16

Our application has an online shop among other features, and users are normally requested to register before completing a sale, creating a unique customer_ID in the process. When they return, they can log in and their contact details and transaction history are retrieved from the database.

We are now exploring what to do in the case of an 'anonymous' or 'guest' customer, opening up the online shop to customers who don't want to register, and also for sales logged in the backend application, where taking the customer's email, postal address, etc is just too time consuming. The solution has applications outside the online shop too.

Multiple companies use the same database, and the database is built on a party model structure, so we have explored a few options:

  1. Store all anonymous customers under one pre-defined customer_ID in the transaction table:
    1. customer_ID = 0 for every anonymous user, and customer_ID > 0 for every real user
      • This is straight-forward to hard-code into the application
      • But more involved to determine which customers belong to which company
      • Should details for customer_ID = 0 exist in the customer table in the database or as an object in the application?
        • If in the database, what database-level constraints can be made to ensure that it always exists?
        • If not in the database, then foreign key constraints from transaction.customer_ID to customer.customer_ID no longer work
    2. customer_ID is the same as the company party_ID
      • Easier to determine aggregate sales for each company, etc
      • This would confuse matters as it would appear that the company is its own customer, rather than other unique customers
  2. Generate a unique customer_ID for every new anonymous customer (per session)
    • What if the same physical user returns? There will be many records repeating the same sort of data; email, shipping address, etc.
  3. Use another unique key, such as email address, to refer to a customer
    • Not always reliable as people sometimes use more than one email address, or leave old addresses behind.
    • What if there is no email address to be taken, as is the case on the shop floor, pro forma invoices, etc?
  4. Some other Stack Overflow inspired solution!

Addition

A combination of #2 and #3 has been suggested elsewhere - attempt to store a single record for each customer, using the email address if possible, or a new record on every visit if not.

I should point out that we don't need to store a record for every anonymous customer, but it just seems that the relational database was built to deal with relationships, so having a NULL or a customer_ID in the transaction table that doesn't reference an actual customer record just seems wrong...

I must also stress that the purpose of this question is to determine what real-world solutions there are to recording 'casual' transactions where no postal address or email address are given (imagine a supermarket chekout) alongside online shop transactions where an email address and postal address are given whether they are stored or not.

What solutions have the SO community used in the past?

Community
  • 1
  • 1
boatingcow
  • 684
  • 7
  • 19
  • I'd go for the email address solution. email as the identity will get you most of what you want where you may hit edge cases with a very small percentage of the population. – Anon Sep 07 '11 at 16:09
  • I'd use `null` for missing info, that's what `null` was invented for. – Johan Sep 07 '11 at 16:12
  • Do you even need the database for anonymous users? Couldn't you store the cart contents in a cookie while browsing, then use that to fire off the order? Form submit sends the order and their information to the interested parties. Your customers want to remain anonymous for a reason. – stslavik Sep 07 '11 at 16:14
  • Just a good advise for you. Do not be terrified by "Not always reliable" cases. No case can me 100% reliable. It's ok to fail with some. Learn to live in the real world, tolerating some misses. – Your Common Sense Sep 07 '11 at 16:15
  • You have a pretty good analysis there. I'd say that email address is the closest you can get as far as being able to uniquely identify the anonymous user. I understand people use different email addresses but is not too often, and if they do, it's very likely they use the same email address for online purchases if they don't want to have their personal accounts flooded with spam. All your other alternatives have major drawbacks, as you pointed out. – Icarus Sep 07 '11 at 16:15
  • Thanks everyone: Anon, Icarus, we can't have an email-only solution as it's not a web-only application. A large majority of transactions are taken where no email address is given - imagine giving your email address every time you went to the supermarket. Johan, stslavik, this is what we currently do, but we have to drop the foreign key constraint on customer_ID between the transaction table and the customer table, recording a NULL for the customer_ID. Col. Shrapnel, spot on! – boatingcow Sep 07 '11 at 18:11

8 Answers8

5

Assuming you require an e-mail address for all online orders, you could create a temporary account for every customer at the completion of each order when they are not logged in.

This can be done by using the shipping address and other information provided during checkout to fill in the account, and e-mailing a random temporary password to them (optionally flagging it to require changing on the first log-in, if that functionality is built into the website). This requires minimal effort on their part to setup the account, and allows them to sign in to check their order status.

Since the primary key in your database is the customer_id, it should not cause conflicts if they continue making new accounts with the same e-mail/address/etc, unless you have code in place to prevent duplicates already. It's rare for someone to create more than one temporary account though, since it's easier to log in with the password e-mailed to them than entering their data again.

