts therefore cross-reference many of these indicators. A session that reports navigator.webdriver as false but still exhibits driver-specific artifacts, contradictory capabilities, or non-human timing is treated as likely automated. The goal is resilience: no single check should be the whole basis for the verdict, since any single check can be individually defeated.

WebDriver and the Chrome DevTools Protocol are related but distinct control channels, and many toolchains use both. Detecting either strengthens confidence in an automation judgment, and combining their signals with fingerprint consistency and network reputation produces a verdict that is difficult to evade completely.

Why it matters

Why WebDriver Detection matters for fraud prevention

WebDriver-based automation underlies a broad range of bots, from account creation and form submission to testing-tool abuse and scraping. Detecting it catches attackers who have adopted standard automation stacks, and even the effort required to hide the navigator.webdriver flag can itself become a signal. As a widely deployed and standardized control channel, WebDriver is a reliable place to look for scripted traffic.

With TRACIO

How TRACIO handles it

TRACIO evaluates WebDriver-related artifacts as part of its automation assessment, treating the presence or the deliberate concealment of these markers as one input among many. Combined with fingerprint consistency checks and network intelligence, this lets the platform flag scripted sessions that have already tried to hide the obvious tells. The result is delivered as part of the identification and bot-detection response for immediate use.

FAQ

Frequently asked questions

Identify every device with confidence

Start with a free plan of 2,500 API calls per month. No credit card required.