Search Keywords:
Blog Category:
Archive:

Latest | Oldest

Business Growth

Business Growth

View More

Updates

Updates

View More

Engineering

Engineering

View More

NEW in REC+: Introducing Price Tracking History, Improved Reporting & PCI-related Security Enhancements

Spotlight

Price Tracking History
Daily tracking of product prices displayed on a timeline to allow you to see when changes were made.
This provides a base to add more features, such as enhanced reporting as well as introducing price drop alerts for customers. 
When enabled you can view the price changes graph above the prices on the edit product screen. Contact us to find out more.
3607

Faster report generation
Report Builder performance has been greatly improved by building reports in parallel to reduce generation time plus optimisations to some specific reporting blocks, as well as speeding up the coupons report. You'll now notice a new loading bar briefly displayed when running Report Builder reports with the screen loading in a fraction of the time.
3668

Ecommerce & Tracking

Order Manager coupon/discount icons
New coupon/discount icons are shown against orders in Order Manager wherever a discount/coupon was used, with coupon information shown on hover of the icon. Search can now be used to reveal all orders that used coupon codes (or part of the code such as the prefix). This is particularly useful for finding Google Shopping discounts as these all start with "GSD-". Read more about the benefits of running ads with Google Shopping Automated Discounts.
3660

Report Builder - selecting multiple Smart Types
New controls so you can multi-select a mix of different types of users for unified reporting, such as Trade & Dealer, or exclude a specific group of users by selecting all other groups except the one to be excluded.
3651

PDF invoice links can now be added to confirmation emails
Update order confirmation emails with the new secure order.pdf_link template tag link so users can easily download their invoice, without needing to log in. 
3687

Invoice line display customisation enhancements to match branding 
Update your website invoice to match your brand or your existing invoices more exactly, contact us for pricing. 
3686

Product & Category sort order changes are now audited
New audits to help you track when and where changes have been made.
3677, 3679

Duplicate variations detection.
Working with a large number of variations on a product can be tricky to make sure you don't end up with the same option combinations already set up. 
The system will now warn when this happens and continues to warn when you come back to the product later if a duplicate already exists.
Also, to help you find these en masse there is a check for this in the Prroduct Issues report: Admin > Reports > Product Issues > Duplicate Variation Option Combinations
3678

Integrations

Google Shopping Automated Discounts now treated as their own referral/source for traffic tracking
In order to better analyse the effectiveness of the Google Shopping Automated Discounts program, you'll now be able to see that an order came from this source and to be able to filter to just these orders in Order Manager.
3661

CMS & Admin

Page Slice buttons design
Buttons in pages built using slices can now be heavily customised with colours, sizes, padding, font sizing, alignment and more. 
Please note, if you want easily repeatable/consistent buttons across your site, changing the style directly in the CSS templates may be a better choice. However prototyping them with slices is a great option and then have a designer add in the CSS so you don't have to update each one manually.
3674

Security

PCI Password security update - require a minimum 12 characters for new passwords
This increases from the previous minimum of 8 characters to match PCI 4.0 password requirements.
UPDATE: this was initially released in July and then changed in August to only apply when using the Password Meter with additional password checks for upper and lower case letters, numbers and symbols. Read more about PCI Compliance requirements.
Please note: Existing passwords remain untouched, this is for new passwords.
3681

SRI usage increased to secure 3rd party script use where possible on all default installed scripts

Subresource Integrity (SRI) is a security feature that enables browsers to verify that resources they fetch are delivered without unexpected manipulation. Templates on your site may need review for PCI 4.0 due to historic use of scripts. Some scripts such as Google Analytics, PayPal, Stripe & Facebook Pixel all need to be kept up to date and are currently unavailable with SRI from these providers. 
3659

Developer

Categories API now allows filtering by a given timestamp, or sorting by a specific field
Using ?since_timestamp=... you can now filter for category changes since a date, similar to how you can filter for products & orders. 
Full information about this and the rest of the API available here.
3670

InnoDB migration for visitor tables
This is a technical enhancement allowing the migration of the large visitors table on each website to the InnoDB file format to reduce backup times. This is also useful when performing any future server updates or migrations. Only performed by technical staff.
3689
 


IMPORTANT: PCI DSS Compliance v4 - New Scanning Service For Ecommerce Sites

What is PCI DSS v4 & What Has Changed?

