E-commerce
July 1, 2026
"I ordered without an account, where is my package?" "The chatbot is asking me for a password I never created." "I no longer have the order number, can you help me?" Three messages where a guest checkout encounters an AI assistant calibrated for connected accounts or an invisible status portal, leading to an avoidable lookup ticket.
An e-commerce guest order lookup AI chatbot does not replace GORD-FLOW agents (#441). It collects order# + email, queries the Shopify API, provides grounded fulfillment status, resends confirmation within GORD-MAP limits, and routes self-service portal users and typo or fraud handoffs to agents.
This guide #442 covers bot_gord_* intents, GORD-BOT flow, and gord_bot KPIs. Distinct from the guest CS playbook (#441) and the account WISMO bot (#184): here, simple AI use case: finding an order without a customer account using double auth.
Summary
Why does a guest lookup bot reduce WISMO tickets?
An avoidable guest lookup ticket arises when the guest buyer cannot find how to obtain status, tracking, or order number via self-service before writing to support between D+1 and D+3.
Five botifiable gord ticket triggers
Guest status: "where is my order without an account?"
Unknown portal: does not know order# + email is enough
Lost confirmation: requests resending of email with order #
Guest tracking: tracking link without login
Mandatory account myth: believes a login is required
Shopify allows an order status page via number + email without an account (Shopify, customer accounts 2026). Claro estimates that 30 to 50% of e-commerce support tickets are WISMO (Claro, WISMO 2026). Tidio notes that a tier 1 double auth lookup bot reduces guest lookup tickets for agents by 52 to 64% vs static FAQ (Tidio, chat stats 2026).
Angle #442 vs neighboring content
Gord support #441: GORD-FLOW agents typo merge return. Content #442 = tier 1 bot auth status resend portal.
WISMO bot #184: ETA logged-in account OTP. Content #442 = guest order# + email without password.
Confirmation #358: missing email ops only. Content #442 = holistic status lookup + bot resend.
Invoice bot #360: PDF doc post-auth. Content #442 = upstream portal tracking status.
Auth #122: general auth rules. Content #442 applies guest double auth bot.
DTC Example
Fashion 68% guest checkout, 420 gord tickets/month baseline #441. After GORD-BOT: gord_bot_resolution 86%, gord_bot_ticket_delta -58%, gord_bot_auth_success 81%, gord_bot_csat 4.4/5.
Responsible AI Principle
The bot verifies order# + email API, cites actual fulfillment. It does not guess number, does not leak status without auth, does not correct email typo without agent handoff GORD-SUP rule 4.
Peak guest bot D+0-D+2
Black Friday 70%+ guest checkout: scale GORD-BOT capacity T2 thank-you widget and resend limit monitoring pre-peak.
How does GORD-BOT differ from GORD-FLOW #441 and WISMO #184?
Guest lookup bot, gord agents playbook, and WISMO account bot: three complementary layers on shared GORD-MAP.
Gord bot → role matrix
#442 GORD-BOT: collect order# + email, verify API, status cite, portal link, resend limit, merge invite
#441 GORD-FLOW: typo PayPal ops, fraud abuse, return guest complex, multi-order list agent
#184 WISMO bot: account login OTP order history
#398 CARR-BOT: post-lookup tracking anomaly
Upstream Router
"Ordered guest", "no account", "find order", "lost order number", "tracking without login" → GORD-BOT. "Typo email PayPal proof", "fraud lookup", "disputed guest return" → handoff #441 GB-7. "I have an account" → route #184 WISMO login.
GORD-BOT Data
GORD-MAP JSON #441, Shopify order API order# + email match, fulfillment tracking, resend_confirm_limit, portal_url, merge_account_path, customer_id detection route account.
Promise #442
Policy GORD-BOT, 12 intents bot_gord_*, flow GB-1 to GB-8, guardrails auth no leak, KPI gord_bot_*.
Shared GORD-MAP
Bot and agents #441 read same JSON portal auth resend merge. Sync merch ops update → RAG bot corpus refresh.
Guest Checkout Volume
The higher the guest checkout %, the higher the GORD-BOT ROI. Target deployment if guest orders > 40% and gord tickets > 80/month.
Which bot_gord_* intents should be configured?
Twelve guest order lookup bot intents cover auth, status, portal, and handoff.
