Executive Summary
FingerprintJS is a Chicago-based device fingerprinting platform ($77M Series C) that enables persistent visitor identification across web and mobile applications. While marketed for "fraud detection," the technology fundamentally enables cross-site identity resolution without user consent. Critical finding: FingerprintJS claims SOC2 Type II, GDPR, and CCPA compliance, yet 100% of their detections in our dataset occurred pre-consent, and their own website deploys 59 third-party vendors while disclosing only 4 subprocessors. The 14.75x vendor disclosure gap represents a material misrepresentation of data sharing practices.
Revenue Threat Profile
4 COLLAPSE VECTORSHow this vendor creates financial exposure. Each score (0-100) reflects observed runtime behavior and documented business practices.
CAC Subsidization
Device fingerprinting creates persistent identifiers that corrupt attribution by linking sessions across consent boundaries. Analytics built on fingerprinted visitors conflate genuine users with identified profiles, poisoning conversion data with pre-consent tracking.
Signal Corruption
Fingerprint data feeds into identity graphs that competitors and data brokers can access. Every fingerprinted visitor becomes a tradeable asset - their device signature, behavior patterns, and inferred intent flow to undisclosed third parties including Apollo.io, Clearbit, and HubSpot detected on fingerprint.com itself.
Legal Tail Risk
Device fingerprinting creates indelible tracking that cannot be cleared by users. Unlike cookies, fingerprints persist across browser resets, private mode, and device changes. This creates permanent attack surface where any breach of fingerprint data enables persistent tracking of affected users.
GTM Attack Surface
100% pre-consent tracking rate directly contradicts GDPR/CCPA compliance claims. The 4 disclosed vs 59 detected vendor gap violates GDPR Article 28 subprocessor disclosure requirements. Deploying fingerprinting while claiming privacy compliance creates regulatory liability for customers using FingerprintJS.