

The eCommerce buying API powering amberExpress. Order products with code - sradu
http://blog.amber.io/post/72877640851/the-ecommerce-buying-api-powering-amberexpress-order

======
rahimnathwani
A comment in a previous thread states that amberExpress uses OnDemand VPN
([https://news.ycombinator.com/item?id=6890266](https://news.ycombinator.com/item?id=6890266)).
I assume that they use a transparent proxy to insert code the banner code into
the store's own web site.

Assuming that's the case, (how) does it work if the store uses HTTPS for
normal product pages?

~~~
sradu
With OnDemand VPN you can push a HTTP(s) proxy. Apple is awesome.

~~~
rahimnathwani
My question still stands, whether they are using a transparent or normal
proxy.

If a proxy is used to intercept and modify HTTPS traffic, the server
certificate used for the connection between the proxy and the client would be
invalid (I mean it would not be signed by a CA trusted by the client). Desktop
browsers report an error in response to this condition. I don't know about
mobile safari.

How do they deal with this?

~~~
sradu
Sorry for my late answer and for not understating the question initially.

We pass https traffic as is, we obviously can't look in it or manipulate it.

However most of the products (something like 98%) are on http connections.

------
navs
This is absolutely amazing. How do you keep up with changes to all the various
stores? If I were a niche retailer, is there a way to be on the amber.io
system? I'd think a plugin to some of the popular eCommerce solutions on the
market (magento, woocommerce) would be great for getting more stores onto your
network.

~~~
razvanr
Thanks, we're glad to see the market recognising potential here. It's still
early days but the support we're seeing is very promising.

Changes to the checkout process are dealt with regression testing. As for
supporting new retailers (even niche ones), feel free to email us at
founders@amber.io to support your site.

As for Magento and other platforms we're in discussions to support them too.

------
superamit
This is really cool.

eCommerce on mobile is still way too much work and I could see people building
marketplaces or purchase-enabled wishlisting/product bookmarking apps really
quickly with this.

------
deathspin
Very interesting. The scraping aspect of it scares me a bit if they don't stay
up on the various changes a retailer might make to their store. But all in
all, this could shake some shit up.

~~~
sradu
Very true. We have regression tests going in the background all the time
checking and looking at different pieces.

If something fails one of us gets an email / sms / a strongly worded letter
from our parents telling us we could better.

------
bagofhippos
How are you getting around retailers' terms of service?

What happens when they find out about you plugging credit card information and
block you?

~~~
razvanr
Excellent question, and probably the most popular we're getting. We're
currently having discussions with a lot of retailers and the ones that react
do so positively. Surely there will be some backlash from some of the big
players and we'll remove support for them if they explicitly ask us to. We
expect that much.

Then again here's a quote from a merchant that reached out just this morning:
"How do we get our store added, what you guys are doing is rad! [redacted]
I've actually already been talking to a handful of app photo app developers
about integrating our store into their app as a way to create incremental
revenue -- I'd love to be able to have them use your API instead of having to
build something ourselves."

If they're around maybe they can publicly contribute to the discussion.

------
razvanr
Thanks for your interest HackerNews. Feel free to get in touch at
founders@amber.io for in-depth questions or just to say Hi!

