Thanks to the proliferation of smarter and smarter bots, it is now necessary to require all customers of HeldGear.com to pass through an email verification at least once before having the option to submit a payment.
If you’re curious, put in a search for “fake orders in ecommerce” and you’ll see what it’s all about. In short, it’s mostly artificially intelligent bots exploiting marketplace checkouts to test credit card numbers. It bogs down resources, potentially flags my store as a fraudulent site, and is flatly annoying managing all those failed orders.
Frankly, it would behoove WooCommerce to produce the option to require user email verification within their stock build. I haven’t made a successful plugin with Claude yet to do so and the options out there aren’t great. Ironic using AI to fight AI but that’s how it is too.
This is how most ECommerce operates now, like our Etsy store, they require it. On DePop, they always make you verify your email. And they all deploy CloudFlare or similar tech to scramble out the bots.
Malicious actors and more sophisticated tech is making it increasingly difficult for small businesses to offer their own websites without deferring to big, centralized platforms like Shopify and Amazon. This site uses WooCommerce and WordPress, but at least these are open-source free platforms that you can scale with paid features as your business grows. I’m pushing the limit.
The demands required of small business websites have in general become more cumbersome. Legal notices are another factor.
I have issues with the cookie banner sometimes. No matter what selection you make, depending on your browser and settings, it won’t go away. Again, this kind of thing has become imperative only due to privacy laws. Privacy is important. The problem is that these banners annoy people. Every point of friction drives potential customers back to familiar platforms.
You should be able to visit a website as anonymously as a person walking into a store with cash. Problem is, every ecommerce site owner now needs to verify your email because there are bots attacking us constantly. Maximizing privacy in your browser, and with VPN’s, can trigger security blocks, or make it impossible to employ cookies that make the website work right.
It’s understandable why one might feel distrusting of an independent website with a very small business. What’s important to remember is that I’m not building all the code, I utilize industry standard services and software to make everything work here. Ultimately, I’m not seeing anything but the shipping and contact info necessary to process orders. I do nothing with it except send a marketing email quite rarely, which can be unsubscribed from easily.
All in all, this site is far more secure for myself and for the user, having gone to battle with the bots. It is performing better, and it’s now time to get back to the good stuff, like design.
Thanks for visiting.