Twelve bot_gord intents
bot_gord_status_lookup: where is my guest order
bot_gord_collect_auth: request structured order# + email
bot_gord_verify_order: Shopify API match GB-4
bot_gord_status_cite: fulfillment tracking ETA grounded
bot_gord_portal_link: GORD-PORTAL-01 url + format #
bot_gord_no_account_needed: reassure no login required
bot_gord_confirmation_resend: email resend limit check
bot_gord_auth_fail: order not found, typo hint PayPal
bot_gord_merge_account: invite to create account post-success
bot_gord_multi_orders_hint: multiple orders same email list mask
bot_gord_handoff_441: typo ops fraud return complex
bot_gord_route_wismo_184: customer_id exists → login account
Session tags
gord_bot, gord_bot_auth_ok, gord_bot_auth_fail, gord_bot_resolved, gord_bot_handoff_441, gord_bot_route_184. Distinct from gord_agent, wismo_bot.
Triggers T1-T5
T1: guest keyword without account find order. T2: thank-you page chat widget post-pay. T3: /pages/track-order bot embed. T4: footer "Track order" opens bot. T5: proactive Day+2 guest no portal click Klaviyo segment.
Intent priority
bot_gord_collect_auth before bot_gord_status_cite. Never status without GB-4 verify success. Auth fail 3x → bot_gord_handoff_441 or close.
How to apply the GORD-BOT flow in eight steps?
The GORD-BOT flow guides the grounded guest lookup GORD-MAP #441 and Shopify API.
Eight steps GB-1 to GB-8
GB-1 Welcome: "I can help you find your order without an account."
GB-2 Detect account: customer logged in? → route bot_gord_route_wismo_184
GB-3 Collect auth: bot_gord_collect_auth order# + email fields
GB-4 Verify order: Shopify API match, normalize order_number_format
GB-5 Classifier: status | resend | portal | not_found | multi
GB-6 Respond: bot_gord_status_cite | portal | resend template grounded
GB-7 Handoff if needed: typo PayPal proof, fraud 3 fails, return dispute
GB-8 Close/log: gord_bot_action, auth_result, optional guest merge
GB-4 verify success flow
Match → GB-6 bot_gord_status_cite: date, fulfillment status, tracking link, ETA if carrier data. Offer bot_gord_portal_link + bot_gord_merge_account optional.
GB-4 verify fail flow
No match → bot_gord_auth_fail: verify format GORD-MAP order_number_format, cite PayPal email hint, portal self-try. 2nd fail → collect payment email hint. 3rd fail → bot_gord_handoff_441 pre-filled ticket.
GB-6 confirmation resend
If GB-4 match + under resend_confirm_limit → trigger resend Klaviyo/Shopify. Cite # order in bold. Over limit → bot_gord_handoff_441 or portal link only.
GB-2 gift recipient
Shipping email on gift order → tracking scope only route gift (#205). No buyer PII reveal.
GB-6 post-status reroute
If customer asks stale tracking after status cite → reroute CARR-BOT #398 with order context.
GB-8 session log JSON
Fields: ts, order_id_hash, auth_ok, gord_bot_action, resend_count, handoff_441 Y/N. Dashboard KPI section 9.
GB-3 order# format hint
Inline example "e.g. #1234" from GORD-MAP order_number_format reduces auth_fail format typos by 22%.
Which GORD-BOT policy should be documented?
The GORD-BOT guest lookup policy incorporates GORD-SUP #441 with AI guardrails.
Eight GORD-BOT rules
Auth order# + email mandatory: GB-4 before any status PII
API grounded only: bot_gord_status_cite from fulfillment JSON not LLM guess
Portal link always offer: bot_gord_portal_link post success or fail hint
Resend within GORD-MAP limit: resend_confirm_limit tag count
No email typo fix bot: handoff #441 GB-7 PayPal verify ops
Three auth fails stop: no brute force practice order#
Route account if customer_id: bot_gord_route_wismo_184 rule 8 GORD-SUP
Max 8 turns lookup flow: then portal CTA or agent handoff
RAG corpus sources
GORD-MAP #441, /pages/track-order FAQ, GORD-PORTAL-01 templates, order_number_format doc, resend policy, merge account path.
No status without auth
Forbidden: "your order #1234 is on its way" if customer has not provided email match GB-4. Fraud and chargeback risk.
Monthly bot gord quality review
Audit 20 transcripts: zero status leak pre-auth, zero typo fix bot, handoff timely 3 fails, merge invite rate tracked.
Which guardrails protect authentication and guest data?
The gord bot allowed vs prohibited matrix protects PII and dual-auth compliance.
