User Segmentation
Design a segmentation engine that groups users by behavior, license tier, and hardware profile without leaking identity.
Overview
Segmentation lets you target feature rollouts, license enforcement, and abuse detection with precision. The engine ingests telemetry events, enriches them with license metadata, and assigns each user to a dynamic cohort. All processing happens server-side; the dashboard only sees anonymized cohort IDs.
Data Model
| Field | Type | Purpose |
|---|---|---|
| cohort_id | UUIDv7 | Stable anonymous group identifier |
| tier | enum | free | pro | enterprise | trial |
| hw_family | string | Hashed hardware fingerprint bucket |
| last_active | timestamp | Last telemetry heartbeat |
Cohort Rules
- Power users — 20+ sessions in 7 days, enterprise tier, auto-enrolled in beta channel.
- At-risk — trial expiring within 48h, fewer than 3 sessions. Trigger in-app upgrade prompt.
- Anomaly — hardware fingerprint changed 3+ times in 24h. Flag for manual review.
- Dormant — no heartbeat in 30 days. Suppress push notifications, queue re-engagement email.
Implementation Notes
Run the segmentation pipeline as a cron job every 15 minutes. Read raw events from Upstash KV streams, compute cohort assignments, and write results back to a dedicated hash. The dashboard queries cohort aggregates only — never raw user rows. Use HMAC-signed cohort IDs so the client can verify authenticity without revealing the underlying user key.
Next: License Enforcement Flow — wire segmentation results into real-time license checks.