How it works

A web pixel starts tracking devices on the first page view. At checkout, five identity signals are checked against your order history. Takes two minutes to set up.

1

Install from the Shopify App Store

Click install, authorize, done. The checkout extension and web pixel configure themselves. No theme editing, no code.

Runs on Shopify's Checkout Extensions API. The web pixel starts collecting device data on every page view immediately. Nothing is injected into your theme.

2

The pixel starts tracking before checkout

The moment a visitor lands on your store, the OfferGuard web pixel sets a persistent visitor cookie and collects device signals: screen resolution, timezone, hardware profile. By the time they reach checkout, you already know their device.

This is what catches incognito users. They can clear cookies between sessions, but the hardware fingerprint stays the same. The pixel runs on every page, not just checkout.

3

Create a rule

Pick the product, variant, or collection you want to protect. Choose which signals to check. Set your threshold.

The free plan gives you one rule with email detection. Enough to see if you have a problem. Sentinel adds all five signals.

4

Customer hits checkout

When someone adds a protected product to their cart and starts checkout, the checkout extension wakes up. It pulls the pixel data for that visitor and starts checking.

The extension matches the checkout session to the pixel's visitor data. If a protected product is in the cart, it runs. If not, it stays quiet.

5

Five checks run in parallel

Email gets normalized. Phone gets format-matched. Address gets fuzzy-compared. IP gets checked. Device fingerprint gets matched. All at once, under 50ms.

Gmail dots stripped. Plus aliases removed. Disposable domains blocked. Phone numbers standardized to digits. "123 Main Street Apt 4B" matches "123 Main St #4B". All compared against your order history.

6

Checkout blocked or allowed

If enough signals match, the checkout is blocked. The customer sees a message like "This product is for new customers only." If they're new, nothing happens.

You write the message. It doesn't accuse anyone. The customer can still buy other products in your store. If OfferGuard isn't confident, it lets the order through.

7

Everything gets logged

Every checkout decision is saved. You can see which signals fired, what matched, and the confidence level. Orders can be auto-tagged or held for review.

Tags go on the order and customer. Risk assessments show in Shopify admin. Fulfilment can be held automatically for flagged orders.

What this looks like in practice

Four scenarios. Each one uses a different signal to catch the same person.

Gmail alias

Blocked
This checkout:
[email protected]
Previous order:
[email protected]

Dots and plus alias stripped. Both resolve to [email protected].

Email: MATCH

Different email, same phone

Blocked
This checkout:
[email protected] / (555) 123-4567
Previous order:
[email protected] / 555-123-4567

Emails are different. Phone numbers normalize to the same digits.

Email: ClearPhone: MATCH

Address variation

Blocked
This checkout:
123 Main Street Apt 4B
Previous order:
123 Main St #4B

Street abbreviation and unit format normalized. 96% match.

Email: ClearPhone: ClearAddress: MATCH (96%)

Incognito + throwaway email

Blocked
This checkout:
[email protected] (incognito)
Previous order:
Any order from the same device

Disposable email blocked on sight. Device fingerprint matches despite incognito.

Email: BLOCKED (disposable)Device: MATCH

The five-signal check

All five run in parallel. Under 50ms total. One decision.

Customer enters checkout with protected product
Email
Phone
Address
IP
Device

checked in parallel, under 50ms

Allowed
new customer
Blocked
returning customer

Try it on your store

The free plan takes two minutes and never expires.

Install the free plan