E-commerce

How to manage customer inquiries about devices connected to the account

How to manage customer inquiries about devices connected to the account

July 1, 2026

"I see an iPhone I don't recognize on my account." "How do I disconnect my old phone?" "Who can see my connected devices?" Three tickets where the management of active sessions lacks a clear procedure on the support side.

The e-commerce account connected devices support covers the session list, remote disconnection, unknown devices, and post-incident cleaning. Distinct from login alerts (#843) and push notifications (#835): here, the customer wants to view or terminate login sessions, not notifications.

This guide #847 deploys policy CONNDEV-SUP, flows CD-1 to CD-8, and matrix CONNDEV-MAP. The customer support pair of the future with the device bot (#848).

Summary

Why do connected devices generate tickets?

Customer accounts remain logged in across multiple browsers and apps. After changing phones, traveling, or suspecting a hack, the customer wants to control who still has access to orders and data. The agent confuses login sessions and push tokens #835.

Five typical device frictions

  • Unknown device: unrecognized name or browser

  • Active old phone: session still open after replacement

  • Settings not found: does not know where to manage sessions

  • Total logout: wants to terminate everything as a precaution

  • Post-hack: cleanup after incident #841

Shopify new customer accounts allows account and session management according to shop settings (Shopify, customer accounts 2026).

DTC Example

Tech DTC, 12 conndev_ tickets/month. After CONNDEV-MAP: conndev_session_resolution_rate 93%, unnecessary ACCHACK #841 escalations -41%.

CONNDEV #847 vs SUSLOGIN #843, ACCHACK #841, PUSHNOTIF #835 and bot #848

Seven contents, seven distinct session security pathways.

Quick matrix

#847 = I want to see or disconnect my devices. #843 = I received a login alert.

Promise #847

Policy CONNDEV-SUP, tree CONNDEV-GATE, 8 macros, self-service vs agent revoke matrix, KPI conndev_session_resolution_rate.

Which conndev_* typologies should be classified?

Action-oriented classifier: self-service guide ≠ revoke agent ≠ escalate ACCHACK.

Eight CONNDEV-MAP typologies

  • conndev_list_request: wants to see connected devices

  • conndev_unknown_device: listed device not recognized

  • conndev_logout_remote: disconnect a specific device

  • conndev_logout_all: log out of all sessions

  • conndev_settings_help: cannot find sessions menu

  • conndev_family_shared: spouse or child on the same account

  • conndev_post_hack: clean-up after incident #841

  • conndev_privacy_concern: who sees my session data

Policy CONNDEV-SUP: agent rules and escalation

The CONNDEV-SUP policy sets self-service first and agent revoke if needed.

Six CONNDEV-SUP rules

  1. Self-service first: CONNDEV-SETTINGS macro before admin revoke

  2. Verify identity before revoke: ticket email = profile or ID check

  3. Unknown device without fraud: remote logout guide, no auto ACCHACK

  4. Logout all if post_hack: CONNDEV-LOGOUT-ALL + 2FA tip #839

  5. Do not list detailed IP: device name and date only to client

  6. Document revoke: device, date, agent in ticket

Action matrix (agent)

  • Guide: settings_help, list_request, family_shared

  • Targeted revoke: logout_remote unknown_device

  • Global revoke: logout_all post_hack escalate #841 if suspicious order

Flow CD-1 to CD-8: standard resolution

Eight sequential steps, SLA P3 sessions < 8 h.

Flow CD-1 to CD-8

  1. CD-1 Triage: read request, tag conndev_*, urgency post_hack

  2. CD-2 Lookup: active admin sessions, last connection, orders 48 h

  3. CD-3 Educate: CONNDEV-SETTINGS if settings_help

  4. CD-4 Classify: conndev_* via CONNDEV-MAP

  5. CD-5 Execute: self-service guide, revoke device, logout all, escalate #841

  6. CD-6 Confirm: macro CONNDEV-DONE exact scope

  7. CD-7 Test: ask to confirm device disconnected or list OK

  8. CD-8 Close: KPI conndev_session_resolution_rate

Eight ready-to-paste CONNDEV-* macros

Clear macros on self-service, revoke, and privacy.

CONNDEV-* Library

  • CONNDEV-SETTINGS: "Connected devices: Account > Security > Active sessions. Disconnect each device individually."

  • CONNDEV-LIST-EXPLAIN: "Each line = browser or app where you are logged in. Name + date of last activity displayed."

