E-commerce
July 1, 2026
"I see an iPhone I don't recognize on my account." "How do I disconnect my old phone?" "Who can see my connected devices?" Three tickets where the management of active sessions lacks a clear procedure on the support side.
The e-commerce account connected devices support covers the session list, remote disconnection, unknown devices, and post-incident cleaning. Distinct from login alerts (#843) and push notifications (#835): here, the customer wants to view or terminate login sessions, not notifications.
This guide #847 deploys policy CONNDEV-SUP, flows CD-1 to CD-8, and matrix CONNDEV-MAP. The customer support pair of the future with the device bot (#848).
Summary
Why do connected devices generate tickets?
Customer accounts remain logged in across multiple browsers and apps. After changing phones, traveling, or suspecting a hack, the customer wants to control who still has access to orders and data. The agent confuses login sessions and push tokens #835.
Five typical device frictions
Unknown device: unrecognized name or browser
Active old phone: session still open after replacement
Settings not found: does not know where to manage sessions
Total logout: wants to terminate everything as a precaution
Post-hack: cleanup after incident #841
Shopify new customer accounts allows account and session management according to shop settings (Shopify, customer accounts 2026).
DTC Example
Tech DTC, 12 conndev_ tickets/month. After CONNDEV-MAP: conndev_session_resolution_rate 93%, unnecessary ACCHACK #841 escalations -41%.
CONNDEV #847 vs SUSLOGIN #843, ACCHACK #841, PUSHNOTIF #835 and bot #848
Seven contents, seven distinct session security pathways.
Quick matrix
#847 CONNDEV: active sessions, remote logout, device list
SUSLOGIN #843: login alert received distinct from session management
ACCHACK #841: confirmed hack LOCK revoke all AH-4
PUSHNOTIF #835: push tokens distinct from login sessions
TWOFACT #839: 2FA distinct from device list
LOGIN #294: login errors distinct from active sessions
Bot #848: explain sessions tier 1
#847 = I want to see or disconnect my devices. #843 = I received a login alert.
Promise #847
Policy CONNDEV-SUP, tree CONNDEV-GATE, 8 macros, self-service vs agent revoke matrix, KPI conndev_session_resolution_rate.
Which conndev_* typologies should be classified?
Action-oriented classifier: self-service guide ≠ revoke agent ≠ escalate ACCHACK.
Eight CONNDEV-MAP typologies
conndev_list_request: wants to see connected devices
conndev_unknown_device: listed device not recognized
conndev_logout_remote: disconnect a specific device
conndev_logout_all: log out of all sessions
conndev_settings_help: cannot find sessions menu
conndev_family_shared: spouse or child on the same account
conndev_post_hack: clean-up after incident #841
conndev_privacy_concern: who sees my session data
Policy CONNDEV-SUP: agent rules and escalation
The CONNDEV-SUP policy sets self-service first and agent revoke if needed.
Six CONNDEV-SUP rules
Self-service first: CONNDEV-SETTINGS macro before admin revoke
Verify identity before revoke: ticket email = profile or ID check
Unknown device without fraud: remote logout guide, no auto ACCHACK
Logout all if post_hack: CONNDEV-LOGOUT-ALL + 2FA tip #839
Do not list detailed IP: device name and date only to client
Document revoke: device, date, agent in ticket
Action matrix (agent)
Guide: settings_help, list_request, family_shared
Targeted revoke: logout_remote unknown_device
Global revoke: logout_all post_hack escalate #841 if suspicious order
Flow CD-1 to CD-8: standard resolution
Eight sequential steps, SLA P3 sessions < 8 h.
Flow CD-1 to CD-8
CD-1 Triage: read request, tag conndev_*, urgency post_hack
CD-2 Lookup: active admin sessions, last connection, orders 48 h
CD-3 Educate: CONNDEV-SETTINGS if settings_help
CD-4 Classify: conndev_* via CONNDEV-MAP
CD-5 Execute: self-service guide, revoke device, logout all, escalate #841
CD-6 Confirm: macro CONNDEV-DONE exact scope
CD-7 Test: ask to confirm device disconnected or list OK
CD-8 Close: KPI conndev_session_resolution_rate
Eight ready-to-paste CONNDEV-* macros
Clear macros on self-service, revoke, and privacy.
