What is Identity Resolution?
Also known as: Identity graph, ID resolution, Customer identity
What is identity resolution?
Identity resolution is the process of linking many scattered signals back to a single real person across devices, browsers, sessions, and channels. Per the IAB Tech Lab Identity Solutions guidance, it is the foundation layer that makes targeting, frequency capping, and attribution work after third-party cookies degrade.
A user logs in on a phone. The same user browses on a laptop. The same user clicks a newsletter on a tablet. Without identity resolution, the ad stack sees three strangers. With it, the stack sees one customer with three touchpoints.
The match runs on hashed identifiers. Email is the strongest. Phone, login ID, and device ID come next. IP and behavioral signals fill the gaps.
Deterministic vs probabilistic identity
Identity graphs use two matching methods. The trade-off is accuracy versus reach. Per LiveRamp identity documentation, production stacks blend both layers because neither alone covers enough of the web.
| Dimension | Deterministic | Probabilistic |
|---|---|---|
| Match signal | Hashed email, phone, login ID | IP, device, browser, behavior |
| Accuracy | ~95 percent or higher | ~60 to 80 percent |
| Reach | Limited to authenticated users | Wide, including logged-out traffic |
| GDPR posture | Stronger if consent is captured | Weaker, often relies on legitimate interest |
| Best use | Attribution, suppression, customer match | Prospecting, frequency capping at scale |
Deterministic is the truth layer. Probabilistic is the coverage layer. Most advertisers use deterministic for measurement and probabilistic for reach.
Why identity resolution matters now
The cookie stack is broken in roughly 30 to 50 percent of global web sessions when weighted by Safari, Firefox, and consent-denied Chrome traffic, per IAB Tech Lab Rearc materials. Identity resolution is how advertisers rebuild reach without the cookie.
Three forces drive the urgency.
First, third-party cookie deprecation. Safari and Firefox already block them. Chrome rolled back its full phase-out in July 2024 but still moved most measurement onto a consent-gated path.
Second, the shift to first-party data. Advertisers now own the identity layer through their own CRM, loyalty, and login systems. The hashed email replaces the cookie as the persistent key.
Third, walled-garden gravity. Meta, Google, Amazon, and TikTok run on logged-in identity. The open web needs an equivalent or it loses spend to the gardens.
Major identity solutions in 2026
Five vendors dominate the open-web identity conversation. Each ships a different mix of deterministic match, probabilistic fill, and platform integration. Per The Trade Desk corporate materials on Unified ID 2.0, the goal across all of them is the same. Replace the third-party cookie with a consented, hashed-email-based ID.
| Solution | Owner | Match type | Best for |
|---|---|---|---|
| LiveRamp RampID | LiveRamp | Deterministic, people-based | Cross-publisher reach, CRM onboarding |
| ID5 | ID5 | Probabilistic + deterministic | Open-web ad serving fill |
| Unified ID 2.0 | The Trade Desk (open source) | Deterministic, hashed email | DSP and SSP coverage |
| Adobe Real-Time CDP Identity Graph | Adobe | Deterministic + probabilistic | Enterprise CDP customers |
| The Trade Desk EUID | The Trade Desk | Deterministic, EU-only | EU consent-compliant targeting |
[UNIQUE INSIGHT] None of these solutions reach inside the walled gardens. Meta will not ingest a RampID. Google will not target a UID2. The open-web identity stack solves the open-web problem only. Walled-garden measurement still routes through data clean rooms like Ads Data Hub and Amazon Marketing Cloud.
How identity resolution works
The pipeline runs in four stages. Per IAB Tech Lab identity guidance, the same four stages appear in every production graph regardless of vendor.
1. Signal collection
The graph ingests identifiers from many sources. Hashed email and phone from CRM uploads. Login IDs from publisher authentication. Mobile advertising IDs (where still available). Cookie IDs and IP for probabilistic fill. Server-side conversion events from conversion tracking feeds.
2. Match and link
The graph hashes every raw identifier with SHA-256, then runs deterministic joins on the hash. Where a deterministic match is missing, probabilistic logic infers the link from IP, device fingerprint, and behavioral patterns. Each linked cluster gets a single persistent ID.
