Definition
An identity graph is a database that connects multiple identifiers (email addresses, phone numbers, device IDs, IP addresses, cookies, and offline records) to unified individual profiles. Each node in the graph represents an identifier. Each edge represents a verified link between identifiers. When a visitor identification tool matches an anonymous browser session to a real person, it is querying an identity graph to find the connection between browser-level signals and a known identity.
In one sentence: identity graphs are the infrastructure layer that makes “Sarah Chen, VP of Marketing at Acme, just visited your pricing page” possible from a starting point of “an unknown browser session arrived.”
TL;DR
- An identity graph links many identifiers to one person: emails, phones, device IDs, cookies, IPs, offline records.
- The graph is built by ingesting verified seed identifiers (opt-in data partnerships, public records, login events) and linking them over time.
- Quality has three axes: coverage (how many people), accuracy (how often the links are right), freshness (how fast it updates).
- The graph is the moat in visitor identification. Pixels and dashboards are commodities; the graph is what separates 30-40% match rates from 5-15%.
- Major graphs: Leadpipe (proprietary, 280M+ profiles), LiveRamp, Experian, Acxiom, plus internal graphs at Clearbit, Apollo, and ZoomInfo.
How It Works
Identity graphs are built by ingesting data from many sources and linking identifiers over time. The raw inputs include:
- Email lists from opt-in data partnerships: third parties whose users consented to data sharing.
- Device registrations: device IDs from app installs and SDK data.
- Public records: business registries, professional licenses, employment data.
- Transactional data: purchase histories, transactional emails.
- Cookie syncs: cross-domain cookie matching from advertising co-ops.
- Login events: login-to-account events on websites and apps that share identity infrastructure.
The graph-building process starts with a seed identifier, typically a verified email address or phone number tied to a real individual. From there, the system links additional identifiers.
If the seed email was used to log into a website from a specific device, the device ID gets linked. If that device later visits another site, and the IP address is associated with a business, the company record gets linked. If a cookie on one domain matches a cookie on another, the two browsing sessions get connected.
Over time, a single person accumulates dozens of linked identifiers: two email addresses, a work phone, a personal phone, three device IDs, a LinkedIn profile, multiple cookies, and several IP addresses. The identity graph maintains all of these connections and keeps them current as data changes (people switch jobs, get new phones, move offices).
The matching layer
When a visitor identification pixel fires on your website, it captures browser-level signals: cookie, device fingerprint, IP address, browser characteristics. Those signals get sent to the identity graph as a query. The graph runs a match operation: does any combination of the captured signals connect to a known person record?
Two matching strategies coexist:
- Deterministic matching: exact identifier matches (email-to-email, hashed phone-to-phone, cookie-to-cookie via verified syncs). High accuracy, lower coverage.
- Probabilistic matching: inferred matches based on overlapping signals (similar IP + device fingerprint + visit timing). Higher coverage, lower accuracy.
Strong identity-resolution products lean deterministic and use probabilistic only as a fallback for explicitly low-stakes use cases. See deterministic vs. probabilistic matching for the long form.
Quality dimensions: coverage, accuracy, freshness
Not all identity graphs are equal, even when they describe their capabilities the same way. Three dimensions actually matter.
Coverage
How many people and businesses are in the graph. Major commercial graphs claim 1 to 4+ billion individual profiles. Coverage drives match rate: the percentage of anonymous visitors who can be resolved to a known identity. A graph with weak coverage on US B2B will return 5 to 15% match rates. A graph with strong coverage returns 30 to 40%+.
Accuracy
How often the links between identifiers are correct. A graph that links the wrong email to a person is worse than a graph that returns nothing, because it leaks bad data into your CRM and your sales team emails the wrong contact. Accuracy is hardest to measure from outside; it is also the most important. The honest signal is independent testing on the same traffic, not vendor-self-reported numbers. We published the methodology and results from a 75,000-visitor, 120-day independent test in the visitor identification accuracy study.
Freshness
How fast the graph updates when someone changes jobs, switches email providers, or moves locations. A graph with great coverage but stale data returns outdated contacts: people at companies they left 18 months ago, emails that bounce, phone numbers that route to dead extensions. The refresh cadence on strong B2B graphs is 24 hours.
A graph that is strong on one dimension but weak on the other two is not a strong graph. Vendors who quote a single number (“280M profiles”) without disclosing accuracy and freshness are signaling that they only optimize for coverage.
