[Zeus]

I hope you had time to read this thread:

http://forum.abestweb.com/showthread.php?t=81832

Second Bite is a "Super Affiliate" stealing our cookies by "pushing" sales of products left in carts for a future purchase.

It seems Taylor Gifts AM, Jamie, deactivated them for his programs.
But they are still affiliates from CJ, LinkShare, KowaBunga - MyApps and maybe other networks.
More info:
http://www.thinkpartnership.com/
http://www.siteconvert.com/
How does Second Bite make money?
"Second Bite works as an affiliate so the only cost ever associated with using Second Bite is any recovered sales or recovered sign-ups. We sign up as an affiliate in their affiliate network manager and accept whatever payout terms that are listed for that merchant. It it’s a percent of sales, we take a percent of sales. If it’s a dollar amount, we take that dollar amount. "

"As a unique super affiliate, Second Bite gives merchants the opportunity to recover sales lost due to Internet shopping cart abandonment..."

I'm reading this article and I don't understand everything:
http://www.practicalecommerce.com/public/344/

Chad Herman - Director of Business Development
Chad Herman joined Second Bite in April of 2005. As the Director of Business Development, Chad is primarily responsible for partnership development and the overall growth of the Second Bite brand. Prior to joining Second Bite, Mr. Herman held various business development positions within the software and security industries. Mr. Herman was also the founder and CEO of Everett Technologies, a software distributor to the medical industry. Mr. Herman is a graduate of the University of Missouri - Columbia.

OK, here's the part I don't understand:
Practical eCommerce:
"Clearly you need an email address to make this work. What if customers don’t submit an email address? "

Chad Herman:
"There are three ways we can capture an email address. The first is that the customer enters an email address. The big thing about our product is that customers don’t have to hit the “submit” button to capture that data. Second, we can associate “known shoppers” for that merchant. If someone is a registered user on your site, we can capture an email address by associating it with a known user. We also have the ability to recognize people on our network. We know you’ve made a purchase on “Merchant A.” You leave that merchant to go to “Merchant B.” If merchant A and B are on our network, we’re able to associate a known email address with an individual user. "


Can you see the danger? If the networks let these people run their business as an affiliate, they can in no time, borrow the email list of our merchant partners and overwrite our cookies even without providing them a "service".
Who can prevent me (or them) to run my (their) mailing list when I (they)want too?
That's one of the biggest threats I've seen in a long time.
What do you think? What can be done?

[AffiliateWarrior]

Sounds effective for the merchant, but definitely risky for the affiliate.

I see it as a stepped up version of a relatively common occurance - affiliate A drives a visit - visitor takes no action . Visitor ( a few days or weeks later) visits through Affiliate B's link and buys. Affiliate B in most cases gets the sale as most merchants (in my experience) pay on the most recent referral.

The difference ? Well - in this case Second Bite didn't even have to generate a click for themselves. They are tied into the shopping process and get a crack at what in most cases would be 80% + of the shopping occurances, while the affiliates who drove the traffic get lost in the shuffle.

As an affiliate, I would be concerned unless the merchant has a mechanism for rewarding both the referring affiliate and Second Bite ( as well as the desire to reward both)

Once again - makes all kids of sense for the merchant - but in most cases - very little for affiliates.

[loxly]

As a shopper I don't like Second Bite either and told them so at an Affiliate Conference. If the merchant wants to contact the people with abandoned carts that is one thing, but for them to give an outside agency the ability to get into their system and capture sensitive data AND steal the original affiliates commission is not in the merchant's best interest.

As a shopper, I usually abandon a cart for many reasons, and go back when I am ready. If I get spammed to go "finish my purchase" I will be VERY unhappy with the merchant.

Merchants using this service need to be educated that they are giving up a LOT more than affiliate commission!

[simcat]

Quote:

As a shopper, I usually abandon a cart for many reasons, and go back when I am ready. If I get spammed to go "finish my purchase" I will be VERY unhappy with the merchant.

I would'nt like that either. I recently bought some items online from a well known merchant and after purchasing., got bombarded with a bunch of ('free magazine'), ('free shopping service'), crap along with a ton of fine print.

Their prices were a wee bit cheaper than others, but I wont be going back.

