Inferensys

Glossary

User Entity Resolution

User entity resolution is the process of disambiguating and linking disparate data records that refer to the same real-world user across different data sources, devices, and channels to create a single golden record.
Data scientist building training data pipeline on laptop, data preprocessing visible, technical workspace.
IDENTITY GRAPH FUNDAMENTALS

What is User Entity Resolution?

The computational process of disambiguating and linking disparate data records to create a single, persistent golden record for each real-world user.

User Entity Resolution is the algorithmic process of identifying when multiple data records from different sources, devices, or channels refer to the same real-world individual and linking them into a single, unified profile. This technique resolves the fragmented digital identity created when a user browses anonymously on a laptop, logs in on a mobile app, and later makes a purchase via a call center, using both deterministic matching on personally identifiable information and probabilistic matching on behavioral signals.

The output is a persistent golden record within an identity graph, which serves as the foundational truth set for real-time personalization. By reconciling identifiers like hashed emails, device IDs, and loyalty numbers, the system eliminates duplicate profiles and provides a complete view of the customer journey. This unified identity is critical for accurate propensity scoring, cross-device identity resolution, and enforcing consistent frequency capping across marketing channels.

IDENTITY ARCHITECTURE

Key Characteristics of Entity Resolution Systems

The core technical capabilities that define a robust User Entity Resolution system, enabling the creation of a single, trusted golden record from fragmented data.

01

Deterministic vs. Probabilistic Matching

The two fundamental approaches to linking records. Deterministic matching uses a unique, persistent identifier (e.g., hashed email, phone number) to link records with 100% certainty. Probabilistic matching uses statistical models (e.g., Fellegi-Sunter) to calculate a likelihood score based on non-unique attributes like IP address, device type, and browser fingerprint.

  • Deterministic: High precision, low recall. Fails when identifiers change.
  • Probabilistic: High recall, requires careful threshold tuning to manage false positives.
  • Hybrid: Production systems typically combine both, using deterministic matches as anchors for probabilistic clustering.
02

Identity Graph Construction

The core data structure that stores resolved identities. An identity graph is a connected network of nodes (identifiers) and edges (match relationships). When two identifiers are matched, their subgraphs merge into a single cluster representing one user.

  • Persistent ID: A unique, system-generated user_id is assigned to each cluster.
  • Temporal Awareness: Edges must carry timestamps to handle identifier reuse (e.g., a phone number reassigned to a new person).
  • Graph Databases: Often powered by tools like Apache TinkerPop or Neo4j for efficient traversal and merging of complex, multi-hop relationships.
03

Match Rule Definition & Tuning

The logic that governs how records are compared. Match rules define which attributes to compare, the comparison functions (e.g., exact match, Levenshtein distance, phonetic encoding like Soundex), and the weight assigned to each.

  • Blocking Keys: A performance optimization that groups similar records (e.g., by ZIP code) to avoid an O(n²) comparison of all records.
  • Thresholds: A match score above an upper threshold creates an auto-merge; a score below a lower threshold creates a separate entity. Scores in between are routed to a clerical review queue for human adjudication.
04

Survivorship & Golden Record Synthesis

Once records are linked, the system must merge conflicting attribute values into a single 'best' version of the truth—the golden record. Survivorship rules dictate which source system's value wins for each attribute.

  • Recency: The most recently updated value survives.
  • Source Trust: A value from a CRM system may override one from a web form.
  • Frequency: The most commonly occurring value across all linked records wins.
  • Lineage: The golden record must retain an audit trail back to the source records that contributed to it for compliance and debugging.
05

Real-Time vs. Batch Resolution

The latency profile for identity resolution depends on the use case. Batch processing (e.g., nightly Hadoop/Spark jobs) is suitable for analytics and CRM hygiene. Real-time resolution is critical for in-session personalization and fraud detection.

  • Real-time APIs: A low-latency service that, on receiving a new event, instantly queries the identity graph to return a resolved user_id.
  • Lambda Architecture: A common pattern combining a speed layer (real-time stream processing with Apache Kafka/Flink) for immediate resolution and a batch layer for periodic graph recomputation and correction of streaming errors.
06

Privacy & Compliance Engineering

Entity resolution inherently creates a more complete—and therefore more sensitive—user profile. Architectures must embed privacy by design to comply with GDPR and CCPA.

  • Right to be Forgotten: The identity graph must support the hard deletion or dissociation of all identifiers for a user upon request, a complex operation in a merged cluster.
  • Data Minimization: Only attributes essential for matching should be ingested and stored.
  • Pseudonymization: The persistent user_id should be a non-reversible token, decoupled from the raw identifiers used for matching, stored in a separate, access-controlled vault.
IDENTITY RESOLUTION

Frequently Asked Questions

Clear, technical answers to the most common questions about disambiguating user identities across channels and devices to build a single source of truth.

User entity resolution is the computational process of identifying, linking, and merging disparate data records that refer to the same real-world individual across different data sources, devices, and channels to create a single, unified golden record. The process works by ingesting raw event streams from multiple touchpoints—such as a mobile app login, a website browse session, and an in-store point-of-sale transaction—and applying a combination of deterministic matching on hard identifiers like a hashed email or loyalty card number, and probabilistic matching on soft signals like IP address geolocation, device fingerprint, and behavioral patterns. Advanced implementations use graph-based clustering algorithms to resolve transitive relationships, where User A is linked to User B via a shared device, and User B is linked to User C via a shared credit card, ultimately collapsing all three into a single identity. The output is a persistent, cross-domain identifier that powers consistent personalization, attribution, and suppression across the entire marketing technology stack.

IDENTITY RESOLUTION METHODS

Deterministic vs. Probabilistic Matching

A technical comparison of the two primary approaches for linking disparate user records to create a unified golden profile in user entity resolution pipelines.

FeatureDeterministic MatchingProbabilistic MatchingHybrid Matching

Core Mechanism

Exact match on a unique, persistent identifier

Statistical likelihood scoring using multiple non-unique attributes

Combines deterministic rules with probabilistic scoring in a tiered logic

Match Certainty

100% (absolute certainty)

0-100% (confidence score)

Tiered: deterministic for high confidence, probabilistic for remainder

Typical Match Keys

Hashed email, phone number, government ID, loyalty card number

IP address, device fingerprint, browser type, OS, geolocation, behavioral patterns

Email/phone first, then device graph, IP, and behavioral signals

Handles Shared Devices

Handles Login/Logout Events

Resilience to PII Changes

False Positive Rate

Near 0%

2-15% depending on threshold tuning

0-5% with proper rule cascading

False Negative Rate

10-40% (misses cross-device and unauthenticated sessions)

5-20% (threshold-dependent)

3-10%

Latency Profile

< 5 ms (simple key lookup)

50-500 ms (model inference)

10-200 ms (rule evaluation + model fallback)

Privacy Compliance Complexity

Low (exact PII match is auditable)

High (requires differential privacy and consent management)

Moderate (PII tier is auditable; probabilistic tier needs governance)

Scalability at 100M+ Profiles

Linear (indexed key-value store)

O(n log n) with blocking; requires distributed graph computation

Linear for deterministic tier; probabilistic tier requires graph infrastructure

Common Algorithms

Hash join, exact string matching

Naive Bayes, Random Forest, Graph Neural Networks, Fellegi-Sunter

Rule engine + ML ensemble with confidence thresholds

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.