Welcome to our blog series on decoding identity resolution. This is a nine part blog that offers an attempt at a friendly, comprehensive view of how to think about the concept of identity resolution as well as how to interpret the way it is represented in marketing and sales materials by different companies across the tech landscape. The other articles in the series can be found here:
Part Six: Digital Identity Resolution
Introduction
To further decode market talk about identity resolution, we’ll focus on digital identity.
Nowadays, most companies interact with customers using the internet via a website or a mobile app. These interactions produce “identifiers” which presume a tie between a device and the person using the device. Digital identifiers are a link between an application and a person.
A quick list of the types of ways digital identity is captured can be found in part one of this series.
Beyond the basic definitions, though, a big part of the digital identity story has to do with how business has developed around the practice of tracking people online without their knowledge or consent.
Change and risk in digital identity
While being online feels like a normal part of our everyday lives, in many ways the world is still adapting to this reality. The internet was set up with little to no rules, and companies used that fact to track every single thing people did online. Fundamentally, what's been created over the years is an elaborate hidden tracking mechanism that allows companies to track people’s behavior without their consent.
This allows companies to anonymously market to you — something that a lot of people find creepy, and understandably so.
An example of anonymous marketing goes something like this: Sharon loves ballet, and through tracking her online activity, the Pointe company finds out about her, even though she never consented to be tracked. They begin to flood her inbox with ads for their ballet shoes, and she sees ads for their products everywhere she goes online. Sound familiar?
The methods companies use to market to people anonymously aren’t borne out of malice, and are complex enough that companies didn’t necessarily realize what they were doing. By the time they did, the business model for e-commerce had come to depend on it. However, the more general the understanding of data privacy gets, the more legislation we are likely to see.
This is already in progress. Here's a quick timeline of key changes:
In 2018 the EU launched the General Data Protection Regulation (GDPR).
In 2020 California’s Consumer Privacy Act (CCPA) took effect.
In 2023 Google will deprecate the use of third-party cookies from Chrome, the most popular web browser on Earth.
Increasingly, signatures like IP Addresses are being treated as protected personally identifiable information.
As a result, third-party data providers are scrambling to figure out what to do. The deprecation of the third-party cookie alone has thrown a wrench into one of the most broadly adopted and profitable marketing models of the 21st century.
No matter how you slice it, it’s not going to get easier to buy and sell people’s data, so building a marketing strategy that requires third-party cookies to function is almost guaranteed to damage your brand’s reputation or just be downright illegal.
On the other hand, customers have become accustomed to seeing tailored marketing. They want customized experiences, as long as it’s not creepy. They feel more safe about it when they understand that it is at least tied to them logging in somewhere and identifying themselves first. The best way to adapt to this change in market perception is to focus on a first-party data strategy where people at least know how you know who they are.
Digital ID resolution tools
Unfortunately, the customer data space is messy and has a wide variety of tools that solve very different problems. While Amperity focuses on first-party data of any kind, many companies like Segment or Tealium market themselves as a Customer Data Platforms while at their core they are actually focused on digital identity (and please note that we think both of these companies offer high quality products but are functionally completely different from Amperity).
As a result, the general idea for a “person” in a tool focused on the online experience is actually more often referred to as a “visitor,” meaning a device that visits the site that we are presuming is linked to a person.
Eventually if the anonymous person identifies themselves, the device can develop a clear link to a specific person and the general problem shifts back into the PII story for identity resolution.
An easy way to think of it is like this:
You visit a website. The website tracks your “onsite” behavior by association with what network, device, etc. you visit from.
You visit that website again, but this time the company has customized your experience based on the “onsite” behaviors from your last visit.
Finally you decide to sign up for 10% off of your next purchase and enter your email address.
Digital ID resolution will look at the first two steps as anonymous. When the third step happens you transition from “anonymous” to “known” because now they can associate your site behavior with a specific piece of PII.
These strategies are entirely deterministic. The fact is that with PII you might be Kimberly one time, and Kim another and we can make intelligent guesses about that. For digital identity, a single character in an IP address being different means it represents an entirely different network.
As a result, most “intelligence” around digital identity actually comes from looking at similar behaviors on a website and creating categories of behavior to customize the site experience. This isn’t “identity resolution” per se, but it can be powerful in an increasingly online world.
Even though this tactic is robust, it’s not a substitute for PII-based identity resolution. A company should have both, and a comprehensive data management platform should have strong support for online and offline data.
Third-party digital identity resolution
Third-party digital identity resolution is provided by companies that farm and sell data. They place third-party trackers on websites or web apps and partner with anonymous ID mapping companies to build and maintain a massive data set of devices.
A company purchases these services and uses it to take anonymous data and market to people without knowing explicitly who they are. This can take many different forms.
Known to anonymous
Many third-party "onboarding" platforms offer services that map PII to digital IDs. This means you can use their digital identity spine to get a unique ID specific to their data, then use those IDs within the onboarding platform to contact customers via the channels and partners they support.
This means you can send an email address to the onboarder, then they check it against their graph of digital IDs. If there’s a match they provide tools to send mobile ad IDs to ad tech companies to serve ads to websites on your behalf.
Anonymous to known
Converting anonymous visitors to known people is massively desirable. Most companies know that the majority of people who visit their site do it anonymously, and being able to customize the experience for even a small share of those people could result in significantly higher conversion rates.
Unfortunately, there’s not a particularly ethical way to do this. Some services commonly referred to as “cookie farms” install tracking on as many apps as possible and encourage you to authenticate them by hiding deep in their terms of service something that gives them “permission” to sell your data for marketing purposes.
If a vendor is selling you that, beware. Ask as many questions as you can about where they get their data from and get your legal team involved — the last thing you want is to create accidental brand risk.
The most ethical version of anonymous to “known” is using MAIDs (Mobile Address IDs). MAIDs allow companies to behave as if they know a customer without necessarily knowing who they are. Ad tech platforms use this concept to help brands market to customers who haven’t yet disclosed any identifying information. In this scenario you may never tie an anonymous visitor to PII but you can still provide a customized experience.
Next up
Next up we will take a look at some of the most common ways companies use marketing and the complexity of the space to their advantage. Click here to advance to part seven!