[Leader]

From an affiliate standpoint, the main problem I see with this is that SecondBite's payment structure washes cookies.

Otherwise, sending out a "de-abandonment" email sounds like it could be a good way to salvage sales, if done right.

But LB's willingness to use sneaky methods to get the email addresses (for instance, from forms that customers didn't hit "submit" on, Zeus's first post mentioned as one of their ways) makes me wonder what other information they may be capturing or may later decide to. I would expect that merchants who are savvy enough to understand the code wouldn't be using an outside company to do it. So their merchants are probably NOT able to tell just what's going on...whether physical addresses, phone numbers, or even CC info is also being captured, for instance.

Quote:

Originally Posted by Loxly

As a shopper, I usually abandon a cart for many reasons, and go back when I am ready. If I get spammed to go "finish my purchase" I will be VERY unhappy with the merchant.

In my experience, most abandoners don't come back anyway. So the downside to the merchant, from that angle, is probably minimal. If the recipient is unhappy, it means that person who wasn't coming back still isn't, big deal. And some people will be GLAD to get a kissup offer in order to complete their purchase!

The downside I see is more insidious than the thought that noncustomers (those who do not buy, and never have bought, are not customers!) will be "unhappy." The REAL danger is that by offering coupons for completing the purchase, the merchant will effectively train people to ALWAYS abandon their carts and wait for the coupon to show up before completing their purchases!!

Quote:

Merchants using this service need to be educated that they are giving up a LOT more than affiliate commission!

Yeah, but the happiness of noncustomers is irrelevant. The downsides I think they need to know about outsourcing this kind of thing are:

The one I put in bold, above.
Possible security breaches as well as privacy breaches: Liability.
Real customers may later get spammed like mad, and not by the merchant: Bad for business.
Merchant loses "ownership" of the customer-merchant relationship.

Quote:

Originally Posted by Zeus, in the other thread

Second Bite is doing the merchant job, not the affiliate job and they should be paid by the merchant.

I assume you mean paid directly, outside of an affiliate relationship. I agree with that--a flat fee or other such arrangement that doesn't interfere with cookies is what I would have expected.

That it's the merchant's job, as you put it, is another thing I agree with--I see no need to have an outside service do this sale-salvaging. The merchant could send abandoners a special offer by themselves, and with no overwriting of old cookies. Also the merchant would retain full ownership/control of its email list and other proprietary information if they did it themselves, as well. Not to mention the fact that cookies wouldn't be washed--and, transactions coming from search engine traffic and the like (which was originally cookieless) wouldn't get a cookie attached that shouldn't have been.

I can see the benefit to merchants in salvaging some of their abandoned carts, if they can avoid the effect of training people to wait for coupons to appear. Or if they have set up their business plan to be able to afford to put a coupon on everything (even then, I think it'd be bad to train people to delay their order completion).

What I can't see is having Second Bite or any other outside place do it. A night or two or even three of head-banging-into-desk frustration to code it ought to cover it (or none, if they know how to code well already). Or hiring a coder on a one-time basis to set up the infrastructure for the merchant to do the actual emailing themselves.

[Zeus]

Exactly Leader.
To recover sales lost due to Internet shopping cart abandonment is a darn good idea. Saving money for kids education, too, popping live help to guide the customer, also ... but why should we accept these actions to be financed by the affiliate. The merchant can decide to do it inhouse, sub-contract them or don't do it at all but they don't have to interfere with our commission and our agreement.

You saw also my concern about capturing emails without validation. (How many times do I type my email in a box without hitting SEND, just because I've second thoughts) This guy talk like a spammer, then they want to cross match several merchants lists to identify a customer, that's another breach of privacy. To install affiliate code (Second Bite) on the merchant server is an other concern. There's a thread started by Rainmaker, Cybercucina where affiliates are asking him to place their code on his cart

[Leader]

Quote:

You saw also my concern about capturing emails without validation. (How many times do I type my email in a box without hitting SEND, just because I've second thoughts) This guy talk like a spammer, then they want to cross match several merchants lists to identify a customer, that's another breach of privacy. To install affiliate code (Second Bite) on the merchant server is an other concern.

Yeah--that paragraph in your first post stood out. It looks like a script that'd be a spammer's delight at best. I wonder if it's even legal in all states?

