← Toate rapoartele

Livrat

Phone-first sign-up, an email-confirmation step for new partners, extra protection on mailbox creation, and an App Store status check

Onboarding / Trust

We made the partner and fleet sign-up forms ask for the phone number first, added an optional email-confirmation step that lets a new partner confirm their address by clicking a secure one-time link, and required an extra identity re-check before an administrator can create a company mailbox. We also confirmed the customer app is live on the App Store and the three partner apps are in review with valid builds. Sensitive features ship switched off until they are explicitly turned on.

  • onboarding
  • merchant
  • fleet
  • email
  • security
  • app-store

What changed

  • The restaurant/shop and fleet sign-up forms now ask for the phone number first, with a phone-optimized keyboard on mobile, so we can follow up even if someone stops halfway.
  • New partner and fleet submissions can receive a confirmation email with a secure, single-use link (valid for 7 days) that confirms their email address - this is built and tested but stays switched off until enabled, so nothing changes for live submissions yet.
  • Creating a company mailbox from the operator console now requires the administrator to re-verify their identity first (a step-up check), matching the protection already used for other sensitive actions.
  • Confirmed App Store status: the customer app is published and on sale; the courier, merchant and fleet apps are in review with valid builds - we deliberately did not resubmit them, to avoid resetting their place in Apple's review queue.

How we built it safely

  • The confirmation link uses a high-entropy, single-use token stored only as an irreversible hash; the page never shows the token and the system never reveals personal data. An independent security review of the new code found no critical or high issues.
  • The email-confirmation step is a separate path that never touches account sign-in, and the confirmation email only sends when explicitly enabled - it can never message people who did not sign up.
  • The full automated test suite passed (775 tests, including new tests for the mailbox step-up and the email-confirmation flow) before release, through our safe, gated deploy with a green health check.
  • We were careful not to overstate anything: where a company-administrator name cannot be sourced from a public register, the form does not pretend to auto-fill it.

Commit: main