![]() ![]() Prompting for a login after getting that information can indicate that the account exists.Īlways guide users to the ideal workflow. When the email address on a guest order matches an existing account, you should proceed as if that account didn't exist. There is no concern if you are not disclosing anything to anonymous users. ![]() Would the above scenario open up any unexpected security implications? that is available for users that placed orders while logged in. Orders placed this way would be treated identical to any other guest order, whioh means that they would not be visible in the order history, etc. In other words: even if an email address is bound to a registered customer, a customer should be allowed to checkout as a guest, with said email address, without logging in. This registration functionality already supplies a would be attacker with an attack surface for email address enumeration. Registered accounts are bound to an email address. In these cases, the fact that they created an account on an earlier date, serves as a barrier to what they want to accomplish: place an order.īecause we would like to minimize barriers (in order to optimise conversion), somebody suggested that we could allow guest-checkout for customers with an email address, even if the email address has previously been used to register an account. As such, a guest order is by no means an anonymous order.Īnalysis of web traffic has shown that even if the customer has previously created an account, the may, for various reasons, not want to log in when they make a purchase. The webshop in question is selling physical goods, so customers will still be required to fill in their name, email and address information. Guest checkout in itself is a quite common feature for webshops. For a webshop, we allow customers to place an order either as a logged in user, or as a guest. ![]()
0 Comments
Leave a Reply. |