Completions

Architecture swarm · Customer graph agent · Identity-resolution deterministic + probabilistic skill · Build pillar · Published June 29, 2026

How to build deterministic + probabilistic hybrid identity resolution

Apple App Tracking Transparency landed in iOS 14.5 on April 26, 2021, collapsing deterministic device identity for the majority of mobile audiences overnight. Google announced repeated extensions of Chrome third-party cookie deprecation and in July 2024 pivoted to a Privacy Sandbox user-choice model. Safari Intelligent Tracking Prevention and Firefox Enhanced Tracking Protection had already removed third-party-cookie carryover. Direct-to-consumer ecommerce stacks now run on a fractured identity surface — deterministic (hashed email + phone + loyalty + customer + account + device ID), probabilistic (IP + device fingerprint + browser fingerprint + cohort), and post-cookie (LiveRamp RampID + UID2.0 + ID5 + Yahoo ConnectID + ATS + Privacy Sandbox APIs). The Match + Stitch + Gate + Decay skill bundle on the customer-graph agent sits above your existing identity vendors + CDPs + consent platforms and writes a confidence-weighted hybrid record with named regulatory citations preserved in every audit record.

Start with a Tier 1 AI Readiness AssessmentTier 3 Fractional CMO with AI SwarmTake the 3-question quiz

The 4-skill bundle on the customer-graph agent

Match

Three coordinated identifier attempts. Deterministic — hashed email SHA-256 + hashed phone SHA-256 in E.164 + loyalty ID + customer ID + account ID + device ID where consent is logged + CRM merge key + LiveRamp RampID + UID2.0. Probabilistic — IP + device fingerprint (Canvas + WebGL + AudioContext + FontList + Hardware-concurrency) + browser fingerprint + cookie graph + Tapad / Throtle / ID5 / Yahoo ConnectID / Drawbridge probabilistic + fuzzy name-address. Post-cookie — LiveRamp ATS Authenticated Traffic Solution + Google Privacy Sandbox Topics API + Protected Audience API (FLEDGE) + Attribution Reporting API + FedCM + CHIPS partitioned-state cookies + server-side tagging + Meta Conversions API + Google Enhanced Conversions + Microsoft UET Enhanced Conversions.

Stitch

Deterministic-first attempts before probabilistic fallback. On overlap, consensus via confidence-weighted merge. On conflict, LLM-augmented tie-breakers (OpenAI + Anthropic under per-vendor zero-retention) flag for operator review rather than auto- resolve. Cross-store identity isolation respects per-store and per-franchisee territory boundaries under FDD Item 12 when applicable. B2B identity layer (firmographic + LinkedIn Sales Navigator + Demandbase + 6sense + Terminus + RollWorks + IP- to-company). Stitch writes confidence tier + resolution trace + per-vendor source contribution + consent state into Audit.

Gate

Five anchors before publish: Apple ATT iOS 14.5 + App Store Review Guideline 5.1.2 + Google Chrome third-party cookie deprecation + Google Privacy Sandbox (Topics + Protected Audience + Attribution Reporting + FedCM + CHIPS) + Safari ITP + Firefox ETP; FTC v X-Mode Outlogic January 2024 + FTC v Mobilewalla December 2024 + FTC v Kochava + Massachusetts AG v Copley Advertising April 2017; CCPA + CPRA + 17-state comprehensive privacy + WA My Health My Data Act 2024 + Texas SCOPE Act 2024 + GDPR Article 5/6/7/9/21/22/25/32/33/34/35 + Recital 47/71 + COPPA 15 USC 6501; TCPA + FCC 24-18 March 2024 + 14-state two-party-consent + state mini-TCPAs + 10DLC + CTIA Messaging Principles; EU AI Act Article 22 + 26 + 50 + NIST AI RMF + ISO 42001 + per-vendor LLM zero-retention. Per-consent propagation through OneTrust / Cookiebot / Usercentrics / Didomi / Sourcepoint; per-DSAR + per-right-to-erasure wired through.

