In the COVID / post-COVID world you'd think the businesses that survived would know how to handle online sales. But this obviously isn't always the case.
I recently made a purchase through Shaver Shop online.
It wasn't my first but it was my last.
It was a click and collect purchase.
I could have had my order delivered free of charge but my wife and I planned to be near the store in the next day or two so I figured I'd save them some postage and hassle.
What an idiot I was.
As it turned out I couldn't go in. So my wife went on her own.
I gave her every piece of communication about the collection to ensure that she'd be able to painlessly collect the goods. Order number, emails, texts...whatever, and everything! All printed out.
What an idiot I was.
I received a phone call from my wife from the store.
"Can you call customer support. They won't let me take the goods unless you call customer support."
I couldn't believe it and I was immediately angry.
I asked the store manager, via my wife, why I couldn't talk directly to him?
I could prove everything he needed to know and more.
I was wondering how it was going to help to add a third party to this situation? A third party who is further away than anyone else? A third party who doesn't have access to my wife's credentials to prove that she's my wife...and naturally authorised to collect the goods.
The in-store guy said "No. You have to call customer support."
I asked, via my wife, can I cancel the order then? So she could buy the stuff outside of the order.
It struck me as weird that this guy was happy to engage with me, who may or may not be the legitimate orderer, via my wife but not directly with me.
Surely that's a bigger problem with their system than talking directly to the customer?
With a few quick verbal checks I could have unambiguously proven our legitimacy in every way he could imagine.
Just off the top of my head, that my wife's place of residence matches mine. Her surname too. I'd be able to tell him exactly what she had in her hands by way of order documentation.
But no, I had to call some person somewhere else in Australia...at midday on a Saturday. And he couldn't even tell me the phone number to call.
Yeah, good luck with that.
I was now very angry.
So I rang customer service and the first thing the person on the line tells me is that because it is a Saturday her manager is away and she can't authorise such a thing.
So why is this part of their verification process?
Clearly moronic and poorly thought out processes at play.
But I persisted.
I told the person on the phone the order number and a couple of other unique things about the order, which my wife already had in her hand in the store...and miraculously, despite "not being authorised" she authorised the release of my goods to my wife.
When that was done the person made a point to tell me what a massive favour they'd done for me and how they "don't normally", and "can't", authorise such things.
Clearly a lie because, well, they did it.
There's not much more I hate than being lied to.
I pointed out that I am the customer and that I didn't appreciate being treated this way.
So here's another hole in their "security" procedure.
If the documentation in the store wasn't good enough to prove my wife was legit', then how come getting me (whoever I may be) on the other end of the phone (with the same information), going to be more legit'?
They hadn't checked that I was really her husband or anything else for that matter.
All they did was trust that the person she called was the person who actually placed the order. As opposed to just someone else holding the same documentation as her.
They'd put us through the wringer without the application of any actual additional security.
So I wrote to them.
I knew I was wasting my time but I did it anyway.
The email, in part, included roughly the story I have told you above as well as the following:
1) The result could have been achieved courteously and simply. It has been on other occasions with other vendors.
2) Shaver Shop's supposed click-and-collect security and policy clearly doesn't work.
a) it caused significant problems for a legitimate customer
b) the person on the phone bypassed it anyway
c) it wouldn't stop click-n-collect fraud for obvious reasons*
d) the support team isn't properly informed or trained
e) the supposed chain of authorisation is a lie, non-existant or broken
3) Instead of protecting someone, you, me, from click-n-collect fraud all you have done is piss off a long time customer...who won't buy from SS ever again....and will tell everyone who will listen about this.
I am a believer in shopping locally, even for chains/franchises, in order to keep local people employed...until they make it clear they don't want my money.
If your strategy for cyber security is to alienate legitimate customers before performing a couple of simple security checks, then I think you'll find you have a problem with your business model. Ask your marketing team how they feel about you undong their work.
In the end I got to where I should have. My identity was proven, my wife's connection to me was proven (albeit through invalid methods) and she got the goods.
So I ask you, why did we need all the angst and bullshit in-between?
* if you want to know why you'll need to ask me. IT security is part of my business so it won't be a free consultation.
Against the odds I did receive a reply to my email...
Thank you for reaching out to Customer Support.
We appreciate you taking the time to provide feedback on our Click and Collect policy and I have listen to your call on Saturday with ######.
I believe ###### provided you with the correct information regarding our policy on Click and Collect and while this may be frustrating we do have these guidelines in place for valid reasons.
Authorisation to approve a click and collect is required by management, however ###### is a very experienced Customer Service Agent and on this occasion I believe she granted your request without seeking approval, based on the information at hand and to help with your unfortunate circumstances.
I will also be providing feedback to our Area Managers as this should have been handled in store and there was in fact no need for you to contact Customer Support. The store could have contacted their manager or Customer Service on your behalf.
Once again we appreciate you taking the time to reach out, if you need any further assistance please don't hesitate to contact me directly.
The emphasis (bold) is mine.
You'll note that, despite verifying everything I said AND how I said the matter should have been handled, they offered no apology.
So I'm still never buying from them again.
P.S. And, amusingly enough, they sent me emails asking for my "Opinion" because "it is important to us". Yeah, I unsubscribed from that. They're not getting any help from me if they can't apologise properly.