Email validation at registration is a common feature of e-Commerce web and mobile sites.
Any newly registered user has to confirm the email he entered is valid, usually by clicking on a confirmation link in a mail received on the provided email address.
This has many purposes:
- Make sure the provided email address is valid at registration time
- Decrease the risk of loosing ticket information sent to the user on the provided email
- Provide a clean email base for future marketing campaigns and therefore avoid mass bouncing
- Avoid identity theft by a thug abusing badly protected email addresses
To achieve this, SECUTIX now provides various email validation mechanisms.
The email validation registration process can be enabled or disabled per institution. It is enabled by default for all new institutions and will be gradually enabled for older institutions.
Ticketshop
Users need to have a validated email address to access the ticketshop.
Email validation is initiated under these use cases:
- New user creation with a SECUTIX account, i.e. no third party SSO account
- B2C user email address modification
- B2B individual and relay contacts email address modification
In all cases, the email validation process is performed as follows:
- The user gets an account verification email on the provided email
- He clicks on a link provided within the email body
- This opens a page on the ticketshop that states that the validation was successful
- The page displays a login button to proceed to normal login
Conditions
- A ticketshop logged in user who modified his email himself will be forcefully logged out and needs to log in again.
- A ticketshop logged in user who had his email modified in the back office by an operator is allowed to stay on the ticketshop until the end of the session.
- Guests are not subject to email verification.
- SSO accounts are considered as verified by default. The validation responsibility lies with the SSO IDP manager.
Box Office
Email validation trigger
When creating a new contact (individual or structure) in the back-office, the Document type and Point of Sales context must be chosen. This ensures the contact gets a validation email referring to the right context.
- Document Type lists all active "Account verification email" documents
- Point of Sales lists all point of sales in the current organization and in RUNNING state
- For individuals : Belonging to B2C sales channels
- For Relay, Structure : Belonging to Internet Agency, Internet B2B and Internet B2C sales channels
Email validation status
The status of the email will be shown on the contact page with a green circle (validated) 
or a red circle (non validated) 
The contacts screen is shown as an example:
Friends & Family
When creating a Friends & Family connection, if the connected contact has not been verified, a warning with a link to trigger a validation email sending is displayed. This does not block the ongoing sales processes
The contact widget will display different icons for the contacts depending on their verified status
Contacts merge
- If an email is copied from Child contact to Parent contact, the verification status of Child contact will be carried over.
- If Parent contact to Child contact have the same email and one of them is verified, the Parent contact email must be verified.
Handling of contacts with not validated emails
- What can a contact do/not do with a not validated email?
- Batch to remove/anonymize not validated contacts (see Clean-up batch: invalidate contact and remove prospects which address hasn't been validated during the duration set-up)
