User can delete name and email after chat initiates even if mandatory

Not planned

5 Comments

  • Ramin Shokrizadeh
    Zendesk Product Manager

    Hi MT,

    Thanks for the feedback regarding the ability to delete data after the pre-chat form is submitted.

    Can you let us know how often this is happening? The ability to edit or remove visitor info isn't on the top level of the widget so it shouldn't be happening that often.

    You can see historical name and email address information by looking at the chat events in the transcript in the 'History' tab. If you want, you can then re-fill the information for the visitor.

    The 'Require Identity' option is a setting for the pre-chat form and not the global visitor profile, so it is technically accurate in its behaviour.

    Even in a world where the visitor didn't have the ability to remove their name/email after the pre-chat form, they can easily put false information to get around it if they don't want to give you their information.

    Thanks,
    Ramin

    0
  • Susan Goodman

    This is an issue for us also. We are prefilling the user details from SSO which links to the user's Zendesk profile but within a chat the user can edit this. This means that at a minimum they can create a new profile for themselves with Zendesk but they could also change their email to a user with increased permissions and have the ticket raised to their profile. Is there a plan to change this as it is blocking us from putting chat on some more secure applications. 

    1
  • Ramin Shokrizadeh
    Zendesk Product Manager

    Hi Susan,

    You will want to use authenticated visitors, that prevents the visitor from modifying their information and is a more secure way of knowing who you are talking to.

    You can learn more about authenticated visitors here: https://support.zendesk.com/hc/en-us/articles/360022180994-Conversation-history-authenticated-visitors-in-Chat-widget

    -Ramin

    0
  • Heather Cook

    @Ramin - we have already forced the Colleague to SSO on to the help centre. Why would we need to auth them again?

    0
  • Ramin Shokrizadeh
    Zendesk Product Manager

    Help center auth and chat widget auth are different protocols using different backends today. You will need to use chat authentication if you want to prevent the visitor/agent from editing the information. 

    0

Please sign in to leave a comment.

Powered by Zendesk