Loading

Best Practices for Guests vs. Registered Users in B2C Commerce

게시 일자: Apr 18, 2024
상세 설명

It is possible for a shopper to inadvertently capture the order information of other shoppers. An example of how this can happen when using PWA Kit is below:

  • Shopper A
    • Shopper A starts a browser session on the merchant website.
    • An order is placed - Order A.
    • The shopper ends their session by closing the browser window.
  • Shopper B
    • Shopper B uses the same browser/client within the next 30 days which is the validity period for Shopper Login and API Access Service (SLAS) guest refresh tokens.
    • Another order is placed - Order B.
    • Shopper B elects to register an account on the website. Account creation can be done at any time, not just after the creation of Order B.
    • Shopper B visits the order history account section.
    • Shopper B will see both Order A and Order B as the customer ID had remained constant through both orders and the registration process.

 

Browser sharing scenarios include the following:

  • Roommates sharing a computer;
  • Friends sharing an iPad;
  • Virtual Desktop (Call center, customer service infrastructure, Citrix shared desktop)
솔루션

Please share the tips below with your customers to help keep their shopping, personal and/or financial information private on a shared computer:

 

  • Don't save your login information.

    Always log out of websites by clicking "log out" on the site. It's not enough to simply close the browser window or type in another address.
    Many programs (especially shopping, social networking websites, web-based email, and instant messaging systems) include automatic login features that will save your user name and password. Disable this option so no one can log in as you after you have finished using the computer.

 

  • Don't leave the computer unattended with sensitive information on the screen.

    If you have to leave the public computer, log out of all programs and close all windows that might display sensitive information.

 

  • Erase your tracks.

    Choose Private of Incognito browsing. If you do not choose private browsing, a web browser keeps a record of your passwords and every page you visit, even after you've closed them and logged out.

 

  • Disable the feature that stores passwords.

    Before you start surfing the web, turn off the browsers feature that ‘remembers’ your passwords. This is also known as ‘Auto Complete’.

 

  • Delete your temporary Internet files and your history

    When you finish your browsing session using a public computer, you can help protect your private information by deleting your temporary Internet files. This is typically done by clearing the browser history and cookies.

 

  • Watch out for over-the-shoulder snoops.

    When you use a public computer, be on the look out for thieves who look over your shoulder or stand particularly close to you in order to take note of your sensitive information (such as passwords) as you enter them on the computer.

 

  • Don't enter sensitive information into a public computer.

    The above measures provide some protection against casual hackers who use a public computer after you have.

    But keep in mind that a really industrious thief might have installed sophisticated software on the public computer that records every keystroke and then emails that information back to him.

    Then, it doesn't matter if you haven't saved your information or if you've erased your tracks. They still have access to this information.

    If you really want to be safe, avoid entering any sensitive information into any public computer, especially your credit card number or any other personal or financial details.

 

Knowledge 기사 번호

001664952

 
로드 중
Salesforce Help | Article