How We Protect Your Reviews From Theft

Fera does many things to protect your reviews from being stolen by competitors and fraudsters.

Jay El-Kaake avatar
Written by Jay El-Kaake
Updated over a week ago

Fera does many things to stop unwanted people from stealing your reviews against you or your customers. Hera are some of the things we do:

We Block Tools Used to Steal Your Reviews

Fraudsters and competitors often use browser extensions such as PPSPY and Shopify Spy to steal your reviews.

Fera.js (the script that runs in your site to display your reviews without custom coding) will block these browser extensions so that they cannot do that.

We Make it Hard to Download All Reviews Without Consent

When a customer visits your website the reviews app you're using needs to make a separate request to a 3rd party server to grab your reviews. When it does this request it needs to identify your account. To identify your account there are 2 methods:

  1. With your shop domain (insecure)

  2. With an API Key (more secure)

When apps use the shop domain method, then your domain can be easily scraped from public lists of stores and used to retrieve your reviews extremely quickly. This also makes your site vulnerable to Cross-Site Scripting Attacks.

Instead, Fera uses the API Key which cannot be guessed based on your store's domain, and thus harder to guess.

We Limit Public API Requests

Fera also limits the number of API requests allowed within a small period of time. This reduces the potential for attackers to steal reviews by scanning or using Brute Force attacks.

We Show Customers That Fera Verified Your Reviews

Customer verification is tied to your store. It cannot be tampered with, so someone who copied your reviews would not be able to do so without also including your website domain.

We Follow Strict Data Protection Measures

Fera adheres closely to:

  • PIPEDA (Personal Information Protection and Electronic Documents Act) in Canada

  • GDPR (General Data Protection Regulation) in Europe

  • CCPA (California Consumer Privacy Act) in California

Data access is subject to strict controls and data is always encrypted at rest.

We Only Use Trusted Servers and Service Providers

Fera uses some of the most trusted web server hosts in the world including:

We use various encryption and security techniques provided by Cloudflare and AWS to block hackers and stop people from stealing data.

Did this answer your question?