Decay

Per-vendor TTL: cookie 30 days; IP 7 days; device fingerprint 14 days; LiveRamp RampID 90 days; UID2.0 30 days; ID5 90 days; Yahoo ConnectID 30 days. TTL expiry triggers re-resolution. Match-rate tracking per-vendor + per-source + per-channel + per- deterministic vs probabilistic vs hybrid + rolling 30/90/365 day + Mann-Kendall trend test + per-Google-algorithm-update correlation. Per-resolution WORM record + sibling-handoff pointer + retention stacks: 7-year FTC + GDPR Article 30 + CCPA 12-month look-back + SOC 2 CC7/CC8 + state-data-broker- registry retention. End-to-end replay rewinds every stage with confidence tier and explainability.

The real vendor ecosystem this sits above

Identity vendors + CDPs

LiveRamp (RampID + ATS Authenticated Traffic Solution), The Trade Desk (UID2.0), ID5, Yahoo ConnectID, Acxiom, Throtle, Tapad (Experian), Neustar (TransUnion), Merkle, FullContact, Pipl, Drawbridge (LinkedIn). Adobe Real-Time CDP, Treasure Data, Tealium AudienceStream, Salesforce Customer 360, mParticle, Segment / Twilio Segment, RudderStack, Hightouch, Census surface those graphs in a CDP and propagate to activation channels.

Consent + Privacy Sandbox + server-side

OneTrust, Cookiebot, Usercentrics, Didomi, Sourcepoint, Quantcast Choice consent platforms. Google Privacy Sandbox APIs (Topics + Protected Audience FLEDGE + Attribution Reporting + FedCM + CHIPS). Server-side tagging via Google Tag Manager server container + Meta Conversions API + Google Enhanced Conversions + Microsoft UET Enhanced Conversions + Snapchat CAPI + TikTok Events API + Pinterest Conversions API + LinkedIn Conversions API.

LLM tie-breaker + policy-as-code + WORM

OpenAI + Anthropic LLM tie-breakers under per-vendor zero- retention. OPA Rego + AWS Cedar + Casbin + Cerbos + Oso + Styra DAS + Permit.io policy-as-code expresses Gate rules including Apple ATT enforcement, Privacy Sandbox API constraints, FTC location-data precedent, CCPA / CPRA / GDPR consent propagation, TCPA two-party-consent state map. AWS S3 Object Lock + Azure Blob immutable + Google Cloud Storage Bucket Lock + Wasabi compliance WORM holds the per-resolution audit substrate.

The 6-workstream reporting cycle

Numeric uplift commitments are not made up-front. The engagement ships a pre-engagement baseline across six workstreams; the cycle tracks delta against that baseline. Reporting is the substrate, not the promise.

  1. Match coverage. Deterministic + probabilistic + post-cookie attempt coverage; per-vendor source contribution; authenticated-traffic share; per-channel hash discipline (SHA-256 + E.164).
  2. Stitch quality. Confidence-weighted hybrid record distribution; deterministic-probabilistic agreement rate; LLM tie-breaker escalation rate; cross-store boundary respect; B2B firmographic enrichment hit rate.
  3. Gate quality. Per-anchor evaluation completeness (Apple ATT + Google Privacy Sandbox + ITP / ETP + FTC location- data precedent + CCPA / CPRA / 17-state + GDPR + COPPA + TCPA + EU AI Act); per-anchor pass / fail / route-to-counsel distribution; per-DSAR fulfillment turnaround; per-right-to- erasure suppression latency.
  4. Decay quality. Per-vendor TTL adherence; re- resolution trigger latency; stitch-degradation curve vs portfolio baseline; match-rate Mann-Kendall trend across rolling 30 / 90 / 365 day windows; per-Google-algorithm-update correlation detection.
  5. Compliance posture. Apple ATT enforcement coverage; Google Privacy Sandbox API readiness; FTC location- data precedent exposure check; CCPA / CPRA / 17-state coverage; GDPR Article 35 DPIA coverage; TCPA two-party-consent state map coverage; EU AI Act Article 50 disclosure when LLM tie-breakers are used.
  6. Audit-trail completeness. Per-resolution WORM record completeness; per-anchor regulatory citation completeness; sibling-handoff pointer completeness into the customer-graph bundle (identity-resolution-software + behavioral-signal ingestion + customer-data orchestration + customer-journey tracking + cross-touchpoint identity resolution sibling on the walk-in / phone attribution agent); retention-window coverage.