Quote:

There's a thread started by Rainmaker, Cybercucina where affiliates are asking him to place their code on his cart

*Goes off to look for thread*
[Added]

Found it. That seems like a really fishy kind of request. *I* sure wouldn't allow it.

[Scott Campbell]

This second bite relationship concerns me alot and I am glad to see a discussion going on about it.

As you mentioned above, Zeus, Jamie Birch deactivated them from his programs and good for him.

Yesterday, I received one of these emails from Second Bite because I had left something in the cart on Tuesday and the day after received the email. One day later and the cookie was overwritten. One day!

Picking up the phone and talking to Jamie, he said that he was having them deactivated. Here though, was the interesting part of the conversation that may be a plus for all of us, because I agree that if a service can close these deals for us, it is a big plus.

He told me that indeed, this is being contracted out by Taylor Gifts and they are paying Second Bite directly, therefore by moving Second Bite off the CJ network to another tracking system, Second Bite will close the deal, our cookie will stay intact and we will still get credit for the sale because we initiated the sale.

If this is the case, (and I will be watching very closely on that) then we have a service that will actually help us as affiliates make sales and it would be helpful to both affiliate and merchant.

From the eyes of a company and merchant though, I am finding it hard to believe that a store would pay commissions twice on a sale. Of course, a sale is a sale and a merchant should be happy, but they certainly will not make sales without a profit.

In addition, reading this about being able to take an email address from Merchant A and transferring this to Merchant B does not sound like something that is going to fly with consumers. The consumer is not going to put up with having their info "borrowed" from another merchant once they find out what is happening.

Thanks Leader for the whole idea of "training" the customers to wait for a coupon. I had not seen that angle at all. However, in the email I received, it offered the same coupon that I had offered, so it seemed more as a reminder to me.

The bottom line though, is the consumer, and if they get ticked off about these reminders, the service will die off due to the response to customer service depoartments at the companies that use second bite.

If done correctly, this could be a service to make us all money, if done incorrectly, it could damage the reputation of both the merchant AND the affiliate. Yes Loxly, we can only hope that the merchants will think 2, 3 or 4 times before they sign up for this as to the possible consequences of losing customers.

[loxly]

Plus privacy issues, merchants need to disclose they are giving customer information to yet another party that may or may not use it appropriately. Merchants need to understand the *value* of the information they are giving Second Bite access to, SB should be *paying* for that information instead of getting *paid* for it.

[markschok]

Quote:

Originally Posted by AffiliateWarrior

The difference ? Well - in this case Second Bite didn't even have to generate a click for themselves. They are tied into the shopping process and get a crack at what in most cases would be 80% + of the shopping occurances, while the affiliates who drove the traffic get lost in the shuffle.

Not defending them but if they send out an email with a link they'll have got round the rule about sales coming from a users click.

Quote:

Originally Posted by Zeus

Practical eCommerce:
"Clearly you need an email address to make this work. What if customers don’t submit an email address? "

Chad Herman:
"There are three ways we can capture an email address. The first is that the customer enters an email address. The big thing about our product is that customers don’t have to hit the “submit” button to capture that data. Second, we can associate “known shoppers” for that merchant. If someone is a registered user on your site, we can capture an email address by associating it with a known user. We also have the ability to recognize people on our network. We know you’ve made a purchase on “Merchant A.” You leave that merchant to go to “Merchant B.” If merchant A and B are on our network, we’re able to associate a known email address with an individual user. "

Plenty of danger there, but was there anything in the taylor gifts privacy page mentioning this code was sitting in their shopping cart? Doesn't look like it. http://www.taylorgifts.com/custserv/privacy.asp
They do mention the have some third party marketing but purely opt-in, and doesn't seem like that's what's being talked about above

And their verisign seal is useless if they're going to be offering your private information (email and cart details) out the back door at the other end.

[Alan Hamilton]

I instinctively think "no" on this. We all know what a true opt in is - this does not consitutute a good faith opt in. The concept of getting a second whack at a sale is nice, but the "how" it is done part is disturbing.

[Leader]

Quote:

Originally Posted by Scott Campbell

Thanks Leader for the whole idea of "training" the customers to wait for a coupon. I had not seen that angle at all. However, in the email I received, it offered the same coupon that I had offered, so it seemed more as a reminder to me.

