Verimatrix User Transaction Identifier (VUIT)

Verimatrix XTD’s analytics agent internally uses an application instance identifier (AIID) to identify a specific application instance running on a specific device. This unique identifier ensures that the same application, running on two different devices, appear as different app instances in the Verimatrix XTD ecosystem. The AIID is used in all Verimatrix XTD analytics operations to tie a variety of data together in the system, but it is not exposed to the protected application. The AIID is not exposed to make sure device specific information is leaked outside of the Verimatrix XTD ecosystem. As a result, the service provider cannot link the application instance to the user that is logged into their service via the application.

To provide the ability to connect an instance of a protected application to a real user, Verimatrix allows the service provider to optionally provision an application with a Verimatrix User Identity Tag (VUIT). The VUIT is generated and provisioned by the service provider themselves and is not related to the Verimatrix application instance identifier in any way.

The use of VUIT is currently optional and the system will continue to work as expected even if no VUIT is provisioned to the application instances. If the service provider chooses not to use VUIT, some functionality of APIs might be limited and/or unusable without a VUIT. In particular, this affects all APIs in which the service provider expects to be able to interact with and/or query information relating to a particular application instance.


What’s Next