Frequently asked questions

What is deterministic + probabilistic hybrid identity resolution — and why is it the standing problem for direct-to-consumer ecommerce after April 2021?

Apple App Tracking Transparency landed in iOS 14.5 on April 26, 2021, requiring explicit user opt-in to IDFA access and collapsing deterministic device identity for the majority of mobile audiences overnight. Google announced repeated extensions of Chrome third-party cookie deprecation and in July 2024 pivoted to a Privacy Sandbox user-choice model. Safari Intelligent Tracking Prevention and Firefox Enhanced Tracking Protection had already removed third-party-cookie carryover. Direct-to-consumer ecommerce stacks now run on a fractured identity surface: deterministic identifiers (hashed email + hashed phone + loyalty ID + customer ID + account ID) where the user has authenticated, probabilistic identifiers (IP, device fingerprint, browser fingerprint, cohort signal) where they have not, and post-cookie identifiers (LiveRamp RampID, The Trade Desk UID2.0, ID5 Universal ID, Yahoo ConnectID, LiveRamp ATS Authenticated Traffic Solution, Google Privacy Sandbox Topics API + Protected Audience API + Attribution Reporting API + FedCM + CHIPS) where consent is logged. The four-skill bundle on the customer-graph agent — Match, Stitch, Gate, Decay — sits above the identity-vendor surface and produces a hybrid identity graph with named privacy-regulation citations preserved in the audit trail at every resolution.

Why do LiveRamp + The Trade Desk UID2.0 + ID5 + Yahoo ConnectID + Acxiom + Adobe Real-Time CDP + Tealium + Salesforce Customer 360 + mParticle break at multi-store DTC scale?

LiveRamp (RampID), The Trade Desk (UID2.0), ID5, Yahoo ConnectID, LiveRamp ATS, Acxiom (now part of IPG / LiveRamp), Throtle, Tapad (Experian), Neustar (TransUnion), Merkle, FullContact, Pipl, and Drawbridge ship per-tenant identity-graph primitives — each owns its own ID space, its own match-rate dynamics, its own decay curve, and its own consent assumptions. Adobe Real-Time CDP, Treasure Data, Tealium, Salesforce Customer 360, mParticle, Segment / Twilio Segment, RudderStack, Hightouch, and Census surface those graphs in a CDP but do not arbitrate between deterministic and probabilistic matches, do not enforce Apple ATT or Google Privacy Sandbox constraints at runtime, do not produce a confidence-weighted hybrid record, and do not decay individual identifiers on per-vendor TTL. OneTrust, Cookiebot, Usercentrics, Didomi, and Sourcepoint capture consent but do not propagate consent state through every downstream stitch decision. The four-skill bundle Match + Stitch + Gate + Decay sits above the vendor surface — it does not replace it. Match attempts deterministic first, probabilistic on miss, post-cookie ID where consent is logged. Stitch produces a confidence-weighted hybrid record with the resolution trace. Gate enforces Apple ATT + Google Privacy Sandbox + Safari ITP + Firefox ETP + CCPA + CPRA + GDPR + WA My Health My Data Act + Texas SCOPE Act + COPPA + TCPA + FTC location-data precedent + EU AI Act Article 50 before any stitched record is written. Decay applies per-vendor TTL and triggers re-resolution.

What does Match do — and how do deterministic, probabilistic, and post-cookie identifiers feed the resolution attempt?