It seemed like a reminder to you because you had already known about the coupon.

But what if you hadn't? If you had come in from a non-coupon affiliate site or a search engine, it would stand to reason for you to think "Hey, if I just stall for a day or so instead of buying right away, they'll give me a coupon!"

[Chris - AMWSO]

I'm sure my issue on this has been covered above but when I looked at their service last year, my number one thought was, "so what do they add that the merchant can't already do" (even OS Commerce has this built in as a basic function)

If a consumer already registered or for some reason gave their email as part of visiting a site then the merchant has it and the merchant can do a follow up directly

If the email is being used from another location, well that's not "opt in" marketing, unless the person registered with Second Bite, which I do not believe is the case or can be done.

And if for what ever reason a merchant is unable to do the simple follow up task in house, then this function should, like software, in my opinion be tracked outside of the affiliate chanel. Pay per volume, per per click, seperate tracking systsem, whatever, but not tracked over web based marketing efforts.

Cheers

Chris

[webworker]

Predator, and even worse than parasites.

[chetf]

Chris, you are right - if a merchant isn't doing the basic of this for their known customers already...

But the scary thing is capturing data without hitting submit. Because to do this - that means they are using javascript to capture the input - and then send that input across the internet to their servers! How many times have you accidentally entered your CC info into the wrong field? I do it all the time, now that data is just out there, travelling along to a third party I never destined it for.

The CC # alone is not that big an issue, but what else is being sent? How is it being sent? Are customers being notified?

And if i got an email from a merchant I never submitted a shoppingcart to? There would be hell to pay.

Chet

[Scott Campbell]

Absolutely, leader, I entirely agree that this will start getting customers trained to wait for a coupon. That is why I said "Thanks!" for showing me that angle.

Hopefully we can all get through to the merchants to see how many ways this can go wrong versus the one way that it can go right. Most of them will not see all the angles or have the input from differernt sources and a constructive thread like this will help them be able to see the ways that this can go wrong.

This is definitely one of those ideas that on the surface seems to a be a good way to close some extra sales, but on the second, third, fourth and just about every other thought after that is just not the right way to do business.

[chetf]

Here is the code, sorry for the messy in the middle - it is from

https://app.secondbitesolutions.com/sb.js?400

Hopefully a better js programmer than i can make all the sense of it - from what i think i see... it does grab other data besides just the email. I have no idea what merchant this is (taylor gifts js was empty), so it is a little tough to figure out.

Code:

var sb_url_naked = 'https://app.secondbitesolutions.com/'; 
var sb_ndx_script = 0; 
window.sb_assert = 0; 
window.field_map = new Array(); 
window.field_map['cart_id'] = ''; 

function setCookie(name, value, expires, path, domain, secure) { 
	if (expires = 'undefined'){ 
		var yearfromnow = new Date(); 
		fixDate(yearfromnow); 
		yearfromnow.setTime(yearfromnow.getTime() + 365 * 24 * 60 * 60 * 1000); 
	} else { 
		yearfromnow = expires; 
	} 
	var curCookie = name + "=" + escape(value) + ((expires) ? "; 
	expires=" + yearfromnow.toGMTString() : "") + ((path) ? "; 
	path=" + path : "") + ((domain) ? "; domain=" + domain : "") + ((secure) ? "; secure" : ""); document.cookie = curCookie; 
} 

function getCookie(name) { 
	var dc = document.cookie; var prefix = name + "="; var begin = dc.indexOf("; " + prefix); 
	if (begin == -1) { 
		begin = dc.indexOf(prefix); 
		if (begin != 0) return null; 
	} else begin += 2; 
		
	var end = document.cookie.indexOf(";", begin); 
	if (end == -1) end = dc.length; 
	return unescape(dc.substring(begin + prefix.length, end)); 
} 
		
		
function deleteCookie(name, path, domain) { 
	if (getCookie(name)) { 
		document.cookie = name + "=" + ((path) ? "; path=" + path : "") + ((domain) ? "; domain=" + domain : "") + "; expires=Thu, 01-Jan-70 00:00:01 GMT"; 
	} 
} 

function fixDate(date) { 
	var base = new Date(0); var skew = base.getTime(); 
	if (skew > 0) date.setTime(date.getTime() - skew); 
} 