Why Identity Graphs Matter
The identity graph is the engine behind every visitor identification tool, every people-search engine, and every data-enrichment API. Without it, there is no way to connect an anonymous website session to a real person. The graph is what separates a tool that says “someone from Acme Corp visited” from one that says “Sarah Chen, VP of Marketing at Acme Corp, visited your pricing page.”
For B2B teams, the quality of the underlying graph determines everything downstream:
- Match rate: how many of your visitors get identified at all.
- Contact data accuracy: how often the email, phone, and LinkedIn URL are correct.
- Routing precision: whether you can prioritize ICP-fit identifications to sales versus nurture.
- Compliance posture: GDPR, CCPA, opt-out signals all flow through the graph.
This is why two visitor-identification tools with similar pixels and dashboards can produce dramatically different results. The pixel is a commodity. The dashboard is a commodity. The identity graph is the moat. It takes years and significant data partnerships to build a graph with broad coverage, high accuracy, and real-time freshness. Vendors that license thin or outdated graphs from third parties will always underperform on match rate and data quality.
For a head-to-head ranking of platforms by graph quality, see the 10 best website visitor identification platforms and the in-depth RB2B review.
Examples
Visitor identification flow
A JavaScript pixel captures a device fingerprint, cookie, and IP address from a website visitor. The identity graph links that fingerprint to a cookie from a previous session, which is linked to an email address from a data partnership, which is linked to a verified person record. The system returns the person’s name, work email, phone, and company within seconds. Total latency: under 200 ms.
Cross-device resolution
A person researches a product on their phone during lunch, then revisits the vendor’s website from their work laptop in the afternoon. The identity graph connects both sessions to the same individual because the device IDs, IP transitions, and behavioral patterns match a single profile. The vendor sees one journey across two devices, not two separate anonymous visits.
Data enrichment
A CRM contains a lead with just a name and company. An enrichment API queries the identity graph using those inputs and returns the person’s current email, direct phone number, LinkedIn URL, and updated job title, filling in the missing fields. The same graph can also flag if the person changed jobs since the lead was captured.
Suppression and exclusion
A B2B SaaS company runs cold-email outbound. Before any send, the company queries the identity graph against an existing-customer suppression list and a do-not-email list. The graph normalizes across email aliases (work, personal, hashed) so that a single person on the suppression list is excluded across every identifier they own.
Identity graphs vs. CRMs
These are routinely confused. They sit at different layers.
| Concept | What it stores | Question it answers |
|---|---|---|
| CRM | Records you have collected through direct interactions (form fills, sales calls, emails) | “Who have we already engaged with?” |
| Identity graph | Cross-web verified links between identifiers (emails, phones, devices, cookies) | “Who is this person, given a starting signal?” |
CRMs are about your own customer relationships. Identity graphs are the infrastructure that lets you identify new people you have never met. Modern stacks use both: the graph supplies new identities, the CRM stores the relationship over time.
What to ask a vendor about their identity graph
When evaluating a vendor that claims to do visitor identification, identity resolution, or contact enrichment, the questions that actually separate strong from weak products are these.
- Is the graph built or licensed? Vendors that license thin third-party graphs cannot improve coverage or freshness on their own roadmap.
- What is the deterministic-to-probabilistic ratio? Strong B2B graphs lean deterministic for the majority of matches.
- What is the refresh cadence? Daily refresh is the bar. Weekly is acceptable in some categories. Monthly or quarterly is stale.
- What is the independent match-rate benchmark? Vendor-published match rates are claims. Independent third-party tests on the same traffic are evidence.
- What happens to suppression and consent state? Strong graphs honor opt-out and DNC signals across every linked identifier.
- What is the compliance posture by region? GDPR (EU/UK), CCPA, data-broker registration, DPA availability.
Tools that use identity graphs
Visitor identification platforms (Leadpipe, RB2B, Warmly), data-enrichment APIs (Clearbit, Apollo, Cognism), ad-targeting platforms (LiveRamp, The Trade Desk), and consumer identity-resolution providers (Experian, Acxiom). Enterprise graphs typically charge $100K+/year and require 6-month contracts. Self-serve graphs like Leadpipe start at $147 / month with a full REST API and no enterprise commitment.
For a head-to-head comparison of platforms by graph quality, see the 10 best visitor identification platforms, the in-depth RB2B review, and the Warmly review.