Match runs three coordinated identifier attempts. Deterministic: hashed-email SHA-256 + hashed-phone SHA-256 in E.164 + loyalty ID + customer ID + account ID + device ID (IDFA / AAID where consent is logged) + CRM merge key + LiveRamp RampID deterministic match + UID2.0 deterministic match where the user has authenticated. Probabilistic: IP-address match + device fingerprint (Canvas + WebGL + AudioContext + FontList + Hardware-concurrency) + browser fingerprint + cookie graph + Tapad and Throtle probabilistic match + ID5 probabilistic match + Yahoo ConnectID probabilistic match + Drawbridge / LinkedIn employee cross-device match + fuzzy name-address match. Post-cookie: LiveRamp ATS Authenticated Traffic Solution + Google Privacy Sandbox Topics API for cohort signal + Google Privacy Sandbox Protected Audience API (FLEDGE) for on-device audience matching + Google Privacy Sandbox Attribution Reporting API + Google FedCM federated credential management + CHIPS partitioned-state cookies + server-side tagging via GTM server container + Meta Conversions API + Google Enhanced Conversions + Microsoft UET Enhanced Conversions. Every Match attempt writes a per-attempt confidence tier and routes the candidate set into Stitch.

What does Stitch do — confidence-weighted hybrid resolution + cross-store identity isolation + B2B identity?

Stitch arbitrates between deterministic, probabilistic, and post-cookie candidates. Deterministic-first attempts run before probabilistic fallback. On overlap between deterministic and probabilistic candidates, consensus is computed via confidence-weighted merge. Where deterministic and probabilistic disagree, LLM-augmented tie-breakers (OpenAI + Anthropic under per-vendor zero-retention) flag the conflict for operator review rather than auto-resolving. Cross-store identity isolation runs per-store identity boundary + cross-store shared-customer detection + cross-store confidence scoring + cross-store LTV aggregation + cross-store journey aggregation, with per-franchisee territory boundaries respected under FDD Item 12 territorial-rights requirements when the operator is a franchise system. B2B identity resolution runs firmographic enrichment (Clearbit, ZoomInfo, Apollo, Cognism, Lusha, RocketReach, 6sense) + LinkedIn Sales Navigator identity + account-based-marketing identity (Demandbase, 6sense, Terminus, RollWorks) + IP-to-company resolution (Demandbase, Bombora, Madison Logic) + cross-device employee identity resolution + cross-company household resolution. Every Stitch decision writes the confidence tier, the resolution trace, the per-vendor source contribution, and the consent state into Audit.

What does Gate do — Apple ATT + Google Privacy Sandbox + FTC location-data + CCPA / CPRA / GDPR / TCPA + EU AI Act?

