On Mon, 7 Feb 2005, Greg London wrote: > Can an online store sell stuff over the web without > requiring a password and user account for customers?
The business question is why would they want to ? Most people who buy online are familiar with the concept of creating an account/registering before buying. If you break that model, you need to have a good reason to do so. Either it is cheaper to do it a different way or more expensive. Either way, the choice to do it is dependent on the change in sales to be expected as a result of doing things differently. Clearly you are keen to reduce the barriers to someone becoming a customer but would the lack of a registration process actually put some people off buying ? Only market research can tell you for sure. Go and ask some prospective customers. Just because it seems like a good idea to use techy types doesn't mean that it will work for joe public. > ---- the details ---- > > Said widget is physical, so delivery may take some time, > therefore customers may want to check on their order > every few days. Most courier companies seem to work this way. They give you a waybill number and you can track the status of your parcel. It's relatively secure because there's nothing much you can do with that information & they don't give you anything more than "we're delivering a box to you, and it's currently $here". They don't even tell you whop the sender is for the most part. > And there may be a problem with the order when it arrives, > so a means of reporting order problems is needed. A waybill-type number may be all you need to do this but only if you didn't reveal anything about the order. Otherwise how would you know the provider of the tracking number was properly authorised and how would you protect the privacy of the correct owner ? > As far as I can tell, it should be possible to take > someone's order online and provide a tracking number > and that should be sufficient to get the job done. But why would you want to do it any other way ? > But a bunch of people are telling me the only way it > can be done is if they ask for an email address as a > username and a password to set up an account. They're wrong but that's no reason to not do it that way :-) I mean, you *could* capture a mobile number from the user when they purchase and then text an access code to them in the event that they want to make changes, report problems etc. Or you could just email it to the registered address. i.e. you create the acount only when it's actually needed. That's probably a good usability thing but only if the users of the system feel comfortable doing it that way. If it stops people buying, it's bad.. > Since I'm not a web-head, I don't know the underlying > security involved, but I can't see how you have to set > up an account to take an order. > > Does a password improve the overall security of the > purchase process? Of the one-time purchase process, probably not but after-sales is another matter. > For a one-time buyer, going to a website to purchase > something, it seems like needless overhead to ask them > to create an account, make up a password (and figure out > a way to remember it), when they're only going to ever > make one purchase. > > So, what is the expert verdict on this? > > Can it be done without a password/account? Yes. Capture the necessary details to allow you to create an account when it is needed but that provides sufficient security that only the authorised purshcaser can do so. > Or is the password/account overhead required for safe > transactions online? Not necessarily but it's often *perceived* to be. And perception is everything when dealing with the public ! > Examples of big name websites that sell to customers without > requiring an account woudl be useful supporting evidence for > me to make my case. I don't know any big name web sites that only expect to have one and only one transaction with a customer. Repeat business is what they want and in those cases they need to make the process as easy as possible so accounts are used to retain information between purchases. HTH, Simon. -- "Zaphod old mate, I trust you as far as I could comfortably spit out a rat" _______________________________________________ Boston-pm mailing list [email protected] http://mail.pm.org/mailman/listinfo/boston-pm