Related Concepts
| Concept | Description | Learn More |
|---|---|---|
| Identity Resolution | The process of matching signals against the graph | What Is Identity Resolution? |
| Match Rate | How often the graph produces a successful match | What Is Match Rate? |
| Deterministic Matching | Linking identifiers with exact matches (email to email) | Deterministic vs Probabilistic Matching |
| Data Enrichment | Using the graph to add missing data fields | What Is Data Enrichment? |
| ICP | The buyer profile that the graph’s identifiers are filtered against | What Is ICP? |
| Visitor Identification | The consumer-facing application of identity graphs | What Is Visitor Identification? |
| First-Party Data | Identifiers you own vs. third-party graph data | What Is First-Party Data? |
| Reverse IP Lookup | Company-level resolution; weaker form of identity matching | What Is Reverse IP Lookup? |
Try Leadpipe free with 500 leads ->
FAQ
What does identity graph mean?
An identity graph is a database that connects multiple identifiers (email addresses, phone numbers, device IDs, IP addresses, cookies, offline records) to unified individual profiles. Each node represents an identifier and each edge represents a verified link between them. When a visitor identification tool matches an anonymous browser session to a real person, it is querying an identity graph to find the connection.
How is an identity graph different from a CRM?
A CRM stores records you have collected through direct interactions (form fills, sales calls, emails). An identity graph links identifiers across the broader web, connecting a cookie on your site to an email used elsewhere to a phone number in public records. CRMs are about your own customer relationships; identity graphs are the infrastructure that lets you identify new people you have never met. Modern stacks use both: the graph supplies new identities, the CRM stores the relationship over time.
How is identity graph different from identity resolution?
Identity resolution is the process of matching incoming signals against the graph. The graph is the data layer; resolution is the runtime operation. A vendor can have a great graph and weak resolution (slow latency, poor matching logic), or a great resolution layer running on a thin licensed graph. Both have to be strong for the product to perform.
Why do identity graphs matter for B2B?
Identity graphs are the engine behind every visitor identification tool, people-search engine, and data-enrichment API. Without them, you cannot connect an anonymous session to a real person. The quality of the underlying graph determines match rates, data accuracy, and freshness. Pixels and dashboards are commodities; the identity graph is the moat. Leadpipe builds its own proprietary graph using deterministic matching, which is why it outperforms tools that resell third-party data. For a head-to-head ranking, see the 10 best website visitor identification platforms.
What tools use identity graphs?
Visitor identification platforms (Leadpipe, RB2B, Warmly), data enrichment APIs (Clearbit, Apollo, Cognism), ad targeting platforms (LiveRamp, The Trade Desk), and consumer identity resolution providers (Experian, Acxiom). Enterprise graphs typically charge $100K+/year and require 6-month contracts. Self-serve graphs like Leadpipe start at $147 / month with a full REST API and no enterprise commitment.
How big is a typical identity graph?
Major commercial graphs claim 1 to 4+ billion individual profiles. Leadpipe’s graph contains 280M+ verified person profiles plus 4.4B+ raw identity-graph nodes (the broader pool of unverified identifiers). Coverage matters less than accuracy and freshness; a graph with 10B nodes that hasn’t refreshed in a year produces worse results than a graph with 200M profiles that refreshes daily.
Are identity graphs legal? GDPR? CCPA?
Yes, when built on consented or compliant data. The legality depends on (a) the data sources, (b) the use case, and (c) the geography. In the US, B2B identity resolution under CCPA is well-established and Leadpipe is registered as a data broker in CA, TX, VT, OR. In the EU/UK, GDPR requires explicit consent for person-level resolution; Leadpipe defaults to company-level for EU/UK traffic specifically because of this. Always verify the vendor’s compliance posture by region before signing.
What is the difference between deterministic and probabilistic identity matching?
Deterministic matching links identifiers via exact matches (email-to-email, hashed phone-to-phone, cookie-to-cookie via verified syncs). High accuracy, lower coverage. Probabilistic matching infers links based on overlapping signals (similar IP + device fingerprint + visit timing). Higher coverage, lower accuracy. Strong identity-resolution products lean deterministic for the majority of matches and use probabilistic as a fallback. See deterministic vs. probabilistic matching for the long form.
Related Articles
- What Is ICP? Ideal Customer Profile Explained
- What Is Visitor Identification?
- How Identity Graphs Work
- What Is Identity Resolution? A Technical Primer
- Deterministic vs Probabilistic Matching Explained
- Visitor Identification Accuracy: Independent Test Results
- Identity Data as a Service: API-First Visitor Identification
- Best Contact Enrichment APIs in 2026
- 10 Best Website Visitor Identification Software
- RB2B Review 2026: Features, Pricing & Verdict