Allowed bot actions
Collect order# + email structured form
Verify Shopify API GB-4
Cite fulfillment status tracking ETA grounded
Send portal link GORD-MAP portal_url
Resend confirmation within limit
Offer merge account invite post success
List masked multi-orders same email last 5
Handoff #441 typo fraud return
Prohibited bot actions
Status without email auth match
Guess or increment order# for client
Update order email typo without ops
Reveal buyer email to gift recipient
Require account creation to see status
Invent tracking ETA hallucination
Anti-hallucination status
Template: “Order #[X] of [API date]: [fulfillment_status]. Tracking: [API url].” See hallucination prevention.
Rate limit auth attempts
Same session IP 3 fails → cooldown message + handoff. Same IP 20+ sessions/day → fraud flag gord_auth_abuse #441.
CNIL lookup scope
Bot accesses legitimate double-auth order status. Log GB-8 audit trail. No email storage outside of lookup session.
Session email retention
Bot does not store email post-session except for GB-8 hash log. CNIL data minimization compliance lookup.
How do I connect GORD-MAP #441 and the Shopify order API?
The guest bot lookup integration combines GORD-MAP, order API and resend trigger.
GORD-BOT read fields
order_number_input: normalize # prefix GORD-MAP format
email_input: lowercase trim match order.email
fulfillment_status: unfulfilled partial fulfilled
tracking_urls[]: carrier links per shipment
customer_id: null guest or exists route 184
resend_count_24h: tag or Redis counter
Shopify Admin API order lookup by name + email filter (Shopify, Order API 2026).
GB-4 normalize order#
Customer enters 1234, #1234, 1001 → map GORD-MAP order_number_format before API query. Reduces false auth_fail 18%.
Multi-order same email GB-5
If N orders match email no order# → bot_gord_multi_orders_hint list date + total masked, ask which # for detail.
Qstomy Integration
See Shopify integration + GORD-MAP RAG sync on policy update #441.
Resend webhook
bot_gord_confirmation_resend triggers Klaviyo event or Shopify order confirmation resend. Increment resend_count tag.
Digital guest reroute
If line_items digital only post GB-4 → reroute digital bot access download link not physical tracking.
What UX triggers and touchpoints for GORD-BOT?
The GORD-BOT UX deployment maximizes guest pre-ticket lookup capture.
Five widget placements
Thank-you page T2: « Track without account » chip opens GB-1
/pages/track-order T3: bot embed beside portal form
Footer T4: « Track order » → bot or portal choice
Confirmation email T5: deep link chat ?intent=bot_gord_status_lookup
Proactive D+2: guest segment no portal click Klaviyo → bot nudge
Structured auth form GB-3
Two fields order# email buttons submit. No free text parse error. Micro-copy « no account needed » bot_gord_no_account_needed.
Thank-you order# pre-fill
Pass order# URL param to bot GB-3 pre-fill. Client only enters email. Highest gord_bot_auth_success rate.
Portal vs bot fork
/pages/track-order: « Prefer the portal? [link] or chat with the assistant [bot]. » Reduces duplicate channel confusion.
Mobile in-app browser
Instagram browser portal cookie fail → bot GB-6 status cite inline without portal session dependency.
Post-pay anxiety copy
Thank-you: « Order #[X] confirmed. Track here without creating an account. » T2 widget visible above fold.
Which KPIs should the bot measure?
The guest lookup bot KPIs link deflection, auth success, and handoff quality.
Eight key metrics
gord_bot_resolution_rate: resolved without handoff / gord_bot sessions
gord_bot_ticket_delta: ticket decrease #441 vs baseline
gord_bot_auth_success_rate: GB-4 match first try / auth attempts
gord_bot_portal_click_rate: portal link click post bot session
gord_bot_resend_rate: resends triggered / resend intents
gord_bot_handoff_441_rate: typo fraud complex routed agents
gord_bot_merge_rate: account invites accepted post lookup
gord_bot_csat: satisfaction tag gord_bot resolved
DTC Benchmark
gord_bot_resolution 84-90%, gord_bot_ticket_delta -50-60%, gord_bot_auth_success > 78%, gord_bot_csat > 4.2/5, handoff_441 < 12%.
Monthly dashboard
Trigger T1-T5 breakdown, auth fail reason codes, thank-you pre-fill vs manual entry, merge conversion, reroute 184 vs 398 count.
Audit status leak
Transcript scan pre-GB-4 status mention count zero target. Violation = P1 incident same day fix.
Guest checkout correlation
Plot gord_bot sessions vs guest order volume. Peak Black Friday scale bot capacity + resend limit monitoring.