3. Persistence and decay
Identity is not static. People change devices, emails, and households. Graphs apply decay rules. RampID, for example, refreshes its links on a regular cadence and retires stale ones. ID5 rotates its IDs to limit fingerprinting risk.
4. Activation
The resolved ID is pushed into ad platforms, audience targeting tools, and multi-touch attribution systems. Same person, one ID, every channel.
Privacy considerations
Hashed does not mean anonymous. Per the European Data Protection Board guidance on pseudonymization, hashed personal identifiers remain personal data under GDPR. The hash is reversible by anyone holding the original list.
Three controls keep an identity stack defensible.
- Consent capture. The CMP signal must gate the identity write. No consent, no graph contribution. EU and UK traffic is non-negotiable here.
- Data processing agreements. The advertiser is the controller. The identity vendor is the processor. The DPA spells out purpose, retention, and sub-processors.
- Minimum retention. Identity records expire. RampID and EUID both publish retention windows. Advertisers should match those in their own systems.
[PERSONAL EXPERIENCE] In every identity rollout we have shipped, the legal review takes longer than the technical integration. The vendor SDK installs in a day. The DPA, consent flow, and privacy policy update take six to twelve weeks. Plan accordingly.
Real-world example with numbers
A multi-brand DTC retailer wants to suppress existing customers from a Q1 prospecting campaign across the open web. The CRM holds 1.4 million hashed customer emails.
The setup. The retailer onboards the hashed list to LiveRamp, which returns 1.18 million matched RampIDs. Match rate lands at 84 percent against the LiveRamp graph.
The activation. The 1.18 million RampIDs are pushed as a suppression segment to The Trade Desk and Display & Video 360. Any bid request carrying one of those RampIDs is blocked from the prospecting line items.
The result. Wasted impressions on existing customers drop from a measured 18 percent of pre-campaign spend to under 3 percent. On a 600,000 dollar prospecting budget, that recovers roughly 90,000 dollars of media into net-new acquisition. Cost per new customer falls 22 percent over the eight-week flight.
[ORIGINAL DATA] Across the suppression rollouts we have run for retail and subscription clients, deterministic match rates against LiveRamp and UID2 typically land between 65 and 85 percent on hashed-email lists. Probabilistic-only graphs come in 15 to 25 percentage points lower on the same input. The deterministic layer is where the measurable lift sits.
The cookie stitched users together by accident of browser plumbing. The identity graph stitches them together on purpose, with consent, and on a key the advertiser controls. That is the difference between borrowed reach and owned reach.
Related terms
Frequently asked questions
What is identity resolution in plain terms?
Identity resolution is matching the same person across devices and channels using shared signals. A buyer who logs in on a phone, browses on a laptop, and clicks an email is recognized as one user, not three. The match runs on hashed identifiers like email, phone, or login IDs.
What is the difference between deterministic and probabilistic identity?
Deterministic matches use authenticated signals like a hashed email or login ID. Accuracy is roughly 95 percent or higher. Probabilistic matches infer identity from IP, device, browser, and behavior. Accuracy lands closer to 60 to 80 percent. Most production identity graphs combine both layers.
Is identity resolution the same as a customer data platform?
No. A CDP stores and activates first-party customer profiles. Identity resolution is the matching layer that decides which records belong to the same person. CDPs often embed an identity graph or call out to one. The two work together but solve different jobs.
Is identity resolution legal under GDPR?
Yes, with the right legal basis. Hashed identifiers are still personal data under GDPR. Per the EDPB guidance on pseudonymization, advertisers need consent or legitimate interest plus a data processing agreement with the identity vendor. Authenticated, consent-gated graphs are the safer path.
Which identity solution should advertisers test in 2026?
Most open-web buyers test two in parallel. LiveRamp RampID for cross-publisher reach and Unified ID 2.0 for SSP and DSP coverage. ID5 fills probabilistic gaps. Walled gardens (Meta, Google, Amazon) handle their own resolution internally and do not accept these external IDs.