I know that there are threads here about the need to blacklist certain customers and how to do it. I'm good on that front. We have very few customers who have been blacklisted, fewer than a dozen customers in eleven years of business. Our system simply doesn't permit those customers to place an order. Most customers get it when their order is repeatedly rejected.
For those of you who have small blacklists: How do you handle it when a blacklisted customer emails or calls to ask why he can't place an order? Do you ignore the inquiries? Do you tell him why he's not able to place an order? If so, how specific or vague are you in your response?
P.S. OK, we're being overzealous with the Shopify Community safeguards, folks: First time the message was rejected because I didn't use any labels (because none of those offered are appropriate). OK... Let's just choose a few at random, even if they don't make sense. And then tells me, "Post flooding detected (community received posts of a unique message more than 1 times within 3,600 seconds)." Well, duh, you made me try to post it a second time!
You ask a great question here about how to communicate this with your customers who are not able to place an order on your store. This is definitely a sensitive topic to broach with them.
We do have some suggested best practices to approach these topics and help you with your tough conversations.
You will want to assess the risk report provided for the order in your store or through the app you are using to assist you with that. Sometimes the risk report may seem vague without any notable issues but still flagged as a high risk and sometimes you are going to be able to clearly see what the issue was, like multiple failed credit card payments.
While you can share the details you see in your store admin with the customer, I encourage you to not do so. The more information potential fraudulent customers have the better they are able to place these orders and open chargebacks against other businesses. If you can see something like multiple failed credit card attempts, that is something that you can share. But, if you are seeing a flag that orders similar to this one are usually fraudulent, I would keep that to myself.You can also consider sharing our Help Center documentation on how we assess orders for risk, as this is public information that even buyers can review: Help Center: Fraud Analysis.
The best way to format your messaging to the customer is to recognize their frustration and empathize that you know it sucks. Due to a range of security tools you have in place their order has been deemed too high a risk to finish processing or there were too many issues when they were placing the order.
Something like this would be a good starting point:
Thank you for reaching out about this issue you are experiencing with our checkout. We really appreciate your support of our business and are happy to know that you wanted to purchase some of our products.
At this time we are unable to complete your order as our security and authorization tools have deemed it too high a risk. I know this is not ideal and we apologize for any inconvenience this has caused you. If you wish to attempt to make the purchase again using another payment method, please go ahead and do so. You can also ask a friend to attempt the order on your behalf.
I want to thank you again for your interest and support in our business.
I'm happy to help with any other questions about this you might have or to assist in tailoring and customer facing feedback you create in the future.
Thank you for your well thought-out response. There's some good info here!
I should have been clearer in stating that these are people on our shop-specific blacklist, so customers with whom we've already had enough of a negative experience that we've decided not to do business with them anymore. We do not, however, make it a practice to say that to customers.
Customers who are flagged by Shopify or FraudLabs Pro are always given the benefit of the doubt initially and we work to verify them. We've been using FraudLabs for a couple of years and while I like their analysis of customers and transactions based on input and behavior, it's their SMS verification module that hooked us. Shortly after we opened the new online store we were hit with a spate of fraudulent credit card charges. Nearly all of them were completely greenlit by fraud checking. They were all recently stolen credit cards where the "customer" was using the cardholder's actual information, therefore causing no alarms. Adding the SMS verification stopped that almost immediately and we've had very few attempts, let alone successes at ripping us off since.
Back to my original query, I really do appreciate Shay's response, but I'm going to leave the thread open. I'm still interested in hearing what other owners say and do in such a situation.