I have been ranting and raving about insecure viral Tell-A-Friend scripts for over a year, and it seemed like I was just talking to a brick wall.
Now in the space of just a week I have been able to highlight a solution based upon one of my own blog posts that uses a slightly ghetto, but K.I.S.S method to achieve extremely effective viral tell-a-friend functionality, and now I want to mention another more sophisticated solution.
In my last post I mention that Stompernet currently have an offer to get their Stomping The Search Engines STSE2 SEO Course 100% Free with no credit card requirements.
Now if I am going to state that something is 100% free, I really want to be sure that there are no strings attached.
So I tested the signup procedure and created an account for my wife.
Stompernet Tell-A-Friend Process
As you can see, lots of import options, and whilst a few of them do require username/password, the most important business centric address for online marketers, Google, uses an API hosted by Google.
Remember, Google Account is Key To:-
- Gmail (Paypal, Domain registration, Hosting)
- Private Calendar
Entering your email and password into a form on a 3rd party site is a security liability.
Asking your customers to do it is a security liability for them, thus a business liability for you.
Stompernet are the first in the “Internet Marketing” niche that I am aware of to use a legitimate, safe process for gathering contacts for use with incentive based Tell-A-Friend, and do it better than Twitter, Facebook & LinkedIn.
Probably due to time constraints, one visible blooper is that they haven’t registered with Google (I am not sure of the procedure), and it might take a while to process.
Here is the email that gets sent to your friends.
It would be good if there was a way to edit it before sending
I Skipped Something
The observant will notice I skipped the import stage as I felt it wrong to crop the image, for impact. Whilst I am on a lot of email lists, and have a fair few contacts, I don’t think this situation is unusual.
This is going to be a usability issue with almost any primary email account used by an online marketer., unless they are ruthless with their email list pruning.
The more ghetto version doesn’t have this usability issue, because emails are filled out within the native email interface.
The script that Stompernet are using is Octazen which looks very capable, and they list lots of social networks among their customers. They also have a WordPress plugin though I am not sure of the capabilities – something I will be looking into myself.
I have no idea why so many sites still ask for passwords. Maybe they are using an old version of the script that doesn’t use the APIs for some reason.
I must admit that acted as a negative advert for them – I had been to the site previously, seen the logos for Twitter and LinkedIn – remembered how bad their systems were asking for Gmail passwords, and just ignored them.
Oh… that list of contacts – this rivalled John Reese’s 40 page Traffic Secrets sales letter… around 40 pages in this screenshot, though that only takes us up to letter “T” – my screengrab software was having problems with a file over 30,000 pixels high.