function sb_trim_str(sbstr) { 
	sbstr = sbstr.replace( /^\s+/g, '' ); 
	return (sbstr.replace( /\s+$/g, '' )); 
} 

var EventCache = function() { 
	var listEvents = []; 
	return 
	{ 
		listEvents : listEvents, add : function(node, sEventName, fHandler)
			{ 
listEvents.push(arguments); 
}, flush : function(){ var i, item; for(i = listEvents.length - 1; i >= 0; i = i - 1){ item = listEvents[i]; if(item[0].removeEventListener){ item[0].removeEventListener(item[1], item[2], item[3]); }; if(item[1].substring(0, 2) != "on"){ item[1] = "on" + item[1]; }; if(item[0].detachEvent){ item[0].detachEvent(item[1], item[2]); }; item[0][item[1]] = null; }; } }; }(); function addEvent( obj, type, fn ) { if (obj.addEventListener) { obj.addEventListener( type, fn, false ); EventCache.add(obj, type, fn); } else if (obj.attachEvent) { obj["e"+type+fn] = fn; 
			
			
 
			
			
	obj[type+fn] =function() { 
		obj["e"+type+fn]( window.event );};  
		obj.attachEvent( "on"+type, obj[type+fn] ); 
		EventCache.add(obj, type, fn); 
			
	} else { 
		obj["on"+type] = obj["e"+type+fn]; 
	} 
} 
			
function sb_phajax_do (u) { 
			
	if (u.substring(0, 4) != 'http') { 
		u = sb_url_naked + u; 
	} 
	var js = document.createElement('SCRIPT'); 
	js.type = 'text/javascript'; 
	sb_ndx_script++; 
	js.id = 'sb-' + sb_ndx_script; 
	js.src = u; 
	document.body.appendChild(js); 
	return true; 


} 


function sb_phajax_get (nv, r) { 
	var cookieEnabled = (navigator.cookieEnabled)? true : false; 
	if (typeof navigator.cookieEnabled == "undefined" && !cookieEnabled){ 
		document.cookie = "testcookie"; 
		cookieEnabled = (document.cookie.indexOf("testcookie")!=-1)? true : false; 
	} 

	c = cookieEnabled; 
	if (c) { 

		setCookie('sb_sid', '10742022'); 
		setCookie('sb_cid', '21415835'); 
		ck = escape(document.cookie) 
	} 
	var pu = sb_url_naked + 'sb_lt.php?nv=' + escape(nv) + '&r=' + r + '&c=' + c + '&ck=' + ck + '&did=400'; 
	return sb_phajax_do(pu); 
} 

function do_send(n, v) { 
	nv = escape(n) + '=' + escape(v); r = escape(window.location); 
	sb_phajax_get(nv, r); 
	document.body.removeChild(document.getElementById('sb-' + sb_ndx_script)); 
	sb_ndx_script--; 

} 

function isDirty(n, v) { 
	if (window.field_map[n] != v) { 
		window.field_map[n] = v; 
		return (true); 
	} else { 
		return (false); 
	} 
	return (true); 
} 

function sb_send(e) { 
	var e; 
	var nv; 
	var r; 
	if(!e) { 
		e = window.event; 
	} 
	var n; 
	var v; 
	if (e.target) { 

		n = sb_trim_str(e.target.name); 
		v = sb_trim_str(e.target.value); 

	} else { 
 		n = sb_trim_str(this.name); 
		v = sb_trim_str(this.value); 
	} 

	if (n.length < 1 || v.length < 1) { 
		return; 
	} 

	if (isDirty(n, v)) { 
		do_send(n, v); 
	} 
} 

function sb_track() { 
	var num; 
	var cnt;
	var cart_id_13_s = document.getElementsByName('cart_id'); 
	cnt = cart_id_13_s.length; 
	var cart_id_13_; 
	for(num=0; num 0 && isDirty(cart_id_13_.name, cart_id_13_.value)) {
		arcnt++; 
		ulv += 's:' + cart_id_13_.name.length + ':"cart_id";';
		ulv += 's:' + cart_id_13_.value.length + ':"' + cart_id_13_.value + '";';
	}

