Duplicate Customers on the Web

In 7.5.0, the customer duplicate check was modified so that the check was only done on email address. If the email address was being used as an SSO login, the user was presented with a message so that they could login or get login instructions by email, but they still had the option to continue and create a new account.

In 7.5.2, the CHECKDUPLEMAIL application parameter was implemented to determine on the Guest Email Lookup, Membership Join Registration, Membership Join User Already Exists, Registration, and User Already Exists controls in e-Business whether the same email address can be shared by multiple web users. If you set this parameter to 'N" (you allow duplicate emails), multiple users can share the same email address. In addition, if you allow web users to share the same email address, you should NOT set the WEBUSERNAME_FORMAT application parameter to "CUSTOMER_EMAIL_ADDRESS".

As of 7.6.0, the customer duplicate check on the web was modified to respect the setup of the ONLINE_DUP_CUST_CHECK application parameter. Therefore, two approaches were implemented. If the system finds that a customer already exists for the web user creating a new account, the website can be defined to:

• Allow duplicate customer records to be created
  Give the web user login/email options but allow the web user to continue creating a new account (default setup delivered with base).
• Do NOT allow duplicate customer records to be created
  Give the web user login/email options but do NOT allow the web user to continue creating a new account; rather, the web user will see a custom message (defined in the control settings for the Registration, Membership Join Registration, and Meeting Registration controls) identifying how to get in touch with Customer Service.

Allow Duplicate Customer Records to be Created

The best practice recommendation is that organizations should check whether a new account being created from the web exists, and if it appears that the account does exist, provide login options, but ultimately if the user is not able to log in, allow a duplicate customer record to be created so the customer can successfully transact business with the organization.

To accomplish this, the ONLINE_DUP_CUST_CHECK application parameter should be set to "Y" and the DuplicateCustomerMatchesFoundIssue data services parameter should be set to "Y".

If the CHECKDUPLEMAIL application parameter is set to "N", it means that the organization has defined their system to allow multiple customers to share the same primary email address. When the system creates an SSO record for the customer, if the CHECKDUPLEMAIL application parameter is set to "N", it is fine if another customer also has the same primary email address as their username.

When a web user is creating a new account, the system evaluates whether the new customer record is a duplicate, based on the organization’s customer duplicate check rules defined for individuals. These rules are defined on the Duplicate Customer Maintenance (CUS101) screen and stored in the Cus_Dup_Match_Function and Cus_Dup_Match_Function_Dtl tables.

Do NOT Allow Duplicate Customer Records to be Created

For organizations that do NOT want duplicate customer records to be created, the system supports the following three different scenarios:

1.    Duplicate customer record found who has an SSO login

2.    Duplicate customer record found with no SSO login and no email address

3.    Duplicate customer record found with no SSO login but with an email address

To accomplish this, the ONLINE_DUP_CUST_CHECK application parameter should be set to "Y" and the DuplicateCustomerMatchesFoundIssue data services parameter should be set to "N".

If the CHECKDUPLEMAIL application parameter is set to "N", it means that the organization has defined their system to allow multiple customers to share the same primary email address. When the system creates an SSO record for the customer, if the CHECKDUPLEMAIL application parameter is set to "N", it is fine if another customer also has the same primary email address as their username.

Scenario 1: Duplicate customer record found who has an SSO login

When a web user begins the process to create a new account, the first piece of information the user enters is their email address. The system then searches SSO to determine if a customer with that email address exists. If no match is found, the user is presented with a page to enter their name and address information.

If, after the user completes entering their name and address information, the system determines that the customer record being created is a duplicate because it has identified a single existing customer record that is a 100% match to the customer record being created based on the organization’s set up of Duplicate Customer Maintenance (CUS101) screen, and if that customer record has an SSO login, it means that the customer exists with an SSO login that has a different email address than the email address entered by the user.

If a duplicate customer record(s) is found, the following message displays three options:

• Log in

• Email instructions

• Contact Customer Support

(1) Log In

If only one duplicate customer record is identified, the system presents a message and allow the user to try to log in. This is similar to the message that is displayed when the system finds the email address entered by the user when creating a new account. This message will be presented whether a single duplicate is found or multiple duplicates are found. It is not likely that multiple duplicates would exist, because this message is only presented if the email exists as an email address linked to an SSO login.  

Clicking the “log in” link should take the user to a login page.

(2) Email Instructions

In this situation, the system has identified that it has a different email address for the customer than the email address entered by the web user. The goal is to help the customer be able to log into the site without facilitating someone hacking into another customer’s account.

If the user chooses to get instructions by email, the system gives the customer information about the email account that is on file for them. The system gives the first two letters of the email address username and the domain name (i.e., the name that follows the @ sign and ends at the dot). If the username is less than 4 characters, then the system will only show the first character of the email username, along with the domain name.

The customer must still enter the correct email address, and the customer will still need to have that email account in order to be able to get the information to reset their password. The system will allow the user to enter 3 email addresses. If the user does not enter the correct email address after 3 attempts, the system will not allow any additional attempts in that session.

(3) Custom Message

As of 7.6.0, the User Already Exists and Cannot be Created Message control setting has been added to the following controls:

• Registration control
• Membership Join Registration control
• Meeting Registration control

This message displays if the DuplicateCustomerMatchesFoundIssue data services parameter is set to "N". By default, this message is set to: "If you believe you are not in our system, please contact our Customer Support Center."

Scenario 2: Duplicate customer record found with no SSO login and no email address

If a web user begins creating a new account, and if, after the user completes entering their name and address information, the system determines that the customer record being created is a duplicate because it has identified a single existing customer record that is a 100% match to the customer record being created based on the organization’s set up of Duplicate Customer Maintenance (CUS101) screen, and if that customer record does not have an SSO login, the system will present a message to the web user that the user appears to already be registered on the site.

This is an unlikely scenario, because organizations should have email addresses for customers.   

The User Already Exists and Cannot be Created Message control setting displays, which has been added to the following controls:

• Registration control
• Membership Join Registration control
• Meeting Registration control

Note that this is a very bad experience to subject a customer to; if you are going to define a hard stop so that duplicate customer records are not created, you need to be very sure that the rules you define for identifying duplicate customers are tightly defined to limit the chance that false customer duplicates won’t be identified.  

If multiple duplicate customer records are found, the system presents the same message, but if any of the duplicate customer records have an SSO login, the message that is presented includes the option to log in and to get login instructions via email:

Scenario 3: Duplicate Customer record found with no SSO login but with an email address

If a duplicate customer record is found with no SSO login but with an email address, this will be handled the same as scenario 2; the web user is presented with a message that they appear to be in the system. This situation should not happen if organizations are monitoring their customer data.

If multiple duplicate customer records are found, the system simply presents the "You appear to already be registered on our site" dialog with the message defined for the User Already Exists and Cannot be Created Message control setting message, which has been added to the following controls:

• Registration control
• Membership Join Registration control
• Meeting Registration control

See also:

·            Duplicate Customers Overview

·            Preventing Duplicate Customers

·            What is Merged

·            What is Not Merged

·            Identifying Potential Duplicate Customers

·            Soundex vs. Phonetic