For the backend orders, we generally create an account in the same way as above for every customer. However, if they don't have an e-mail address (or they only want to purchase by phone), we generate an account with their shipping information and a blank e-mail address (have to code an exception to not send temporary passwords/order confirmations when it's blank). The customer_id is given to them, and their shipping information and company name are stored in the account to look up and expedite future orders.

shinypenguin
  • 128
  • 5
  • Thanks to everyone for their input, however this answer seems to be the closest to the ideal and actually describes a 'real-world' implementation. – boatingcow Sep 28 '11 at 14:55
1

I doubt there are any perfect solutions to this problem. You simply have to make a choice: How important is it to guarantee recognizable customer history in contrast to the improvement in conversions you get from not forcing a customer to go through a full registration process.

If you go without forcing registration, you will not be able to recognize returning customers 100% of the time. One might argue that even with registration that will not be possible, as users sometimes choose to create new accounts for various reasons. But you might be able to do something that's "good enough" by understanding the data you already have.

For example, in some countries, postcodes are quite specific. Are they specific enough? Depends in which countries you operate and also how your customer base is built. If you tend to only have one user per household, maybe.

Or depending on which payment methods you support, you might consider building a one-way hash of the credit card number ("pseudo-unique ID"). Some payment solutions actually do return a unique "payer ID", which could be perfect -- assuming that you get something from all the payment services you support.

Salieri
  • 782
  • 6
  • 17
1

I would assign a unique Customer ID to save the data, and then on future purchases that the same anonymous purchaser makes you could look to see if the same email address and/or first line of the address and post code already exists. If you ask for a phone number, compare that. Basically you need something fairly unique whilst getting rid of possible errors (eg. only looking at first line of the address - it's very likely that there is more than one 123 Main Street! But there will be only one 123 Main Street with post code ABC123).

Once you know this, you could automatically create them an account - sending the customer an email saying that you've noticed that they purchased previously, and to save them time use this email address and this automatically generated password. When they login for the first time, do a quick security check (maybe value of last invoice), then let them check their details. You could even do this during the checkout process. I think by showing that you can save them time by doing it automatically could be a bonus.

If you don't want to do this, then it's possible to set a cookie, though you'd have to warn the user if you are trading from within the EU (cookie laws).

The problem with someone having different email address and postal address, could be that they order for business, then they could order for personal use (hard to say as we don't know what you're selling).

MrJ
  • 1,910
  • 1
  • 16
  • 29
  • Note for anyone concerned about cookie consent: Always do your own research, but it's my understanding that you are only required to ask for consent if you're using cookies for marketing purposes. - That said, if you're doing cart reminders (for example), this is technically a marketing tactic. – James William May 22 '23 at 11:53
1

Ofcourse you can track the sale session by using cookies. but Also register anonymous users to your site but don't let them realize that they are filling any registration form .Let them follow the sale process and at the end of the sale process generate a unique customer id and email them and also display that notification on the site after they complete their sale and make them login into the site by just entering their customer id.

sumi
  • 417
  • 3
  • 14
0

I usually use the user IP, I create an account with just an ID and his IP address. When he registers, I just update his record. Other things than IP could (and should) be used too, like creating a random token to put in a cookie to bypass any session system in use so you can make it last longer for example.

Now, in the application, you have to make your user class able to "identify" your users with either this IP/token, a real session or any other login system you may have in place.

Arkh
  • 8,416
  • 40
  • 45
  • 1
    IP Addresses change very often. It's a matter of rebooting/turning off your router and you almost surely get a new one. – Icarus Sep 07 '11 at 16:17
  • 2
    IPs are not reliable anyways. Consider NAT gateways - many many users coming from a single IP. – Marc B Sep 22 '11 at 19:17
0

Mmmm ... we generate a uniq ID for guest users -- a hash-value or uuid for the username and store this one in the basket table. You cold store this also in the customer table, if you don't mind cluttering your database with such data. The uuid is stored in a cookie in the customers browser, until he checks out the basket. The cookie thing is also nice for assigning the anonymous account (and the content of it's basket) to a valid account, if the user decided to register later on / before checking out the basket.

aurora
  • 9,607
  • 7
  • 36
  • 54
0

I would create a unique customer ID, and store it on the user's machine as a cookie. This should decrease the number of users with multiple customer IDs.

But in all seriousness, as long as your number of ids isn't getting into the hundreds of thousands (and congrats if it is!), it's not going to hurt your database as long as you have proper indexes on the customer id column.

If you had id=0 for each customer wouldn't you have just as many rows though? I think that's inescapable if you want to keep all the data, right? A zero id might cause your index extra problems too.

Dave
  • 11,499
  • 5
  • 34
  • 46
-1

The way I do it is : Not at all.

Simply put, let people pay through paypal or whatever you put as payment solution and get the data from there, automatically create the user and the order after the payment is processed using the provided API.

At that point you have all the information you need and can definitely store just enough for your statistics / e-spam marketing.

Keep it simple, require NOTHING, not even people to enter a customer id or an e-mail, and they'll all love it.

Doing that I still have every bit of information I could be interested in and the user experience is as fast/easy as can be.

Morg.
  • 697
  • 5
  • 7