CONNDEV-* Library
CONNDEV-SETTINGS: "Connected devices: Account > Security > Active sessions. Disconnect each device individually."
CONNDEV-LIST-EXPLAIN: "Each line = browser or app where you are logged in. Name + date of last activity displayed."
CONNDEV-UNKNOWN-OK: "If unknown device: disconnect it from Active Sessions. Change password if in doubt."
CONNDEV-LOGOUT-REMOTE: "Session {{device_name}} revoked. Reconnection required on this device."
CONNDEV-LOGOUT-ALL: "All sessions closed. Log back in on authorized devices. Enable 2FA: guide #839."
CONNDEV-FAMILY: "Shared family account: each connection appears. Tip: separate accounts for privacy."
CONNDEV-PRIVACY: "Only you see your connected sessions. Support accesses admin logs without sharing with third parties."
CONNDEV-DONE: "Summary: {{action}}. Contact us if a new unknown device or suspicious command appears."
CONNDEV-GATE tree and Shopify configuration
Decision tree before escalating ACCHACK on a simple unknown device.
CONNDEV-GATE
Can't find menu? → SETTINGS then LIST-EXPLAIN
Unknown device without suspicious command? → UNKNOWN-OK + LOGOUT-REMOTE
Post incident #841? → LOGOUT-ALL + REENABLE-2FA
Fraudulent command + unknown device? → escalate ACCHACK #841
Checklist ops sessions
Document self-service session path by theme. Train: session login ≠ token push #835. Tag conndev_* for audit revokes. Sync ACCHACK revoke all AH-4 procedure.
KPI, QA and handoff to bot #848
Measuring CONNDEV detects over-escalation of hacking and missed self-service.
Four CONNDEV KPIs
conndev_session_resolution_rate: first-contact resolved session / total
conndev_self_service_deflect: % resolved via SETTINGS without agent revoke
conndev_false_escalate_rate: % ACCHACK #841 without fraud signals
conndev_repeat_7d: reopening on same device within 7 days
Bot handoff #848
Export CONNDEV-MAP to intents bot_conndev_settings, bot_conndev_unknown. CONNDEV-NO-REVOKE-BOT Guardrail: self-service guide, agent revoke #847 only.
Edge cases: B2B, public browser, Shop app
Three cases outside the standard flow.
Forgotten cybercafé browser
LOGOUT-REMOTE or LOGOUT-ALL + advice on systematic logout from public devices.
Shop app vs browser
Two distinct sessions on the same phone. LIST-EXPLAIN before global revoke.
B2B pro account
Multiple legitimate users. FAMILY macro + verify mandate before revoking colleague.
Agent training: 20 minutes CONNDEV
Module: SETTINGS first, session ≠ push, escalate #841 if suspicious order.
Exercises
Ticket A: where to see devices → SETTINGS + LIST-EXPLAIN
Ticket B: unknown iPhone → UNKNOWN-OK + LOGOUT-REMOTE
Ticket C: post-hacking → LOGOUT-ALL + handoff 2FA #839
How Qstomy structures CONNDEV in your stack
Qstomy route conndev_*, displays self-service path and handoff revoke agent if failed.
Three building blocks
Routing: intent connected_devices vs login_alert vs push_prefs
Guardrails: SELF-SERVICE-FIRST before auto revoke
Bot #848: explain tier 1 sessions
FAQ and CONNDEV deployment checklist
FAQ
Session login = push notification?
No. #847 = account sessions. #835 = alert push tokens.
Unknown device = hacking?
Not automatically. LOGOUT-REMOTE. ACCHACK #841 if support-suspect command.
Can agents see all my sessions?
Yes, on the admin support side. CONNDEV-PRIVACY: not shared with third parties.
7-Day Checklist
D1: CONNDEV-SUP + CONNDEV-MAP + self-service revoke matrix
D2: 8 helpdesk macros
D3: document Active Sessions path by theme
D4: 20-minute agent training session
D5: conndev_* tags + KPIs
D6: test device revoke + sync ACCHACK AH-4
D7: bot brief #848 NO-REVOKE-BOT
Linking

Enzo
July 1, 2026





