Hack 13 Understand Identity at Amazon


Amazon user accounts provide a consistent, personalized experience. Understanding how, when, and why you should log in and out of your Amazon account will help you control that experience.

The general perception of identity on the Web was summed up well in a famous cartoon from the New Yorker: a dog in front of a computer turns to another dog and says, "On the Internet, nobody knows you're a dog." If every web request were completely anonymous, though, features like 1-Click buying, personalized recommendations, or wish lists would be impossible. At the very least, personalized web applications like Amazon need to know you're the same dog each time you visit.

13.1 Create an Account

Like most web applications, Amazon's answer to the Web's inherent anonymity is user accounts. By identifying yourself with an email address and password, Amazon is able to save your information for subsequent visits.

Exactly what information does Amazon collect, save, and associate with your account? Anything you explicitly type into a form will be saved. That includes your name, billing and shipping information, items you purchase, reviews you add, wish list items, and items you've seen. This may sound like an Orwellian disaster waiting to happen, but in exchange for this information, Amazon provides a unique, customized buying experience. If you were to stop by your corner store on a regular basis, the person behind the counter would eventually get to know your tastes and offer help and recommendations based on your buying patterns. Amazon does the same thing?for tens of millions of people. Some of the features available to registered users include:

  • Personalized Product Recommendations [Hack #14]

  • 1-Click Buying [Hack #15]

  • Persistent shopping carts

  • Wish Lists [Hack #18]

If you're visiting Amazon for the first time, you'll see "New customer? Start here" toward the top of the front page. Enter your email address, choose the "No, I am a new customer" radio button, and click the "Sign in..." button. From there you can enter a password and create your account.

Keep in mind that having an account comes with some responsibility. It's a good idea to make your password something difficult to guess. As Amazon states in their conditions of use (http://www.amazon.com/o/tg/browse/-/508088/): "...you are responsible for maintaining the confidentiality of your account and password and for restricting access to your computer, and you agree to accept responsibility for all activities that occur under your account or password."

To be able to control how you use your Amazon account, it's important to understand exactly how Amazon uniquely identifies you when you visit.

13.2 Understanding Login Status

Anytime you visit Amazon, they start a session that allows them to identify an individual browsing their site across pages. Even if you've never been to Amazon before, have no account information, and are completely anonymous, Amazon will know that you are the same person as you click from page A to page B though a session ID. Most Amazon URLs contain the session ID. For example, typing in the home page URL, http://www.amazon.com, will take you to a URL that looks something like this:


The 17-digit string of numbers at the end of the URL is your session ID. As you click links from the home page, you'll notice that all of them contain this set of numbers that is unique to your visit.

A session allows you to add items to a shopping cart, continue shopping, return to your specific cart with your items, and check out. A session lasts only as long as your browser window is open. But what if you'd like to add items to a cart, close your browser, leave for a few days, and return to shopping where you left off on a completely different computer? That's what an Amazon account provides.

When you have an account, Amazon sets a data file on your computer (a cookie) that uniquely identifies your browser. If the cookie exists when your Amazon session starts, Amazon can bring up your account information and recognize the fact that this session belongs to your account. However, even though the identifying cookie may exist on your computer, it's still not enough to access some account information.

Amazon requires a specific login with your password to access certain areas of the site. To add personal information, change preferences, or view and change orders, Amazon requires you to sign in by supplying your email address and password. You'll be prompted to sign in, as shown in Figure 2-1, anytime it's necessary.

Figure 2-1. Amazon Sign In page

Signing in takes place over a secure connection by default, keeping your password between you and Amazon.

Based on these methods of identification, there are three statuses your Amazon session could be in at any given time:

Logged-Out and Not Recognized

Your account cookie isn't set, and you haven't logged in. You can still browse and add items to a cart, but you'll need to create an account to actually buy the items?and any items in your cart will be lost when you close your browser.

Logged-Out and Recognized

Your account cookie is set, but you haven't logged in during the current session. Amazon can offer personalized product recommendations, and you can add items to your wish list and see your shopping cart additions from previous sessions.

Logged-In and Recognized

You have specifically signed in during the current session with your email address and password. In addition to personalized product recommendations and shopping cart data, you can change personal information, place and update orders, and change preferences.

13.3 Signing In and Out

You can change your status from Logged-In/Recognized to completely logged out (and vice versa) at any time. The quickest route to a login form is clicking the Your Store tab from the main navigation menu or from http://amazon.com/o/tg/stores/your/store-home/-/0/. On the Your Store page you should see a link at the top that says, "Click here to sign in."

If you're using a public Internet connection or a shared computer, it's a good idea to explicitly sign out when you're done with your Amazon session. Signing out guarantees that a stranger can't walk up to the computer and browse around Amazon with your identity.

If you're signed in and would rather be out, the top of the Your Store page has a link that mentions your name: "Hello, Your Name," followed by a chance to log out: "If you're not Your Name, click here." Once you've clicked there, you'll be logged out.

If you want to bypass the storefront for changing your status, you can check your login status and sign in or out at any time from the Signing Out page at http://www.amazon.com/o/tg/browse/-/515722.

13.4 Closing an Account

If you ever decide to stop using Amazon altogether, you can request that your account be closed. You just need to make sure you don't have any current pending orders. You'll lose your wish list, shopping cart, purchase history, and any other information on Amazon. If you're OK with that, send an email from the address associated with your account to account-close@amazon.com.

If you've signed up with several different email addresses at Amazon, you can merge your account histories into one. Using one account keeps your experience consistent across sessions. There's no automatic way to merge accounts, but you can contact Amazon Customer Service (http://amazon.com/o/tg/browse/-/565780/).