Preventing Fraudulent Redemptions in Cart Promotions
In cart promotions, when a cashier applies an offer and processes it for payment, the customer receives the benefit but the promotion is not immediately redeemed by the system.
At the same time if another cashier applies the same promotion to another cart before the system registers the first redemption, the capillary system proceeds ahead as it cannot reject any redemption. As a result customer may receive benefits beyond the allowed number of redemptions.
Cart Promotion Transaction Flow of Events:
- Customer makes a purchase and proceeds to checkout.
- Cashier adds items to the cart and checks for applicable promotions.
- Cart promotions returns the applicable offers (At this point promotions are not redeemed but merely evaluated for the cart and is indicative of the benefits)
- Cashier applies the offers and proceeds for payment (Customer has received the benefit hence Capillary cannot reject any redemption)
- Capillary system receives the transaction (via
transactionAdd
API). - The
transactionAdd
API internally calls the cart promotions module to redeem the promotions and update the redemption KPIs . Two things can happen here:- Redemption identifier is valid and irrespective of the breach in KPI we record the redemption.
- Redemption identifier is invalid. Currently these are rejected by the cart promotions module.
With step 4 & 6 being not simultaneous, it leads to a potential loophole where the promotion benefit has been given to the customer but the corresponding redemption has not happened in the cart promotions.
How Cart Locking Prevents This Issue
To prevent such loopholes, a cart locking feature is triggered internally whenever a promotion is applied.
Note
The feature is is not explicitly enabled. It is triggered directly when a cart promotion is applied.
- For every cart identifier, the system calculates promotion redemption KPIs at both customer and promotion level. These computations are transient or temporary in nature and block the usage of the promotion(s) for new cart identifiers. Evaluate payload must include unique cart identifier given by cart promotions.
- If the POS makes a second
evaluate
orgetOffers
call during an ongoing transaction, it must use the same cart identifier. - For the same cart identifier, if a new request is received for the same customer the temporary values will be reversed and cart to be evaluated as new.
- Once the transaction is completed, the temporary values become permanent.
- In case the transaction is cancelled or timeout, the temporary state can be released by the below methods.
- External - API call with the same cart identifier.
- Time based trigger -Brand can set up a default time to release the lock in case the external trigger is not received
How it happens:
You are running cart promotions and you want to make sure that once a promotion is applied, it doesn’t create any conflicts or allow customers to unfairly use it multiple times before it's officially recorded. Here’s how the process works:
- Once the Cashier starts the transaction, by scanning the items, he sends a
getOffers
request to the system to check for the available offers running. - The system temporarily locks the promotion and updates the KPI (to track how many times are the offers being used by the customer).
- If the customer tries to remove and reapply the offer, system prevents the action by blocking it:
- For discount: It fails at promotionId level.
- For vouchers: It fails at earnId level.
- When the customer checks for promotions on app or store, the system instantly updates and shows the offers that are active and locked.
- If the final transaction confirmation is delayed, customer will see the offers in locked state, which means that they cannot apply or use their offers again until the transaction is completed or system unlocks it.
- Customers options are:
- Wait for transaction to complete.
- Contact Customer Support
- Wait for system to auto unlock the offer after 24 hours.
Updated 1 day ago