Topic: [Community Feedback] Project: Online Store with a focus on privacy (Read 185 times)

Yes, this is a reality, difficult to get around, especially on a global level. Perhaps some solutions could be made at a local level, but it would be difficult to be minimally profitable to maintain.

That's why my idea is more about decoupling payment <> product <> person.
I know that product x has been paid for. By whom? I don't know.
I know I have to send product X to person Y. What was your BTC address that you paid for? I don't know.
I know a month later that I sent product X. Where to? I no longer know that the data was deleted.

Still, those services don't offer complete privacy. They need at least your email and/ or phone number to send you their code, etc verification process. I don't like to say the "bad news" but I believe that many, if not all, don't protect them at all...

In many cities in European countries and the USA/Canada, there is already a virtual address service, where people can collect their orders, which were sent to these addresses. Therefore, a more concerned consumer can always use this type of service if it is available in their location.

Furthermore, this is actually a more difficult barrier to overcome.

I think the idea of online shopping with privacy is pretty vague in itself because of certain facts that disrupt the whole idea such as needing a name or an address for delivering the goods to the customer.

When we talk about privacy and those who want their privacy protected, they basically don't want to reveal anything about themselves including their names, addresses, or even their area of residence. But when you talk about online shopping with the idea of delivery to goods at customers' doorsteps, it becomes necessary for them to provide such information, and even if the data is removed later, it is at least provided at first which might not be what privacy-loving customers would want.

So I think the idea of maintaining COMPLETE privacy while running an online store would only be possible if there were pickup points set up in each city where the store would provide its services and maybe the customers should only get a certain code or something while placing an order and then use the same code to pick up their parcels from the pickup points without having to provide any other details.

Exactly. The customer with the receipt can request the warranty, but it would still provide a unique code, which could serve as a reference to the product/purchase date, if the customer wants to request support.

So basically, you also want to eliminate this? Because the warranty can be also activated through the receipt of the purchase and not from the order page. I mean the customer will already have the receipt. So you as a store don't have anything as a record. Or am I missing something?

Yes, the idea is that the system eliminates all purchase information from the system. There is no record left.

The only data that remains is the support code and the corresponding product information. If the customer wants to activate the warranty they must request support using this code, it is the only way to associate the product with the person who purchased it.

I don't know if somebody said that earlier but why don't you use or implement something like privnote's self-destruct system?
The customer, when taken to the page where he will have to fill in the delivery address, will put his details in a self-destructing field with a locked destruction option. In this case, when the item of the order is delivered.
As for keeping the customer's details in case of a return or change, I believe this is solved as long as you keep the payment number and the customer the receipt of the purchase. Purchasing details are different from the delivery details.

When purchasing physical products online, there is an element that is almost impossible to avoid: delivery address.

The person always has to give an address, a more direct address (home or work) or a collection point.

My idea is to try to reduce the impact of this information as much as possible on future online records.

He's obviously trolling. He wrote everything without saying anything.

About your idea, privacy and the requirement that the user must have physical contact with something seems quite demanding. Perhaps the answer to solving this problem could be seen through this idea, although it seems very complex to me and very difficult to function.
Bitpost - the decentralized system for global parcel delivery

Your suggestion was that the customer would only provide the data to be sent (address and the like) after paying? Or did I get it wrong?

This is absolutely an incredible idea and when I read about your idea of having a link token on the app to help track the progress of orders I was mind blown as to how good you've mastered your idea but I'll advice having to take any information in the first place from customers might still seem to bring about panic. I believe what made the cryptocurrency market especially Bitcoin to prosper so well from its onset was because it started out as a decentralized exchange currency where transactions can't be traced so I think it'll will be best to have the app in a way where no form of kyc is needed just a system that validates your wallet then you make payment or better still once an order is placed the system provides a wallet payment is made into and wait till payment is validated and the link token is provided after payment has been confirmed without the customer having to put in any personal information. Thank you 👍

I haven't yet decided which product to sell, I have several possibilities. Despite this, this aspect is assured.

All products will be sent accompanied by the support code. For the seller, this code simply says that product X was purchased on date Y, enough to provide the respective guarantee. If the customer encounters a problem with the product, they just need to go to the website and via chat/email indicate the support code and report their problem. From then on, all the respective measurements will be taken, with the customer logically being willing to return the product, if applicable, and provide any further information that is useful for the process.

The idea is, if you never need to activate the warranty, the seller will never know who receives product X on date Y.




The invoice only needs to have this data from the seller and not the buyer.




In turn, the code only stops working if the seller loses the database. It can happen, but there must always be backups, whether in this type of store or in any store.




Logically, there is always this danger. Therefore, the system must seek to be robust. Either way, the customer must always have the invoice they received. The exclusive support code is only used to let the seller know that it refers to product X sold on date Y.

In other words, it is not enough to say that the code is 123456, this code must be referenced in the seller's database. If necessary, the customer must be able to present the invoice they received.

In the case of the BTC address, a lot can be worked on this subject, to guarantee the best privacy and security practices. The aim is that at the end of the day, the seller will not be able to say that sale X was paid for by address Y.




