Skip to main content

AI Customer Profile & Identity API

Identity Resolution Deterministic + Probabilistic Consent & Policy Hooks Explainable Match Graph Real-Time Updates Export/Erase APIs
Operated by Spyface Tech Company, LLC • 30 N Gould St Ste N, Sheridan, WY 82801 USA • Support: hello@spyface.com

Purpose

The AI Customer Profile & Identity API creates a unified identity layer for travel and medical tourism platforms. It resolves users, travelers, and patients across devices, sessions, channels, and partner systems, producing a canonical profile and a match graph that your downstream systems can trust.

This is not “CRM enrichment” copy. This is an engineering interface: match decisions, scores, evidence, audit artifacts, and privacy controls.

AI Outputs (what you actually consume)

  • person_id: stable canonical entity
  • match_decision: link / merge / keep-separate
  • confidence: calibrated probability
  • evidence: explainable features (hashed identifiers, behavioral signals)
  • risk_flags: takeover likelihood, synthetic identity indicators
  • policy_result: allow / restrict / require-consent

1) Identity Model

The system uses a canonical person_id with attached identifiers and events. Identifiers can be verified, observed, or derived (hashed/normalized) depending on policy.

Entities

  • Person: canonical identity (person_id)
  • Account: platform login / partner account
  • Device: device fingerprint / app instance / browser profile
  • Session: time-bounded interaction context
  • Event: booking, search, payment attempt, profile update

Identifier Types (examples)

  • Email (normalized + hashed), phone (E.164 + hashed)
  • Government ID tokens (if applicable and permitted)
  • Payment instrument token (network token / vault ref)
  • Device/app instance ID, cookie/session ID (policy-dependent)

You control what you send. The API supports hashed identifiers to reduce raw PII exposure.

2) Identity Resolution Engine

Resolution combines deterministic rules with probabilistic matching. The objective is to minimize both false merges (two different people merged) and false splits (same person fragmented), with configurable thresholds per use-case.


// Conceptual decision
if deterministic_key_match(): LINK(confidence=1.0)
else:
  p_same = model(features)
  if p_same >= merge_threshold: MERGE
  else if p_same >= link_threshold: LINK
  else: KEEP_SEPARATE
ModeWhen to useGuarantee
Deterministic Verified email/phone, strong login bindings High precision, low ambiguity
Probabilistic Cross-device, partner data, incomplete identifiers Calibrated probability + evidence
Policy-gated Health/medical context or higher sensitivity No action without policy pass/consent hook

3) Match Graph & Explainability

Every match decision produces a match graph: nodes are identities and identifiers, edges are links with timestamps, confidence, and evidence. This is critical for debugging and audit.

Evidence format

  • signals: which signals contributed
  • weights: relative contribution (not raw model weights, but explainable attribution)
  • trace_id: reproducible decision trace for support investigations
  • counterfactuals: what would have changed the decision (optional)
{
  "decision":"LINK",
  "confidence":0.93,
  "trace_id":"trace_8f31c",
  "evidence":[
    {"signal":"email_hash_match","value":true,"impact":"HIGH"},
    {"signal":"device_stability","value":"STABLE","impact":"MEDIUM"},
    {"signal":"geo_velocity","value":"NORMAL","impact":"LOW"}
  ]
}

4) Account Takeover & Synthetic Identity Signals

Identity is also security. The API can emit risk flags to feed your fraud/risk controls and step-up auth.

Account takeover indicators

  • Device switch anomalies vs baseline
  • Unusual geo velocity patterns (policy + context aware)
  • Credential-stuffing signatures (event-level)
  • Payment attempt anomalies

Synthetic / duplicate identity indicators

  • Many accounts converging to same device cluster
  • Unnatural identifier graph topology
  • High-entropy name/attribute patterns (optional)
  • Repeated verification failures
{
  "risk":{
    "ato_probability":0.18,
    "synthetic_probability":0.07,
    "flags":["DEVICE_SHIFT","CLUSTER_DENSITY_RISE"],
    "recommended_action":"STEP_UP_AUTH"
  }
}

5) Privacy, Consent, and Data Controls

Important

You can run identity in a “minimal PII” mode: hashed identifiers, short retention on event metadata, and strict policy gating for sensitive contexts. Configure these controls to match your privacy program.