  • CONNDEV-UNKNOWN-OK: "If unknown device: disconnect it from Active Sessions. Change password if in doubt."

  • CONNDEV-LOGOUT-REMOTE: "Session {{device_name}} revoked. Reconnection required on this device."

  • CONNDEV-LOGOUT-ALL: "All sessions closed. Log back in on authorized devices. Enable 2FA: guide #839."

  • CONNDEV-FAMILY: "Shared family account: each connection appears. Tip: separate accounts for privacy."

  • CONNDEV-PRIVACY: "Only you see your connected sessions. Support accesses admin logs without sharing with third parties."

  • CONNDEV-DONE: "Summary: {{action}}. Contact us if a new unknown device or suspicious command appears."

CONNDEV-GATE tree and Shopify configuration

Decision tree before escalating ACCHACK on a simple unknown device.

CONNDEV-GATE

  1. Can't find menu? → SETTINGS then LIST-EXPLAIN

  2. Unknown device without suspicious command? → UNKNOWN-OK + LOGOUT-REMOTE

  3. Post incident #841? → LOGOUT-ALL + REENABLE-2FA

  4. Fraudulent command + unknown device? → escalate ACCHACK #841

Checklist ops sessions

Document self-service session path by theme. Train: session login ≠ token push #835. Tag conndev_* for audit revokes. Sync ACCHACK revoke all AH-4 procedure.

KPI, QA and handoff to bot #848

Measuring CONNDEV detects over-escalation of hacking and missed self-service.

Four CONNDEV KPIs

  • conndev_session_resolution_rate: first-contact resolved session / total

  • conndev_self_service_deflect: % resolved via SETTINGS without agent revoke

  • conndev_false_escalate_rate: % ACCHACK #841 without fraud signals

  • conndev_repeat_7d: reopening on same device within 7 days

Bot handoff #848

Export CONNDEV-MAP to intents bot_conndev_settings, bot_conndev_unknown. CONNDEV-NO-REVOKE-BOT Guardrail: self-service guide, agent revoke #847 only.

Edge cases: B2B, public browser, Shop app

Three cases outside the standard flow.

Forgotten cybercafé browser

LOGOUT-REMOTE or LOGOUT-ALL + advice on systematic logout from public devices.

Shop app vs browser

Two distinct sessions on the same phone. LIST-EXPLAIN before global revoke.

B2B pro account

Multiple legitimate users. FAMILY macro + verify mandate before revoking colleague.

Agent training: 20 minutes CONNDEV

Module: SETTINGS first, session ≠ push, escalate #841 if suspicious order.

Exercises

  • Ticket A: where to see devices → SETTINGS + LIST-EXPLAIN

  • Ticket B: unknown iPhone → UNKNOWN-OK + LOGOUT-REMOTE

  • Ticket C: post-hacking → LOGOUT-ALL + handoff 2FA #839

How Qstomy structures CONNDEV in your stack

Qstomy route conndev_*, displays self-service path and handoff revoke agent if failed.

Three building blocks

  • Routing: intent connected_devices vs login_alert vs push_prefs

  • Guardrails: SELF-SERVICE-FIRST before auto revoke

  • Bot #848: explain tier 1 sessions

FAQ and CONNDEV deployment checklist

FAQ

Session login = push notification?
No. #847 = account sessions. #835 = alert push tokens.

Unknown device = hacking?
Not automatically. LOGOUT-REMOTE. ACCHACK #841 if support-suspect command.

Can agents see all my sessions?
Yes, on the admin support side. CONNDEV-PRIVACY: not shared with third parties.

7-Day Checklist

  • D1: CONNDEV-SUP + CONNDEV-MAP + self-service revoke matrix

  • D2: 8 helpdesk macros

  • D3: document Active Sessions path by theme

  • D4: 20-minute agent training session

  • D5: conndev_* tags + KPIs

  • D6: test device revoke + sync ACCHACK AH-4

  • D7: bot brief #848 NO-REVOKE-BOT

Linking

Enzo

July 1, 2026

Convert over 2,000 customers on average per month with Qstomy.

The world’s 1st Shopify AI dedicated to customer conversion

Empowering 200+ e-commerce merchants

Subscribe to the newsletter and get a personalized e-book!

No-code solution, no technical knowledge required. AI trained on your e-shop and non-intrusive.

*Unsubscribe at any time. We do not send spam.

Subscribe to the newsletter and get a personalized e-book!

No-code solution, no technical knowledge required. AI trained on your e-shop and non-intrusive.

*Unsubscribe at any time. We do not send spam.