PCI DSS v4 is the next evolution of PCI compliance affecting ecommerce websites which take payments and it is in effect now. Read documents about PCI v4 here

A significant change is that in the past your website did not need to be PCI scanned since you use 3rd parties to handle payments, such as Paypal, Stripe, Klarna, Barclaycard ePDQ etc, and the burden of PCI compliance fell onto those companies. However that has changed and banks and payment processors may now ask for your website to be regularly scanned as well due to the evolving threat landscape, which is set out under Requirements 6 and 11. There are changes to the Self Assessment Questionnaires SAQs you fill in which now mirror v4 compliance.  Read more about the SAQ changes and requirements here

Why Do Vulnerabilities Arise?

Hackers are always searching for ways to exploit websites with new methods or tools. We have extensive multi-layered security tools and processes to protect your core site from exploits, however there may be scripts that have been added to your site in the past which were secure at the time but a new exploit has subsequently been found for them. These will be flagged up in a scan and require attention to negate the vulnerability.  It's a fast-moving game, even a new script added today could become vulnerable in a short period of time, hence more regular and more comprehensive scanning requirements. 

When Do I Need To Start Adhering To The New Standard?

It will depend on when you did your last 12 month SAQ. Once that expires then you will need to adhere to the new standard, as set out below:

How Do I Do PCI Scans?

Your bank or payment processor may provide you with an approved PCI scanning system (ASV - Approved Scan Vendor) which can be used to perform a scan. Otherwise it will be necessary to purchase this service. The scan produces a detailed report which needs to be checked through to ensure there are no identified vulnerabilities on your website, including picking through false positives. This is best tackled by us since your website application and hardware infrastructure is provided by us. This includes switching some of our security tools into PCI Compliance test mode to eliminate false positives.

How Often Do I need To Run PCI Scans?

This may be needed as often as every 90 days.

How Do I Check What Scripts Are On My Site?

You can use the Script Finder program in the website Admin Centre to see all the scripts that are in use on your website. This is important if you are using embedded payment pages or forms including iframes, such as for Klarna or Paypal Commerce.

What Else Needs To be Updated?

We will have to enable HSTS (which forces the browser to always use HTTPS with your domain) and secure cookies, both are settings in the admin centre. We will also look to introduce other measures highlighted in the new standard which are not already covered. 

What Does It Cost?

We can perform PCI scans for you and interpret the scan reports. The charge for this is £105+VAT per scan request per website. This includes scan re-runs to check any issues identified in that scan are resolved. We can either use your bank's scanning tool if it's provided or a paid service such as HackerGuardian which is typically around £70 per annum. 

Script audits can be undertaken at a charge of £105+VAT.

If we find 3rd party scripts or other work that require remediation, the charge is £105+VAT per hour and would typically take a few hours to complete unless the scripting work was particularly large or complex. You would also need to test your website functionality relating to the scripting work after it is completed to ensure it is functionally working.

Other measures may need to be introduced over a period of time which may have to be charged for and we will advise of this at the time.

How To Book

Please raise a support ticket stating you require a PCI Scan in the subject line and whether you have access to PCI scanning software in the description and we will schedule in the work. 

 

.


Spotlight On Ecommerce Features Released This Year

Top Picks

Here's a roundup of the changes we've released this year so far. It heavily showcases new e-commerce features but you can see all changes in detail covering the Content Management System, sales and prospect management, tracking and of course security updates. Visit the Update page.

If you are interested in enabling these features, please contact your account manager regarding licence upgrade and implementation costs.

