An identity graph is a data structure that algorithmically maps disparate identifiers—such as email addresses, device IDs, usernames, and offline keys—to a single, persistent master profile. It serves as the central nervous system for identity resolution, connecting anonymous and known interactions across channels to create a unified view of an individual entity.
Glossary
Identity Graph

What is an Identity Graph?
An identity graph is the foundational data structure for resolving fragmented user interactions into a single, actionable profile.
The graph operates by ingesting deterministic matches (e.g., a login event) and probabilistic signals (e.g., device fingerprinting) to establish edges between nodes. This persistent linkage enables real-time personalization and accurate attribution, allowing a Customer Data Platform (CDP) to activate consistent experiences regardless of the touchpoint.
Key Features of an Identity Graph
An identity graph is not a monolithic database but a sophisticated pipeline of interconnected services. These core features define its ability to resolve anonymous digital signals into actionable, persistent customer profiles.
Deterministic & Probabilistic Matching
The dual-engine core of identity resolution. Deterministic matching links records using absolute, verified common identifiers (e.g., a hashed email or account ID). Probabilistic matching uses statistical models to infer identity links based on patterns in non-unique attributes like IP addresses, device types, and browsing times. A robust graph orchestrates both, applying deterministic logic first for precision, then probabilistic models to expand reach, often using a confidence threshold to control match quality.
Temporal Identity Stitching
The ability to map an identity over time, handling state changes gracefully. This includes:
- Merging: Combining two profiles when a new link is discovered (e.g., a user logs in on a previously anonymous device).
- Splitting: Separating profiles if a shared device (like a family tablet) is later attributed to distinct individuals.
- Decay: Downgrading the confidence of old probabilistic links that haven't been reinforced by recent activity.
Privacy-Compliant Linkage
A foundational architectural requirement, not an afterthought. The graph must enforce consent boundaries, ensuring that identifiers from users who have opted out of tracking are not linked. This involves integrating with a Consent Management Platform (CMP) to ingest user preference signals and applying them as strict rules within the matching logic. The graph must also support data subject access requests (DSARs) by quickly retrieving all data associated with a single identity.
Real-Time Resolution API
The graph's value is realized through a low-latency API. When a user visits a site, the system must ingest a live stream of identifiers (cookie, device fingerprint, login event) and return the resolved persistent ID in milliseconds. This allows a Decisioning Engine to immediately personalize the experience for a known or newly recognized user, rather than treating them as anonymous.
Graph Database Architecture
Unlike relational databases, identity graphs are best stored in a native graph database. This model treats identifiers as nodes and the relationships between them as edges, with properties like match type and confidence score stored on the edge. This structure is exponentially more efficient for traversing complex, multi-hop identity chains (e.g., Device A -> Email B -> Account C) than performing recursive SQL joins.
Frequently Asked Questions
Explore the core mechanics, privacy implications, and architectural patterns behind the identity graph, the foundational data structure enabling unified customer views and cross-channel personalization.
An identity graph is a data structure that maps all known identifiers for an individual—such as email addresses, device IDs, usernames, and offline customer keys—to a single, persistent master profile. It functions by ingesting disparate data signals from online and offline touchpoints and applying deterministic matching (exact matches on hashed emails or login credentials) and probabilistic matching (statistical inference using IP addresses, browser fingerprints, and behavioral patterns) to link these identifiers. The output is a unified node representing a person, connected via edges to their various pseudonymous identifiers. This graph serves as the backbone for real-time personalization and frequency capping, ensuring that a user recognized on a mobile device is treated as the same entity when they later switch to a desktop browser, preventing disjointed experiences and redundant marketing messages.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Deterministic vs. Probabilistic Matching
A comparison of the two primary approaches to linking disparate identifiers to a unified customer profile within an identity graph.
| Feature | Deterministic Matching | Probabilistic Matching |
|---|---|---|
Core Mechanism | Exact match on a known, persistent identifier | Statistical inference based on multiple weak signals |
Data Input | Hashed email, phone number, username, loyalty ID | IP address, device fingerprint, browser version, OS, location |
Match Accuracy |
| 70-95% |
Latency | < 50 ms | 100-500 ms |
Cross-Device Resolution | ||
Requires User Authentication | ||
Privacy Compliance Burden | Lower (explicit consent tied to PII) | Higher (requires legitimate interest assessment) |
Match Persistence | Permanent (until identifier changes) | Decaying (confidence score degrades over time) |
Related Terms
The identity graph is the foundational data structure for personalization. These related concepts define how the graph is built, maintained, and activated.
Fingerprinting
A probabilistic device identification technique that creates a unique hash from dozens of passive browser attributes (OS, fonts, screen resolution, WebGL). It serves as a persistent identifier when cookies are blocked.
- Use Case: Anonymous visitor stitching before authentication.
- Risk: High entropy fingerprints can be unstable; minor browser updates break the ID.
- Privacy: Increasingly restricted by browsers (e.g., Safari's ITP) and regulations.
Sessionization
The temporal grouping logic that defines the boundaries of a visit. It transforms raw event streams into coherent sessions, linking pageviews to a specific anonymous or known profile within the graph.
- Standard: A 30-minute inactivity timeout defines a session end.
- Complexity: Midnight rollovers and campaign attribution windows require custom rules.
- Impact: Incorrect sessionization corrupts frequency counts and behavioral sequences.
First-Party Data
The primary fuel for the identity graph. This is information collected directly with user consent through owned channels—website interactions, CRM records, and purchase history.
- Advantage: Highest accuracy and compliance durability.
- Contrast: Zero-party data (explicit preferences) vs. third-party data (aggregated, often deprecated).
- Graph Role: Provides the deterministic anchors (email, phone) for identity resolution.
Consent Management
The technical framework governing the legal perimeter of the identity graph. It captures, stores, and signals user consent preferences (opt-in/opt-out) to ensure compliance with GDPR and CCPA.
- Integration: Must feed suppression signals into the graph to prevent stitching of opted-out users.
- IAB TCF: Standard protocol for communicating consent strings in programmatic advertising.
- Risk: Non-compliance breaks the graph's legality and exposes the organization to fines.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us