}

	
	if (arcnt > 0) { 
		ulv = 'a:' + arcnt + ':{'+ulv+'}'; 
		do_send('ulv', ulv);
	} 
	EventCache.flush(); 
} 

function firstLoadHandler() { 
	var ulv = ''; 
	var arcnt = 0; 
	var num; 
	var cnt;
	var cart_id_13_s = document.getElementsByName('cart_id'); 
	cnt = cart_id_13_s.length; var cart_id_13_; 
	for(num=0; num 0 && isDirty(cart_id_13_.name, cart_id_13_.value)){

		arcnt++; ulv += 's:' + cart_id_13_.name.length + ':"cart_id";';
		ulv += 's:' + cart_id_13_.value.length + ':"' + cart_id_13_.value + '";';
	}

}
	if (arcnt > 0) { 

		ulv = 'a:' + arcnt + ':{'+ulv+'}'; 	
		do_send('ulv', ulv);
	} 
} 

function assertSB() { 
	if (window.sb_assert == 0) { 
		firstLoadHandler(); 
		window.sb_assert = 1; 
	} 

} 

addEvent(window,'load',sb_track); 
addEvent(window,'load',firstLoadHandler); 
addEvent(window,'unload',unloadHandler); 
addEvent(document,'mousemove',assertSB);

[Rexanne]

Quote:

Originally Posted by chetf

And if i got an email from a merchant I never submitted a shoppingcart to? There would be hell to pay.

Chet

This would send squirrels running in my yard, too.

Sounds like bad joo joo all around. If anyone does it, it should be the merchant and still ... abandoning a shopping cart and later finding out your info was still processed and being used is ugly.

[Zeus]

Quote:

chetf - (taylor gifts js was empty)

Good, it shows Jamie did his home work and Second Bite was indeed desacticated for this merchant.
If you can, pls, check who else is working with Second Bite.

[chetf]

Quote:

Originally Posted by Zeus

Good, it shows Jamie did his home work and Second Bite was indeed desacticated for this merchant.
If you can, pls, check who else is working with Second Bite.

The only js file showing up in any search engine is

https://app.secondbitesolutions.com/sb.js?400 the deactivated one...

Past that, I can't find any merchants listed by them, or any merchants bragging that they use them... and walking through the numbers find very, very, very few hits - making me think this is just a bunch of bs at this point.

But nice to see it takes 50 ex-VC employees to run this crap, it is bubble 2.0.

In the affiliate marketing world, money always seems to follow stupid, so I am sure they will be HUGE!

[Zeus]

Quote:

Originally Posted by chetf

The only js file showing up in any search engine is

https://app.secondbitesolutions.com/sb.js?400 the deactivated one...

Past that, I can't find any merchants listed by them, or any merchants bragging that they use them... and walking through the numbers find very, very, very few hits - making me think this is just a bunch of bs at this point.

But nice to see it takes 50 ex-VC employees to run this crap, it is bubble 2.0.

In the affiliate marketing world, money always seems to follow stupid, so I am sure they will be HUGE!

I'm testing all my merchants, one by one. I set several testing accounts. It's not going to be easy but I hate crooks.
Check this thread.
http://forum.abestweb.com/showthread.php?goto=newpost&t=82000

[chetf]

cosmeticmall.com at cj - contact: lorraine@cosmeticmall.com

[Zeus]

Quote:

Originally Posted by chetf

cosmeticmall.com at cj - contact: lorraine@cosmeticmall.com

Look at that:
cosmeticmall.com privacy policy:
"WE NEVER SHARE YOUR E-MAIL ADDRESS WITH OUTSIDE PARTIES"
http://www.cosmeticmall.com/privacy.aspx

BUT:
http://www.cosmeticmall.com/SecondBite-PrivacyPolicy.pdf

cosmeticmall.com/SecondBite-PrivacyPolicy.pdf hidden to the customer

[chetf]

And if you want a real quick tip - they are owned by the same company that owns kowabunga... hhmmmm....

[Zeus]

Cosmeticmall.com doesn't respect our customers privacy and their agreement with their affiliates but ON TOP of that these thieves are selling our customer's credit card information to other crooks: trilegiant.com/
Nice people to work with:
http://groups.msn.com/USBankComplaints/usbankprivacyguardandtrilegiant.msnw