Fera does many things to stop unwanted people from stealing your reviews against you or your customers. Hera are some of the things we do:
We Block Tools Used to Steal Your Reviews
Fraudsters and competitors often use browser extensions such as PPSPY and Shopify Spy to steal your reviews.
Fera.js (the script that runs in your site to display your reviews without custom coding) will block these browser extensions so that they cannot do that.
We Make it Hard to Download All Reviews Without Consent
When a customer visits your website the reviews app you're using needs to make a separate request to a 3rd party server to grab your reviews. When it does this request it needs to identify your account. To identify your account there are 2 methods:
With your shop domain (insecure)
With an API Key (more secure)
When apps use the shop domain method, then your domain can be easily scraped from public lists of stores and used to retrieve your reviews extremely quickly. This also makes your site vulnerable to Cross-Site Scripting Attacks.
Instead, Fera uses the API Key which cannot be guessed based on your store's domain, and thus harder to guess.
We Limit Public API Requests
Fera also limits the number of API requests allowed within a small period of time. This reduces the potential for attackers to steal reviews by scanning or using Brute Force attacks.
We Show Customers That Fera Verified Your Reviews
Customer verification is tied to your store. It cannot be tampered with, so someone who copied your reviews would not be able to do so without also including your website domain.
We Follow Strict Data Protection Measures
Fera adheres closely to:
Data access is subject to strict controls and data is always encrypted at rest.
We Only Use Trusted Servers and Service Providers
Fera uses some of the most trusted web server hosts in the world including:
AWS (Amazon Web Services)
We use various encryption and security techniques provided by Cloudflare and AWS to block hackers and stop people from stealing data.