Exactly. The data must be deleted from the system, days after the merchandise is confirmed as delivery. Either by the customer or by the carrier.

Warranty: warranty papers usually need a valid proper invoice, at the very least. That contains name, address...

Errors do happen: what if the unique code will stop working for some reason?

Malicious use: what if others understand how the unique code is built and start sending back for refunds goods they didn't purchase? (You cannot rely on using the same bitcoin address either, too many may be using online wallets or exchanges).

Selling abroad: you may need the customer details at least until the moment he receives the goods, you may need them in case of issues with the postal services.

First question - what kind of stuff you're planning to sell on your store? If it's some electronics, how about warranty? Most of gadgets usually have 2 years warranty. If during warranty period device will stop working properly, how about return of it to get fixed if order data isn't saved?
Offcourse, it's not an issue if you're selling some digital stuff or something what don't have warranty.

Of course it is helping, as this allows me to analyze all the points of the plans I created for this project. Someone who has already thought about this field is very helpful. 

I just think that going through the blockchain ends up being too many resources for what was intended. Especially because all shipments - in common shipping services - always require two addresses: shipping address and destination address. So the only way to break this link is for the store to use dropshiping services. This would already be the management part of the store, which in my case, would probably be like this.

In this sense, my idea goes through the store manager, just knowing that product X has to be sent to address Y, because it has been paid for. This data, after delivery confirmation, is automatically deleted from the system. Of course, the dropshipping service can keep the shipping data if the seller does not delete it too.

But in this case, we can look at two points. Firstly, dropshipping only knows that its customer requested the goods be sent to address Y. It does not know whether it is the end customer or not, nor does it know how that customer made the payment. Secondly, if the store suffers a hack, it will not have any information about its customers, nor will it be possible to make a link between the bitcoin transaction and the purchases made.

There used to be, yes, drop ship addresses but nowadays even those require you to KYC with the companies, and pay a lot of money. Now after 9/11 and all that, these things are all illegal in my country. Even if not tho it doesn't solve the problem of KYC it just moves it to another company.

The solution I'm thinking of doesn't require any account, that's the beauty. You only store your information on blockchain, and the blockchain authenticates you with your private key or wallet as your identity. And you connect that with the store, and the store's delivery service reads the blockchain to get your address but not to link it with your identity or even store connection. I guess the problem now is to understand who is this service or what trusted service does this delivery use.

So might be you have to work with such a blockchain provider I think a lot are testing this kinds of ideas like NDlabs...

Sorry if I'm not helping I realize its complicated but I also thought about this before.

In the solution I have in mind, there is no account. The customer only provides the delivery address necessary to receive the order.

Unfortunately, this element always has to exist, as it is the only way to receive the order. In some countries, there are shipping companies that provide virtual addresses, which means that the customer does not have to provide their real address to the store. However, this has to be managed by the customer themselves. There is no better way, for now.

I think, instead of even getting customer details, there might be a way to even not require collection of such details, by asking customers to sign in using a different service.

IIRC there's a blockchain service that authenticates the user via their wallet or private key, and they can link information to that wallet, such as the address.

Then, if user signs in and buys, your shop doesn't ask for address, it just authenticates their wallet.

The only problem is finding a delivery that will also use the authenticator I guess.

I have thought about opening an online store several times, where the main payment method was Bitcoin. But one of the things that has delayed moving forward with the idea is the fact that many Bitcoin users are very concerned about privacy.

Over the last few years (probably), I've been brainstorming ideas for how I could create something that offers a complete privacy-centric shopping experience, guaranteeing anonymity (as far as is realistically feasible) and protecting customer data across the board. process.

After several analyses, I came up with some ideas/plans that could work, and I would like to discuss them with you before moving forward with a "demo". Here are some points that I highlight from the idea I developed.


Total Privacy:
That's the main point, as much privacy as possible. To guarantee this, I thought of a system that automatically deletes all customer data as soon as an order is considered delivered. This includes name, shipping address and any personal information associated with the order. The aim is to ensure that no sensitive information is stored after the purchase is completed.

Unlinking between Payment and Order:
The system processes payment for the order directly, so the administrator cannot link a specific payment to an order. Of course, at a stage where the store is small or receives few orders, it ends up being easy, humanly speaking, to associate one thing with another. But the idea is not to have this type of connection.

Accountless Order Tracking:
The customer does not create accounts. After providing all the information necessary to process the order and make payment, you will receive a link-token that allows you to track the status of the order. This will be the only way to check the progress of the order. This link will be temporary, until the order is considered delivered.

Anonymous Support Code:
As all purchase data is deleted, the customer receives a unique support code along with the order. This code allows you to request after-sales assistance. This code is the only way to identify the order with support. The administrator only knows that that code refers to that product and was purchased on date x. Only if the customer wants to return or activate the guarantee, they may have to give their personal data again.


There are also other complementary details that will help keep data private and secure, against information leaks and the like.


I would like to know your feedback.