Guides
Talk to Us
Start typing to search…

Requirements for Generating Identifiers

To ensure consistency when using VUIT in the XTD ecosystem, there are some constraints and requirements on the VUIT value itself. Meeting these criteria is solely under the responsibility of the service provider. Verimatrix has no control of the generation or provisioning flows implemented in the application.

Entity Relationships

Under ideal conditions, the mapping between a VUIT and the application instance should be a one-to-one relationship. However, Verimatrix XTD also supports the case of mapping a single VUIT to many application instances.


The one-to-one mapping is the preferred solution and the service provider should strive to use this mode if possible. All operations using the VUIT will only affect a single application instance in this case.

When using the one-to-many relationship, the service provider is assigning a single VUIT to act as the identifier for a group of application instances. All operations using that VUIT will apply to all application instances that have been provisioned with it.

The use case where the application allows the customer to login with different usernames and the VUIT provisioned changes for each logged in user is currently not supported by Verimatrix XTD.

GDPR compliance

The service provider is fully responsible for generating the VUIT used when provisioning the identifier to the Verimatrix analytics agent. Care must be taken by the service provider to ensure that there is no sharing of Personal Identifiable Information (PII) from the service provider using VUIT.When generating the VUIT, the service provider must make sure there is no PII included, for example:

  • usernames
  • email addresses
  • names

In addition to ensuring no PII is included in the VUIT, service providers must also ensure there is no PII related information included or derivable from the generated VUIT.

A simple way to avoid leaking any information is to apply a forward hash to the input information being used.

Uniqueness

When generating a VUIT, service providers must also make sure it is unique. It should be considered to be unique across all applications of the service provider, which means that for ideal usage the VUIT must also include information that differentiates it across applications, for example, the package id of the application.

Properties that add uniqueness are:

  • Application package identifiers
  • Device models
  • Already globally unique subscriber identifiers

Using the above in conjunction with an appropriate and low collision forward hash function will provide a more unique identifier.

Updated 17 days ago

What’s Next