All things Shopify and commerce
Hello,
Shopify provide an option for users to sign up and create shop account with an email address. Shopify checkout does not check, if a user entered an email, that belongs to already created user (that's super weird), which means, that non-registered and non-logged users can place orders for other registered users.
The case is like this:
Person A creates a shop account with email a@example.com.
Person B places an order, using email a@example.com (for whatever reason...).
When person A logs in, he sees order from person B under his account.
It's like when someone uses your already used email and writes posts on your Facebook without logging in.
This can be prevented by enabling only signed users to place orders, but that would mean every single user must be registered (that is a no-go). Do you know about any solution, that would prevent using emails, that belong to registered users by non-registered users, without requiring everyone to be registered?
Hi @5-MeO-DMT
I totally get why this feels like a major flaw—someone could use another person’s registered email and make purchases that end up linked to the wrong account. Shopify's default checkout doesn’t automatically check if an email belongs to a registered user unless the store requires login. But since forcing all users to register isn’t ideal, here are some alternative solutions:
Unfortunately, Shopify doesn't natively block this behavior without requiring login. The best approach depends on your setup: if you're on Shopify Plus, scripts or custom apps work well. Otherwise, third-party apps are your best bet.
If you need any other assistance, I am willing to help.
Best regards,
Daisy.
2m ago Learn the essential skills to navigate the Shopify admin with confidence. T...
By Shopify Feb 12, 2025Learn how to expand your operations internationally with Shopify Academy’s learning path...
By Shopify Feb 4, 2025Hey Community, happy February! Looking back to January, we kicked off the year with 8....
By JasonH Feb 3, 2025