Re: Unsubscribe Flow with Unique Identifier

SanfordWhiteman · ‎05-24-2021

That way, you really ensure only the person clicking the link in the email will be able to unsubscribe.

That's trivially circumvented, though. From a security standpoint it doesn't change anything.

I totally agree with all the comments here that adding MFA to an unsubscribe makes for a horrible customer experience and in some countries would actually be seen to go against privacy regulations.

It's not MFA, it's requiring them to have a clicked an email link at some point in that browser so that session is distinguished from someone just happening to know their email address. They don't have to get a new email to unsubscribe.

Jay_Jiang · ‎05-24-2021

Not exactly answering your question but what I do is make my unsubscribe page only accessible by cookied browsers i.e. click through from email

Create a segment for Known leads only where email address is not empty.

Use that for dynamic content in your unsubscribe landing page

For the default segment, add javascript to stop loading (and optionally destroy any loaded DOMs) and redirect to the home page

For the known segment, load your form as per normal

SanfordWhiteman · ‎05-24-2021

Know you know this, Jay, but for the lurkers — that wouldn't stop someone from submitting a form as someone else. They'd have to know the form ID, but they could get that by signing up themselves.

(I was working on a PDF vulnerability recently for a bank, and the vuln depended on a hacker signing up for an account and thus knowing the format of a boilerplate PDF they could use to attack others. Once you start thinking like an attacker, you see things you wish you didn't.😐)

Jay_Jiang · ‎05-24-2021

yes, certainly. @ OP for a complex use case I wouldn't solution it using Marketo but rather get a CDP involved to control the identity and protect what data goes into the database