Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 23 Next »

⏮️ Context

What is the context and status quo of the opportunity

Currently the customer support team can block fraudulent accounts, that they identify as potential suspicious activities. Example: too many transactions in the same day.

They can do this in the existing tool. Moving to the Admin tool, they would like to keep this feature.

Current flow in Homeria:

image (12).png

image (13).png

Request link: IREQ-1494 - Getting issue details... STATUS

🎯 Problem Statement

Summary of the opportunity's’s main findings and what is going to be addressed

RBI has a loyalty program that rewards customers for their purchases/transactions. To get more benefits, there are some fraudulent behaviors that were already identified by the company.

Example of a fraudulent behavior:

  • Sometimes, the employees register customers transactions in a single account (not the customer’s account) in order to get points and benefit from discounts/rewards.

  • The restaurant identifies a customer that only have joke orders (placed orders without payment and then cancel / do not show up)

  • The restaurant identifies that the same customer always open a incidence saying he didn't receive the entire order or has problem with the quality. Because the customer expects a refund.

These fraudulent behaviors may jeopardize the company’s financials and it’s important to have controls in place to avoid this type of issue. On average, 10 accounts are blocked per month in Iberia (most of them are restaurant employees).

One of the existing implemented controls is: to allow the customer support team to block a suspicious fraudulent account, to “stop the bleeding” and to avoid this continuous behavior.

❔ Expected Outcome

What are the goals the opportunity is going to address

  • Due to GDPR, it’s recommended to use two difference storage instances: one for customer data and another one for user data. The admin tool already has a customer data repository. To store and show the user tracking historical data, it’s necessary to create a new service to save this type of information. As this requires additional scope/ effort, which was not considered during Q2 planning, we decided to move forward splitting this deliverable into different milestones.
  • Milestone 1 (end of Q2): Be able to block and unblock customer accounts, without tracking on support/ admin tool. We will only keep technical logs to be consulted if necessary. This is the scope of this first deliverable and will be developed by the Iberia dedicated team
  • Next milestones: 2- Be able to change email addresses associated to a customer account (INTL team - Users; ETA: end of Q3); 3 - Create a new service to store the users data, including the email changes (INTL team - Users; ETA: mid of Q4); 4- Be able to track the user data related with (un)blocking customer accounts and show it on Admin/support tool ( Iberia dedicated team; ETA: end of Q4).

Scope for 1st deliverable:

ADMIN TOOL

  • Be able to block the account. This account won’t be able to place any more orders this brand. Blocks the account only for one brand. Blocking the account means that: the customer can’t place more orders, can't access the account, can’t use the loyalty benefits and all other features that might be available when they were logged in.

  • Confirmation page: to avoid human error, a confirmation page must be shown to the agent, to validate that this is the action that s/he wants to perform.

  • Only the customer support team will be able to block customer accounts. NEW

  • Be able to unblock the account. If there was a mistake or if the customer requests to unblock the account, the agent must be able to undue it.

EMAIL NOTIFICATION

  • When the account is blocked the customer receives an email notification message.

    • Email message: “Estimado cliente

      Le informamos que su cuenta ha sido bloqueada temporalmente al detectar un posible uso fraudulento . Si cree que ha sido un error o desea más información por favor póngase en contacto con Atención al Cliente a través de nuestra web www.burgerking  o nuestra App.”

  • When the account is unblocked the customer receives an email notification message.

    • Email message: “Estimado cliente

      Le informamos que una vez revisado el posible uso fraudulento se ha procedido a desbloquear su cuenta.

      Para cualquier información por favor póngase en contacto con Atención al Cliente a través de nuestra web www.burgerking  o nuestra App.”

The message should always include the form to redirect to the contact form

OTHER APPS:

  • WL

  • Kiosk: as customers must use OTP to be able to login on kiosk. If the account is blocked on WL (where the OTP is generated), the customer can’t get the OTP and won’t be able to login on Kiosk. No development is required for this channel.

  • POS: as customers must use OTP to be able to login on POS. If the account is blocked on WL (where the OTP is generated), the customer can’t get the OTP and won’t be able to login on POS. No development is required for this channel.

  • Call center: there will be an exception as we can’t block customer account through call center.

  • Braze

  • When the customer/ agent tries to sign in /sign up to this account to place a new order, a message should be shown to let them know that the account exists but it’s blocked. This message should be visible to all types of logins (inclusive through social networks)

Message: “CUENTA BLOQUEADA TEMPORALMENTE

Esta cuenta ha sido bloqueada temporalmente al detectar un posible uso fraudulento. Si cree que ha sido un error o desea más información por favor póngase en contacto con Atención al Cliente a través de nuestra web www.burgerking  o nuestra App”

In this message, the link should redirect the customer to the “contact us” form.

  • When the account is blocked, all active sessions for this account should be logged out.

  • If the account is blocked, the customer shouldn’t receive any marketing campaigns.

AMPLITUDE:

  • The customer account blocking information should be tracked.

  • There should be a tracking applied to the blocking message, so we can register that the customer actually got the blocking message notification.

Scenarios details

1.1. Guest account is blocked and the account is logged off

Steps

Expected Outcome

Comments

Customer support compliance agent blocks customer account on Admin tool

  • Customer support compliance agent searches by customer on admin tool using the loyalty id code

  • Then blocks the customer, choosing the blocking option.

  • The customer account is logged off (this process can take up to one hour).

  • An email notification is sent to the customer to let them know that the account has been blocked.

  • Braze communications will be temporarily suspended.

  • Events on mParticle and Amplitude will be kept.

  • New role with permission to block customer accounts.

  • New blocking button available on admin tool.

  • Force customer account logoff process.

  • Email notifications configured on sanity.

