Identity resolution
When events arrive in Data Activation from your websites or applications, the system needs to decide whether to create a new customer profile or attach the event to an existing one. Deciding which profile to update with the event data is called identity resolution.
The goal is to keep all activity from the same person under a single profile, even if they use multiple devices or browsers.
Identifier types
Identity resolution in Data Activation is based on two identifiers from events:
cookie_id
cookie_id- Identifies the device or browser where the event originated.
- It is collected automatically by the SDKs.
- Its value is influenced by privacy settings such as session hash or visitor cookies.
user_id
user_id- Identifies the actual person performing the activity.
- Its value must be provided by you at sign-in, sign-up, or whenever a visitor's real identity becomes known.
- Should uniquely represent one individual (examples: internal account number, email address, phone number).
- Enables Data Activation to connect activity across devices and sessions to the same person.
You can learn more about user_id and how to set it up in this guide.
Warning
Data Activation does not validate or filter out identifier values.
Don't send empty values ("",0,null,undefined), as this may incorrectly merge unrelated profiles.
How identity resolution works
When Data Activation receives an event, the system examines the identifiers in it and decides what to do:
- If none of the identifiers have been seen before, it creates a new profile and attaches the event to it.
- If at least one identifier is known, and it matches an existing profile, the event is added to that profile. Any new identifiers from the event are also saved in the profile, so future events can be matched correctly.
- If the event contains identifiers linked to separate profiles, Data Activation assumes they belong to the same person. It merges the profiles into one, keeps the oldest profile as the base, and combines all identifiers and event history. The new event is then attached to this unified profile.
In short, Data Activation merges profiles whenever they share at least one identifier.
Example: cross-device identity resolution
- Alice visits your website on her smartphone for the very first time. Events from this session include
cookie_id = A. Since Data Activation has never seen this identifier before, it creates a new profile withcookie_id = Aand records Alice's first visit.
| Event | Updated profiles | |
|---|---|---|
|
Event 1
cookie_id: A
url: 1
|
→ |
Profile
cookie_id: A
urls: 1
|
- Alice creates an account while still using her smartphone. Events now contain both
cookie_id = Aanduser_id = 0123. Because Data Activation already knowscookie_id = A, the newuser_id = 0123is added to the same profile. All post-signup activity is recorded under this enriched profile.
| Event | Updated profiles | |
|---|---|---|
|
Event 2
cookie_id: A
user_id: 0123
url: 2
|
→ |
Profile
cookie_id: A
user_id: 0123
urls: 1, 2
|
- A few days later, Alice returns to your website, but this time from her laptop. Events from the laptop include
cookie_id = B. Since Data Activation has not seen this identifier before, it creates a separate profile based only on her laptop activity.
| Event | Updated profiles | |
|---|---|---|
|
Event 3
cookie_id: B
url: 3
|
→ |
Profile
cookie_id: A
user_id: 0123
urls: 1, 2
Profile
cookie_id: B
urls: 3
|
- Alice signs in on the laptop using her account. Events now include both
cookie_id = Banduser_id = 0123. Data Activation sees thatcookie_id = Bbelongs to one profile anduser_id = 0123belongs to another. Because these identifiers represent the same person, Data Activation merges the two profiles into one unified profile. The merged profile now contains all identifiers:cookie_id = Aandcookie_id = B, oneuser_id = 0123, and a combined visits history.
| Event | Updated profiles | |
|---|---|---|
|
Event 4
cookie_id: B
user_id: 0123
url: 4
|
→ |
Profile
cookie_id: A, B
user_id: 0123
urls: 1, 2, 3, 4
|
Profile merging
When profiles get merged, the resulting profile contains all identifiers from the merged profiles. Attribute values follow attribute aggregation rules:
- String attribute with aggregation "list" will contain all seen values, in chronological order.
- String attribute with aggregation "first" will contain the first value ever seen.
- Number attribute with aggregation "sum" will store the sum of all values from both profiles.
Common challenges and configuration tips
Identity resolution works well in most cases, but there are situations where profiles may not reflect reality. Below are the most common challenges and the configuration options you can use to handle them.
Device sharing
Sometimes, the same device is used by more than one person. For example, a family might share a home computer. In this case, events from different people can end up in the same profile because they all share the same cookie_id.
If the users sign in with separate accounts, we can detect it and block activations that would accidentally expose one person's browsing history to another. This option can be enabled in the activation settings.
If you want to split the activity from a shared device into different profiles, you can change the tracking setup in one of two ways:
- Reset
cookie_idon sign-out: Each time a user signs out, a newcookie_idis generated. This way, any activity that happens after the sign-out is attributed to a new profile. Be aware that if a person forgets to sign-out, their activity and the next person's activity will still be recorded in the same profile due to commoncookie_id. - Reset
cookie_idon sign-in: Each time a user signs in, a newcookie_idis generated. This attributes actions from before sign-in to the previously signed-in user. Keep in mind that the activity before the first sign-in on a device will be stored under a separate profile.
Account sharing
In some cases, multiple people share the same account. Because they all use the same user_id, their activity is grouped into a single profile. If you want to separate their activity, you need to adjust the user_id setup:
- Set
user_idto a value that uniquely identifies each person on a shared account - for instance, a profile name. - If having profiles per device (instead of per account) is enough for your use case, you can skip tracking
user_idand rely only on justcookie_id.
Another situation to consider is when customer support staff act on behalf of customers while signed in to their accounts. The events they generate may merge customer profiles because of a shared cookie_id from the support agent's browser. To prevent this, use dedicated support accounts or exclude support traffic from tracking.
Intranet traffic
When session hash is enabled, the client's cookie_id may be replaced with a previously seen cookie_id if events share the same IP address and user agent. On internal networks (like offices or school campuses), many computers often use the same public IP and browser setup. This can cause events from different people to be merged into one profile. If that happens, you can fix it by disabling session hash.
Limits
Profiles that accumulate more than 1,000 identifiers are treated as corrupted and are automatically deleted. Any incoming events that would have updated a deleted profile instead create a new profile and attach their data there.
Updated 5 days ago