Many thanks to you both for sharing your experience of the ecommerce world.
What you say makes a great sense and makes me more confortable with having (or making someone have) an ecommerce site without captcha and e-mail verification. When I will have some time I would anyway try to have an email verification feature that could be enabled/disabled following David's hint about the contact list. -Bruno 2008/9/30 BJ Freeman <[EMAIL PROTECTED]> > The only attraction on most robots, from my experience with store > owners, is if there is a forum or blog associated with the ecommerce > site. This is usually used to increase rankings for SEO. > The main thing that Ecommerce faces is Fraud orders, where a person will > flood a site with bogus orders. neither captcha or authentication will > do anything to keep this from happening. IP addresses and countries are > usually enough to spot such bogus orders. > Also note that a lot of People don't want any information outside their > address to be delivered to, so they will put in a bogus email address. > The email verification will save a bounced emails when the notification > emails are sent. On the other hand once a bounce email is returned . > that my be, depending on the bounce, a way to verify the email address. > > David E Jones sent the following on 9/29/2008 10:01 PM: > > > > On Sep 28, 2008, at 11:17 PM, Bruno Busco wrote: > > > >> 2) Since we have no captcha function I am worried about robots that > could > >> generate thousands of false accounts filling up the database. Having > >> neither > >> captcha and e-mail verification could expose the ecommerce too much, > >> don't > >> you think so? > > > > What is the worst case scenario for these? Extra registrations? > > > > There are many forms of denial-of-service attacks, I must admit I've > > never heard of one that specifically targets automated account creation > > on ecommerce sites. Usually automated account creation is used for sites > > where public postings can be made, like free email and public forums and > > such. > > > > Whatever the case, it's really not my decision unless I'm running an > > ecommerce company myself. That's something I'd generally leave up to a > > client to decide on. If someone did ask my opinion, I'd say the > > inconvenience to a customer (and corresponding abandoned carts) may not > > be worth it. Of course, it should also be considered that adding captcha > > and/or email verification may not have any effect on customer conversion > > rates and what what. If a company really wanted to know either way the > > best approach would be to do random testing of using and not using each > > across a large customer base. > > > > -David > > > > > > > > > >