  • Braze communications are automatically blocked.

Customer opens the WL app or web, to Sign-in/ Sign-up

  • When the customer tries to log in, they will receive an error message to let them know that the account has been blocked.

  • Sign-in/ Sign-up page: new error flow (and event) to let the customer know that the account has been blocked.

1.2. Guest account is blocked and the account is logged in

1.2.1. And the customer tries to place an order online (WL)

Steps

Expected Outcome

Comments

Customer support compliance agent blocks customer account on Admin tool

Same as 1.1. scenario

Same as 1.1. scenario

Customer opens the WL app to place an order

If the account is still logged in, the customer can use the app regularly:

  • when the customer tries to place the order, on checkout page, the account will be logged off and the customer can’t place the order. The customer will be redirected to Sign-in/ Sign-up page and will receive the error message.

  • when the customer tries to change profile information, on profile page, the customer won’t be able to complete the action. The customer will be redirected to Sign-in/ Sign-up page and will receive the error message.

  • After 1 hour, the customer will be automatically logged off.

  • Sign-in/ Sign-up page: new error flow (and event) to let the customer know that the account has been blocked.

  • Refresh account to force logoff

1.2.2. And the customer tries to place an order in-store (Kiosk or POS)

Steps

Expected Outcome

Comments

Customer support compliance agent blocks customer account on Admin tool

Same as 1.1. scenario

Same as 1.1. scenario

Customer places an order on Kiosk or directly on POS

  • To link the purchase to the customer account, the customer must open the WL app to generate the OTP code.

  • No changes, this is the current behavior.

Customer opens the WL app to generate the OTP code to access the account

  • If the account is still logged in, the customer tries to generate the OTP code, on that page, the account will be logged off and the customer can’t generate the code. The customer will be redirected to Sign-in/ Sign-up page and will receive the error message.

  • After 1 hour, the customer will be automatically logged off.

  • Sign-in/ Sign-up page: new error flow (and event) to let the customer know that the account has been blocked.

  • Refresh account to force logoff

Customer proceeds to place the order

  • Without the OTP code, the customer cannot link this transaction to the customer account. The order can be placed, but without this customer account associated to it.

1.3. Guest account is blocked and the customer places an order through the call center

Steps

Expected Outcome

Comments

Customer support compliance agent blocks customer account on Admin tool

Same as 1.1. scenario

  • Same as 1.1. scenario

Customer places an order on call-center

  • There’s no way to check whether the account is blocked and the customer will be able to place the order and use their account information. They’ll be able to use loyalty points and promo codes, for example.

  • This is an exception that cannot be controlled, as call-center doesn’t access account blocking information.

1.4. Guest account is unblocked

Steps

Expected Outcome

Comments

Customer support compliance agent unblocks customer account on Admin tool

  • Customer support compliance agent searches by customer on admin tool using the loyalty id code

  • Then unblocks the customer, choosing the blocking option.

  • An email notification is sent to the customer to let them know that the account has been unblocked.

  • The braze communications will be re-activated. The communications preferences will be kept the same to the ones configured before account blocking.

  • New role with permission to block customer accounts.

  • New blocking button available on admin tool.

  • Email notifications configured on sanity.

  • Braze communications are automatically unblocked and get back to previous configurations.

As the account was necessarily logged-off, when the customer opens the WL app or web must log-in

  • The customer can log-in again and all transactions and profile information is available, as before account blocking.

  • No changes

Scope for the 4th deliverable:

  • Blocking reason: to block the account, the customer support agent must choose include the blocking reason.

    • List of blocking reasons (mandatory field)

      • fraude cliente

      • fraude empleado

      • incidencia

    • add an open text box (optional field)

      • if the agent wants to explain more details, there will be an open box text to add those details.

  • The blocking is visible on the admin tool and data logs, for visibility and traceability:

    • When it was blocked: day and hour.

    • Who blocked: identify the customer support agent who performed the action.

    • Blocking reasons and open text comments.

  • Unblocking reason (mandatory field)

    • This is an open text box, so the agent can explain the unblocking reason. As there are many different reasons, there won’t be a predefined list.

  • The unblocking is visible on the admin tool and data logs, for visibility and traceability:

    • When it was unblocked: day and hour.

    • Who unblocked: identify the customer support agent who performed the action.

    • Unblocking reason.

📈 Success Metrics

List here which are the metrics to look at to define success for the solution implemented. Use those KPIs to define the current status

Open questions

We need to make this section empty constantly.

  • Should the account be blocked for all brands or only for the brand that identified the fraud? (Example: if the fraud was identified for BK ES, should we block this account only for BK ES, even if there is a similar account for PLK ES?) Only for one brand at a time. ANSWERED

  • In which systems should the account be blocked? The account is blocked and it’s not possible to login in any system. ANSWERED

  • Should we block the user to create a new account with the same email? Is this part of the scope? the account won’t be deleted; only blocked. So the customer always gets the blocking message. ANSWERED

  • What is the email confirmation message? Details above. ANSWERED

  • Should we send a notification message when the account is unblocked? Yes ANSWERED

  • Is it possible to track blocked accounts on amplitude?

  • How to ensure that we can block customers who are using a previously generated OTP (KIOSK and POS)

  • What is the connection with the DMP (ex: Homeria)?

  • How the blocked user request their data or delete their data (DSAR flow)?

(blue star) Insights

1️⃣ Stakeholder Interviews

[Document here the main insights from interview if applicable]

2️⃣ Analytics

[Document here the main insights from analytics if applicable]

3️⃣ User Research

[Document here the main insights from research if applicable]

4️⃣ Competitor Landscape

[Document here the main insights from what the competition is doing if applicable]

  • No labels