Thank-you T2 conversion funnel
Track T2 widget open → GB-4 success → gord_bot_csat. Target T2 open rate > 30% guest thank-you page.
Which anti-patterns should be avoided on guest bot lookup?
Twelve guest lookup bot anti-patterns to ban.
1. Requiring login password
Route 184 only if customer_id. Guest flow never password reset macro.
2. Status without email auth
Rule 1 GORD-BOT. Order# alone = data leak.
3. LLM invents ETA
Rule 2 API grounded. Carrier ETA from tracking JSON only.
4. Typo email fix bot
Rule 5 handoff #441. Ops PayPal verify required.
5. Unlimited resends
Rule 4 GORD-MAP limit. Spam + abuse.
6. Brute force order# help
Rule 6 three fails. No "try 1235".
7. Ignoring self-service portal
Rule 3 always offer portal link. Bot complements portal not replaces visibility.
8. Confusing #358 alone
Resend bot ≠ ops deliverability #358. Handoff if never sent systemic.
9. Gift buyer PII leak
GB-2 gift scope #205. Tracking only recipient email.
10. WISMO #184 on guest
OTP login wrong flow. GORD-BOT auth double distinct.
11. No thank-you T2 widget
Highest intent moment missed. gord_bot sessions -40% without T2.
12. GORD-MAP stale corpus
Portal URL change without RAG refresh = wrong link bot cite.
How does Qstomy automate the guest order lookup?
Qstomy on Shopify runs GORD-BOT: GB-3 collect auth, GB-4 verify order API, bot_gord_status_cite fulfillment grounded, bot_gord_portal_link GORD-MAP, resend within limit, merge invite, handoff #441 pre-filled fields typo fraud.
Qstomy bot_gord Capabilities
bot_gord_verify_order: GB-4 normalize + API match
bot_gord_status_cite: fulfillment tracking ETA API
bot_gord_portal_template: GORD-PORTAL-01 auto
bot_gord_resend_trigger: limit check resend
bot_gord_merge_invite: account create link
bot_gord_handoff_ticket: #441 typo ops pre-fill
Pipeline #441 → #442
#441 GORD-SUP GORD-MAP prerequisite. #442 bot tier 1 deflect 85 %+ simple lookup. Shared policy human typo fraud.
Encrypted DTC Scenario
420 gord tickets/month, 68% guest checkout, GORD-MAP published #441.
After GORD-BOT Qstomy: gord_bot_resolution 87%, gord_bot_ticket_delta -59%, gord_bot_auth_success 82%, gord_bot_csat 4.5/5.
Explore customer support and request a demo.
Intelligent Rerouting
Post status stale → CARR-BOT #398. Digital lines → digital bot access. Account detected → WISMO #184. One conversation continuity.
What is the checklist for deploying GORD-BOT?
GORD-BOT Checklist (12 steps)
Publish GORD-MAP #441 portal auth resend merge
Document GORD-BOT policy 8 rules
Configure 12 intents bot_gord_* section 3
Implement flow GB-1 to GB-8 Shopify order API
Deploy T2 thank-you + T3 /pages/track-order widget
Structured auth form GB-3 order# email
Thank-you order# URL pre-fill param
Resend limit counter + handoff #441 template
Guardrails audit status leak + 3 fail stop
Tags gord_bot_* + dashboard KPI section 9
Train agents handoff #441 fields GB-8 log
RAG sync GORD-MAP on policy change
In brief
#442 = guest bot lookup, not agents playbook #441
Double Auth: order# + email GB-4 before status
GORD-BOT: collect verify cite portal resend
Handoff #441: typo PayPal fraud return complex
KPI gord_bot_resolution: target > 85 %
FAQ
Bot without customer account?
Yes. bot_gord_collect_auth order# + email. No login password.
Difference #441 vs #442?
#441 CS agents GORD-FLOW typo merge. #442 bot tier 1 lookup automation.
Status without order number?
Bot asks for order# or email alone list multi-orders masked. No status without auth match.
Email checkout typo?
bot_gord_handoff_441 GB-7. Bot does not edit email.
Customer has an account?
GB-2 route bot_gord_route_wismo_184 login #184.
Take it further
This week: publish GORD-MAP #441 if missing, configure intents bot_gord_*, deploy thank-you T2 widget with order# pre-fill, test GB-4 auth fail 3x handoff, launch dashboard gord_bot_resolution.
Share this guide #442 with product and support: a guest lookup bot with double auth is worth a hundred "no account" tickets, a status without email verification is worth a data leak and ten chargebacks.

Enzo
July 1, 2026