Google Shopping Automated Discounts / 'Dynamic Re-pricing'   
Major new feature for ecommerce stores advertising on Google

Google has launched a major new feature to help improve online product sales by dynamically lowering the price of your products shown via Google Ads compared to your competitors. The new product price is displayed on Google's Search Engine Results Pages and once the ad is clicked the price is then automatically lowered on the website product page to match. The amount of discount given can be set as a percentage across all products, or with specific prices on a per product basis. The price offered by Google is honoured for 48 hours only. Read the full article.

Free Samples
Secure more sales by offering free samples to prospective customers as trials, matching up products etc. Mark a product as a free sample with free delivery and as an addon so it doesn't show up in latest products etc. Free samples are ignored in the minimum order value checks at checkout when ordered without other products. However, if you then add a £10 item to cart, that item triggers the minimum value check and prevents the checkout from allowing the order to go through until the minimum order level has been reached. You can also set the maximum number of free samples you allow per customer order. Read the full article.

Re-Engagement Reminders
Remind new customers who haven't purchased to come back to the site, or specific groups of customers who haven't purchased in a set time frame.
Read full article.

Additional Abandoned Cart Followup Email Task
Further to the default abandoned cart followup email, you can now set additional followups such as a week or a couple weeks later as extra reminders to bring in sales. 
Read about all abandonment followup features

Send personal-looking automated emails from account managers
Make automated emails to customers appear as personal emails from your account managers. Great personal touch for increasing open rates.
We've also added BCC support & ability to BCC account managers on emails being sent to their customers so they know what's going on e.g. dropping out of a VIP Club.

GA4 Consent Mode v2
We've updated our consent mode integration to ensure we share if the user has accepted different tracking and ads based storage and personalisation permissions so that Google can respect the visitor's choice. This is to bring the cookie policy, GA4 & Ads integration up to speed with the latest rules and best practice.

Auto Discontinue Products
Set products to automatically discontinue when they run out of stock as part of improving your stock management.

Admin alert emails modernised & improved
We've redesigned all the system alerts to bring them into 2024 and emphasise important actions you need to take.

Google Sheets integration for custom sales data reporting
Automatically sync your new order data to Google sheets allowing you to build custom reports or dashboards that are automatically updated and can be viewed on mobile and desktop devices.

Back In Stock Dates report
A single screen to view back in stock dates for all products and see which have expired but haven't been re-stocked yet.

Customer Order Analysis 
Track trends over time for different groups/types/classifications of customers using this on-screen report and record sales contact actions and updates to main customer notes. Read more about Customer classifications, order analysis, sales summary and product discovery.

Customer Quotes via Manual Orders & Making Payments
We've introduced a new 'Quote order' state for orders, used when quoting via a manual order in admin so that your customer is be able to find the quote in their customer 'Previous orders' section when logged into their account, under a new Quotes tab. 

Product Sales on-screen report
A valuable report for Product Managers and Product Development staff to to compare changes in sales and conversion rates of specific groupings of products, such as a range of product IDs or product categories by date ranges.
Read about Product Lifecycle & Forecast Reporting and Product Sales Report

Product Data Quality Report
Target high value or converting products with data issues to improve their quality and boost sales. 
Read about our wide range of reporting

First Added To Cart (FATC) report
Find which items are added to cart first before buying other items. 
Read about our wide range of reporting

Switching customers between different VIP Clubs / Managing Discount Levels Automatically
Alert customers when they are switched from one VIP club to another with a new email alert using the Email Task 'Swap VIP Club', such as upgrading from a trade club to a distributor club.
Read about the VIP Club system and uses

Our Magento integration now pulls in categories, manufacturers, orders & customers.
New admin areas are now also available for Magento Integration & Magento Order States to help manage the integration and update sync'ing between a Magento instance and REC+

Page Slices Mobile Styles
We've re-designed the way you manage many of the style/design settings with additional support for changing some styles between how they look on Desktop vs Mobile, such as different paddings and text alignments. 

 


Showing 1 to 3, of 3 Blog Posts found