Internal Matching – Unidy Documentation

Internal Matching allows users that are registering for a new account, to match their account with already existing dummy/offline accounts. You can use this to store information about a user, that you don’t know the email of, or don’t want to add their email to your Unidy ID without the user specifically entering it on your Unidy platform.

The Internal Matching includes…

creating dummy accounts with known user information,

defining attributes that the user has to enter in order be allowed to match their account,

security measures to prevent malicous users gaining unrightful access, and

notifying connected systems about successful matches.

Use Cases

Memberships & Subscriptions: Users who have memberships but have not yet created an online account can match with their pre-existing membership data by entering specific details like membership ID, zip code, and birthday.

Offline Ticket Purchases: For users who purchase tickets offline, your ticket service can create a placeholder account. Users can then claim this account during the online registration process by verifying their information.

Pre-registered Users: You can pre-register users for various services or events. When these users decide to create an account, they can match with their pre-existing data, making the process of adding information to their accounts faster.

Key Features

Account Matching During Registration: Users can match their new accounts with pre-existing accounts during the registration process by entering specific matching parameters such as membership ID, zip code, and birthday.

Configurable Matching Parameters: You can choose which parameters will be used for matching. You can choose any parameter that is available on Unidy user accounts (both, standard profile attributes and custom attributes). This includes one unique parameter and as many additional parameters as you like (i.e. to further proof that the user actually owns this account).

Security Measures: The feature is designed to prevent unauthorized access by ensuring that users can only match accounts if they provide the correct information. If no match is found or the details are incorrect, the user is notified without revealing sensitive information.

Rate Limiting: To prevent abuse, the matching process includes rate limiting. Users are limited in the number of attempts they can make to match their accounts within a certain time frame.

Error Handling: If the matching process fails, users are presented with a clear error message, and their progress is not interrupted. The system does not indicate which specific detail was incorrect to maintain security.

How It Works

Service Creates Pre-Registered Accounts: Service providers can create accounts with dummy email addresses or other pre-determined identifiers. These accounts contain specific information that will be used later for matching.

User Starts Registration: When a user begins the registration process, they are presented with the option to match their account with an existing one.

Matching Process: The user enters the required matching parameters (e.g., membership ID, zip code, birthday). The system checks for an existing account with these details.

Successful Match:

If a match is found, the user’s new account is linked to the pre-existing one.

The user is prompted to update their email address and other personal information, ensuring that their account is now fully under their control.

The pre-existing account is updated with the user’s new information, and the dummy email is replaced with the user’s real email address.

A confirmation email is sent to the user for verification.

Failed Match:

If no match is found, or if the user enters incorrect details, the system remains on the matching step, and an error message is displayed.

The user can retry the matching process within the allowed rate limits.

Finalizing Registration: Once the matching is successful, the user completes the registration process, and their account is fully activated.

Admin Configuration

Unique Identifying matching parameter: Admins can configure which parameter is used to uniquely identify the user account that should be used for matching.

Additional proof parameters: To further allow you to proof that a user is really eligible to matching with existing information, you can define multiple verifying parameters.

☝

All defined parameters (both, unique and proof), must exist already as attributes in Unidy. They can be both, standard profile attributes (first name, last name, zip code, etc.) or custom attributes.

Setting	Constraints
Unique identifier	Must define exactly one	- String	Used to look up the user account that should be matched.
Proof parameter	Can define none or many	- String - Date	Used to proof that the user really belongs to the user account that has been found.

Security Considerations

Preventing Unauthorized Access: The system ensures that users cannot gain unauthorized access to accounts by requiring exact matches of the provided parameters.

Error Messages: Error messages are designed to be non-specific, only indicating that no match was found without revealing which detail was incorrect.

Rate Limiting: To mitigate the risk of brute-force attempts, the matching process is rate-limited, restricting the number of attempts a user can make.

How to setup internal Internal Matching

It is common to encounter offline users within various data sources. For example, you may have records of offline members, including their membership number, name, and date of birth. The internal matching feature is designed to streamline the onboarding process for these users into your Unidy instance. The standard procedure involves the following steps:

Import all offline member data into your Unidy instance. If email addresses are unavailable, generate placeholder email addresses.

Upon import, the user data will be synchronized across all connected services.

When an offline user subsequently registers, they will be able to claim the pre-imported account, thereby inheriting all associated data, such as tickets, subscriptions, and newsletter preferences.

This guide provides detailed instructions on configuring the matching functionality within the Unidy application.

Go to the Unidy Admin Section

Continue to the Super Admin section

In case you don’t have access to the Super Admin area, please contact us.

Continue to the Plugins section

Click "New plugin"

Select the option to create a new plugin.

Select "Plugins::InternalMatching"

This will create a new Matching Plugin.

Select "Enabled"

This will right away enable the Plugin. You can also choose to postpone this to a later moment.

Create the Matching Plugin

Click "Add Matching Config"

Select your primary matching criteria.

Only fields that are unique can be selected here. For further details please refer to Attribute Validation Rules. Ideal candidates are Membership numbers, which should be unique anyways.

Click "Create Internal matching config"

Click "New" for additional matching attributes

Add as many additional matching attributes to make it hard for attackers to guess the values and overtake someone else's account.

Note: Every field on the config must be filled for the account to be matched.

Select the Additional Matching Field

Verify if the data types are correctly as preselected and adapt them if necessary.

Click "Create Internal matching config field"

Repeat this until you have all required matching attributes configured. A good set could be:

membership number

first name

last name

birthdate

Test the matching

Create a new unconfirmed user in the Unidy Admin that has all the required fields.

Then Signup using another email address. You will be able to find the imported user using the matching fields. Once matched, you will own all data that was associated to the imported user e.g. Tickets, Subscriptions or Newsletter preferences.