All Vendors
deanon

Usergems

UserGems operates contact change tracking while deploying defeat devices, behavioral biometrics, session recording, cross-domain sync, consent bypass, and fingerprinting across customer websites. The platform identifies job changes while simultaneously enabling comprehensive visitor surveillance that extends beyond stated contact intelligence functionality.

17 IOCs105 detections2% pre-consent102 sites
90
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Usergems discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

105 detections across 102 sites2% pre-consent activity
MEDIUM

Pre-Consent Activity

Usergems was observed loading and executing before user consent was obtained on 2% of sites where it was detected.

GDPRePrivacy
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

pending

UNKNOWN
They Claim

Requires claims extraction via CDT

Observed Behavior

Defeat device, behavioral biometrics, session recording, cross-domain sync, consent bypass, and fingerprinting detected in runtime

Customer Impact

What This Means For You

Marketing teams lose attribution clarity when contact tracking distorts visitor behavior analysis. Analytics teams face measurement corruption from relationship intelligence layering. Legal teams inherit liability exposure when contact platform deploys comprehensive surveillance. Revenue operations teams subsidize competitor intelligence through shared contact monitoring infrastructure.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Usergems

  • Audit defeat device deployment within contact intelligence infrastructure
  • Review session recording scope in relationship tracking workflows
  • Verify cross-domain sync boundaries for contact continuity mechanisms
  • Require consent collection before UserGems surveillance initialization

If You're Evaluating Usergems

  • Contact tracking solutions without embedded visitor surveillance
  • Privacy-respecting relationship intelligence platforms
  • Self-hosted contact change monitoring eliminating cross-customer intelligence leakage

Negotiation Leverage

  • Challenge defeat device mechanisms within relationship intelligence platform
  • Require disclosure of all surveillance capabilities beyond contact tracking
  • Demand opt-out from cross-customer contact monitoring analysis
  • Request data processing agreement amendments addressing visitor surveillance through contact platform
  • Negotiate liability protection for comprehensive tracking deployed through relationship intelligence
Runtime Detections

Runtime Detections

8 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C01Defeat Device

Evasion infrastructure, auditor bypass

Impact: Detection evasion mechanisms obscure surveillance deployment within contact intelligence infrastructure.

BTI-C06Behavioral Biometrics

Keystroke/mouse tracking

Impact: Interaction patterns captured to profile visitor engagement with relationship-building content.

BTI-C07Session Recording

Full session replay

Impact: Website sessions captured in full fidelity to contextualize contact relationship history.

BTI-C08Cross-Domain Sync

Identity stitching

Impact: Contact tracking synchronized across organizational web properties and external relationship touchpoints.

BTI-C09Consent Bypass

Ignoring CMP signals

Impact: Visitor surveillance active before consent collection completes.

BTI-C10Fingerprinting

Device identification

Impact: Device characteristics harvested to maintain contact continuity across browsers and sessions.

BTI-C14Identity Resolution

PII deanonymization

BTI-C15Tag Manager

Container/loader (neutral)

IOC Manifest

IOC Manifest

8 INDICATORS

Indicators of compromise across 3 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

No indicators in this category

Ecosystem

Ecosystem & Supply Chain

UserGems integrates with CRM platforms and marketing automation systems, creates measurement interference through contact tracking layer, and establishes cross-customer monitoring channels observing relationship intelligence strategies.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

17 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details