Page Comparison

System Architecture

• Transactional emails are moved from Braze to AWS SES

• Switch to AWS SES to send transactional emails

• Create email input field in Sanity

• Set up email subdomain structure

• Transactional emails have the same content

• Emails are sent from SES instead of Braze. This can confirmed by looking at the email subdomain

Haris / Magdalena

Authentication and Authorization

• Guest authentication is enabled

• Loyalty accounts checks are decoupled from removed for guest users

• Develop a Guest Auth token since guests don't have accounts in Cognito or User DB

• Remove loyalty account check for guest checkout users

• Verify token generation and validation for guest users

• No error is triggered due to missing loyalty account

Magdalena

Data Security and Compliance

• Secure and compliant data storage

• Guest Token actions are limited and controlled

• Implement configurable time period for storing Guest Order data

• Add security measures to limit guest actions, implement a guard to restrict Guest Token usage

• Decide and implement logic for Guest Token removal

• Guest order data is removed after set period

• Allowed actions can be performed with Guest token - e.g. priceOrder, validateCommitOrder, commitOrder, getOrder, etc

• Unauthorized actions can’t be performed with Guest token

Magdalena

User Experience and Interface

• Complete frontend flows for guests users

• Implement event tracking

• Remove 'Save Card' option at Payment step

• Add modal to allow users to ‘Continue as a guest’

• Adjust data displayed in the order confirmation page

• Add new events and assure data flow to mParticle and Amplitude

• Guest users can’t save card

• Guest user is able to add email in modal and place order for all service modes

• Confirmation page display correct information

Magdalena

Legal

• Required legal disclaimers for guest checkout are in place

• Create a static page with guest checkout terms and conditions

n/a

Melina

• Creating Guest Token- To place an order as a Guest users require to have be authenticated on our platform

• . In order to do that we need to create a Guest Auth token. We can’t follow the current path for collecting it because Guests don’t have accounts in Cognito and in the User DB entries.

• Preventing the guest user from seeing app content dedicated for registered users only

• Add a security layer limiting actions allowed for the orders with Guest token. Actions allowed for example: priceOrder, validateCommitOrder, commitOrder, getOrder, etc

• Add configurable time period of storing the Guest Order data in the database. Configure to 10 year for DE

• Added Modal to continue as a guest

  Image Modified

• Adjusted data on the confirmation page

• QA Testing
  

M

W

25 Oct 2023

• Accommodate new transactional email communication with AWS SES instead of Braze

• Decide and execute when guest token should be removed, so no other order can be made with that token to guarantee anonymity

• Prevent error appearing on the success page due to loyalty account request

• and price call

• Review the tracking event coverage and naming conventions

• QA Testing

01 Nov 2023

• Create a new static page for guest terms and conditions and link it in the flow

• Change copy to “choose payment' instead of “add payment” at the /cart/payment page
  

  Image Modified

• Save Card Option Removed at the Payment step

  Image Added

• CTA Button Adjustment - Sign in/ up more prominent:

Image Added

• Remove Favorite option for guest users:

Image Added

• Implement tracking events to flow to Amplitude

• E2E QA Testing

22 Nov 2023