Gate evaluates five operationally distinctive regulatory anchors before any stitched record is written. Anchor 1 (the most operationally distinctive): Apple App Tracking Transparency iOS 14.5 (April 26, 2021) + App Store Review Guideline 5.1.2 + IDFA opt-in enforcement at runtime; Google Chrome third-party cookie deprecation pivot to Privacy Sandbox user-choice model (July 2024); Google Privacy Sandbox APIs (Topics API + Protected Audience API FLEDGE + Attribution Reporting API + FedCM Federated Credential Management + CHIPS Cookie Having Independent Partitioned State); Safari Intelligent Tracking Prevention; Firefox Enhanced Tracking Protection. Anchor 2: FTC location-data and identity-graph enforcement precedent — FTC v X-Mode Social / Outlogic consent order (January 2024) + FTC v Mobilewalla consent order (December 2024) + FTC v Kochava + Massachusetts Attorney General v Copley Advertising (April 2017) precluding precise-location targeting tied to sensitive categories. Anchor 3: CCPA + CPRA + 17-state comprehensive-privacy (Virginia VCDPA + Colorado CPA + Connecticut CTDPA + Utah UCPA + Texas TDPSA + Florida FDBR + Oregon OCPA + Montana CDPA + Iowa ICDPA + Indiana INCDPA + Tennessee TIPA + Delaware DPDPA + New Hampshire NHPA + New Jersey NJDPA + Maryland MODPA + Minnesota MCDPA + Rhode Island RIDPPA) + Washington My Health My Data Act 2024 + Texas SCOPE Act 2024 + GDPR Article 5 lawful basis + Article 6 + Article 7 consent + Article 9 special category + Article 21 right to object + Article 22 automated decisions + Article 25 privacy by design + Article 32 security + Article 33 / 34 breach notification + Article 35 DPIA + Recital 47 legitimate interest + Recital 71 profiling; LGPD; DPDP; PIPEDA; CASL; COPPA 15 USC 6501. Anchor 4: TCPA + Federal Communications Commission Declaratory Ruling FCC 24-18 (March 2024) when stitched identity routes outbound calls + 14-state two-party-consent + state mini-TCPAs + 10DLC Campaign Registry + CTIA Messaging Principles when stitched identity routes SMS. Anchor 5: EU AI Act Article 22 transparency of automated decisions + Article 26 deployer obligations + Article 50 transparency for AI-generated content when LLM tie-breakers are used; NIST AI Risk Management Framework; ISO 42001 AI Management System; per-vendor LLM zero-retention verified per call. Per-consent-state propagation runs through OneTrust / Cookiebot / Usercentrics / Didomi / Sourcepoint consent platforms; per-DSAR data-subject-access-request fulfillment and per-right-to-erasure fulfillment are wired into Audit so stitched records carrying a withdrawn consent are immediately suppressed downstream.

What does Decay do — per-vendor TTL + re-resolution + WORM audit + end-to-end replay?

Decay applies the per-vendor TTL across the identity graph. Cookie decay 30 days; IP decay 7 days; device fingerprint decay 14 days; LiveRamp RampID decay 90 days; UID2.0 decay 30 days; ID5 decay 90 days; Yahoo ConnectID decay 30 days; per-vendor TTL refresh contract honored per call. Decay triggers re-resolution on TTL expiry and tracks degradation against a portfolio baseline. Match-rate tracking runs per-vendor + per-source + per-channel + per-deterministic-vs-probabilistic-vs-hybrid + rolling 30 / 90 / 365 day + Mann-Kendall trend test + per-Google-algorithm-update-correlation. Audit writes a per-resolution WORM record: per-resolution ID + per-customer pointer + per-store pointer + per-attempt set (deterministic + probabilistic + post-cookie) + Stitch decision + confidence tier + resolution trace + per-anchor Gate decision with evidence + consent state + per-vendor TTL state + LLM tie-breaker snapshot (per-vendor + per-model + per-temperature + per-zero-retention verification) + sibling-handoff pointers. Storage on AWS S3 Object Lock + Azure Blob immutable + Google Cloud Storage Bucket Lock + Wasabi compliance WORM. Retention stacks: 7-year FTC substantiation + GDPR Article 30 records of processing + CCPA 12-month look-back + SOC 2 CC7 / CC8 + state-data-broker-registry retention. End-to-end replay rewinds Match attempts + Stitch decision + Gate evaluation + consent state + per-vendor TTL state with confidence tier and explainability at every stage.

Engage Completions on the customer-graph bundle

The Match + Stitch + Gate + Decay four-skill bundle ships as the orchestration layer above your existing identity vendors, CDP, consent platform, server-side tagging surface, and Privacy Sandbox wiring. Apple ATT + Google Privacy Sandbox + FTC location-data precedent + CCPA / CPRA / 17-state + GDPR + TCPA + EU AI Act anchors are preserved in every per-resolution audit record. Tier 1 AI Readiness Assessment scopes the bundle in two to three weeks; Tier 3 Fractional CMO with AI Swarm operates the bundle end-to-end.

Tier 1 AI Readiness AssessmentTier 3 Fractional CMO with AI SwarmTake the 3-question quiz

Related reading