Announcement

Collapse
No announcement yet.

retrieval of customer checkout info using email address, OK?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    retrieval of customer checkout info using email address, OK?

    I've noticed that the ready themes OCST page has the ship to email address as the first field to be entered. How big a no no would it be to use that email address to automatically retrieve the customer's bill to & ship to information from their last order and use it to populate the OCST page?
    Just wondering, Larry
    Larry
    Luce Kanun Web Design
    www.facebook.com/wajake41
    www.plus.google.com/116415026668025242914/posts?hl=en



    #2
    Re: retrieval of customer checkout info using email address, OK?

    I believe this is what browser 'auto-fill' features are for...otherwise, regardless of compliance issues or not, customers may find it creepy unless they are 'asked' to login (i.e., a Remember Me feature).
    Bruce Golub
    Phosphor Media - "Your Success is our Business"

    Improve Your Customer Service | Get MORE Customers | Edit CSS/Javascript/HTML Easily | Make Your Site Faster | Get Indexed by Google | Free Modules | Follow Us on Facebook
    phosphormedia.com

    Comment


      #3
      Re: retrieval of customer checkout info using email address, OK?

      Originally posted by wajake41 View Post
      I've noticed that the ready themes OCST page has the ship to email address as the first field to be entered. How big a no no would it be to use that email address to automatically retrieve the customer's bill to & ship to information from their last order and use it to populate the OCST page?
      Just wondering, Larry
      Pretty big. If they want that info retrieved, they can create an account.
      Best,
      Pamela

      Consultant / Developer / Trainer
      Contributing Editor to Practical Ecommerce
      Author of the Official Guides for Miva Merchant
      pamelahazelton.com

      Comment


        #4
        Re: retrieval of customer checkout info using email address, OK?

        Hi Pamela:
        Not sure what you mean by pretty big. My concern is if this violates any security rules, the AJAX coding to retrieve the information will be routine.
        Larry
        Larry
        Luce Kanun Web Design
        www.facebook.com/wajake41
        www.plus.google.com/116415026668025242914/posts?hl=en


        Comment


          #5
          Re: retrieval of customer checkout info using email address, OK?

          Security rules? I'm not sure. But... without a password, why should anyone who knows my email address be able to then see my billing address and phone number?
          Best,
          Pamela

          Consultant / Developer / Trainer
          Contributing Editor to Practical Ecommerce
          Author of the Official Guides for Miva Merchant
          pamelahazelton.com

          Comment


            #6
            Re: retrieval of customer checkout info using email address, OK?

            Also, as I mentioned, this could give out a 'creepy' vibe. Now, if you want to "Ask" the customer, say..."Haven't I seen you before. Click Here to lookup your info", then you could auto populate with glee (and Billto email and zip). However, those that like being "remembered" on sites, typically use things like "Auto Fill" from their browser.
            Bruce Golub
            Phosphor Media - "Your Success is our Business"

            Improve Your Customer Service | Get MORE Customers | Edit CSS/Javascript/HTML Easily | Make Your Site Faster | Get Indexed by Google | Free Modules | Follow Us on Facebook
            phosphormedia.com

            Comment


              #7
              Re: retrieval of customer checkout info using email address, OK?

              Originally posted by Bruce - PhosphorMedia View Post
              Also, as I mentioned, this could give out a 'creepy' vibe.
              Correct. I would leave any site that did it. In fact, I'd probably write about it. :-)
              Best,
              Pamela

              Consultant / Developer / Trainer
              Contributing Editor to Practical Ecommerce
              Author of the Official Guides for Miva Merchant
              pamelahazelton.com

              Comment


                #8
                Re: retrieval of customer checkout info using email address, OK?

                If you did this without a password, this would absolutely violate a number of laws around protecting personally identifiable information.
                Thanks,

                Rick Wilson
                CEO
                Miva, Inc.
                [email protected]
                https://www.miva.com

                Comment


                  #9
                  Re: retrieval of customer checkout info using email address, OK?

                  Thanks, I've heard what I wanted to hear.
                  Larry
                  Larry
                  Luce Kanun Web Design
                  www.facebook.com/wajake41
                  www.plus.google.com/116415026668025242914/posts?hl=en


                  Comment


                    #10
                    Re: retrieval of customer checkout info using email address, OK?

                    How does the ability to view order history by email and zip code, which reveals an order's ship to and bill to information, fit into this security issue?
                    Larry
                    Larry
                    Luce Kanun Web Design
                    www.facebook.com/wajake41
                    www.plus.google.com/116415026668025242914/posts?hl=en


                    Comment


                      #11
                      Re: retrieval of customer checkout info using email address, OK?

                      While I'm not an expert on the law, thus far that combo of data is considered an acceptable password/username combo. If the law changes, we'll change our core software.
                      Thanks,

                      Rick Wilson
                      CEO
                      Miva, Inc.
                      [email protected]
                      https://www.miva.com

                      Comment


                        #12
                        Re: retrieval of customer checkout info using email address, OK?

                        It's also worth noting that right now, most PII (Personally Identifiable Information) Laws are State Based, with last time I checked, Colorado and Massachusetts having the strictest laws, including in some cases actual Criminal liability (instead of just Civil liability) for PII legal violations.
                        Thanks,

                        Rick Wilson
                        CEO
                        Miva, Inc.
                        [email protected]
                        https://www.miva.com

                        Comment

                        Working...
                        X