ControlWhat it doesTypical use
Consent gating Blocks linking/merging across scopes without consent Medical tourism journeys, health intake flows
Scope separation Separate graphs per tenant/product/region Partners, subsidiaries, white-label
Retention policies Time-bound storage of events/identifiers Data minimization / compliance
Export / erase Portable profile export and erasure requests User requests and internal governance

6) Endpoints

MethodEndpointPurpose
POST/v1/identity/ingestSend identifiers + events
POST/v1/identity/resolveResolve to person_id + decision
GET/v1/identity/person/{person_id}Canonical profile + graph summary
GET/v1/identity/graph/{person_id}Explainable match graph
POST/v1/identity/mergeAdmin merge (policy controlled)
POST/v1/identity/splitAdmin split with audit reason
POST/v1/identity/exportProfile export artifact
POST/v1/identity/eraseErase request + proof
POST/v1/events/outcomesFeedback loop for calibration

7) Schemas

Resolve request

{
  "request_id":"req_res_2001",
  "tenant_id":"t_spyface_demo",
  "identifiers":{
    "email_hash":"sha256:8b1a...",
    "phone_hash":"sha256:91c2...",
    "device_id":"dev_77a19",
    "account_id":"acc_1902"
  },
  "attributes":{
    "name":"JANE DOE",
    "country":"US"
  },
  "event":{
    "type":"BOOKING_ATTEMPT",
    "ts":"2026-01-26T17:40:12Z",
    "context":{
      "product":"HOTEL",
      "channel":"WEB",
      "ip_prefix":"203.0.113.0/24"
    }
  },
  "policy":{
    "scope":"TRAVEL",
    "sensitivity":"STANDARD",
    "consent":"GRANTED"
  }
}

Resolve response

{
  "request_id":"req_res_2001",
  "person_id":"p_55019",
  "decision":"LINK",
  "confidence":0.93,
  "trace_id":"trace_8f31c",
  "evidence":[
    {"signal":"email_hash_match","value":true,"impact":"HIGH"},
    {"signal":"device_stability","value":"STABLE","impact":"MEDIUM"},
    {"signal":"geo_velocity","value":"NORMAL","impact":"LOW"}
  ],
  "risk":{
    "ato_probability":0.18,
    "synthetic_probability":0.07,
    "flags":["DEVICE_SHIFT"],
    "recommended_action":"STEP_UP_AUTH"
  },
  "policy_result":"ALLOW"
}

8) Code Examples

Node.js — Resolve identity


const base = "https://api.spyface.com";
const headers = {
  "Authorization": `Bearer ${process.env.SPYFACE_API_KEY}`,
  "Content-Type": "application/json"
};

const res = await fetch(`${base}/v1/identity/resolve`, {
  method: "POST",
  headers,
  body: JSON.stringify(payload)
});
const out = await res.json();

if (out.policy_result !== "ALLOW") {
  throw new Error("Policy blocked identity action");
}

if (out.risk?.recommended_action === "STEP_UP_AUTH") {
  // trigger OTP / WebAuthn / KBA depending on your program
}

console.log(out.person_id, out.decision, out.confidence, out.trace_id);

Python — Minimal PII hashing (email normalization)


import hashlib

def norm_email(s: str) -> str:
  return s.strip().lower()

def sha256_hex(s: str) -> str:
  return hashlib.sha256(s.encode("utf-8")).hexdigest()

email_hash = "sha256:" + sha256_hex(norm_email("User@Example.com"))
print(email_hash)

9) Operational Playbooks

Prevent false merges

  • Use conservative merge_threshold for medical contexts
  • Require verified identifiers for merges
  • Monitor “merge reversal” rate (split events)

Investigate a user complaint

  • Fetch graph: GET /v1/identity/graph/{person_id}
  • Check trace_id evidence and timestamps
  • Split with reason if needed: POST /v1/identity/split

10) Integration Patterns

Pattern A — Real-time resolve on key events

  • Login, booking attempt, payment attempt, profile edit
  • Use response to drive personalization and risk controls

Pattern B — Batch reconcile partner identities

  • Nightly ingest partner user lists
  • Resolve + export canonical mapping for BI/CRM

Support & Implementation

For implementation review, identity graph tuning (thresholds, policy gating, retention), and rollout planning: hello@spyface.com.