Hacker News new | comments | show | ask | jobs | submit login
The eCommerce buying API powering amberExpress. Order products with code (amber.io)
27 points by sradu 1260 days ago | hide | past | web | 12 comments | favorite

A comment in a previous thread states that amberExpress uses OnDemand VPN (https://news.ycombinator.com/item?id=6890266). I assume that they use a transparent proxy to insert code the banner code into the store's own web site.

Assuming that's the case, (how) does it work if the store uses HTTPS for normal product pages?

With OnDemand VPN you can push a HTTP(s) proxy. Apple is awesome.

My question still stands, whether they are using a transparent or normal proxy.

If a proxy is used to intercept and modify HTTPS traffic, the server certificate used for the connection between the proxy and the client would be invalid (I mean it would not be signed by a CA trusted by the client). Desktop browsers report an error in response to this condition. I don't know about mobile safari.

How do they deal with this?

Sorry for my late answer and for not understating the question initially.

We pass https traffic as is, we obviously can't look in it or manipulate it.

However most of the products (something like 98%) are on http connections.

This is absolutely amazing. How do you keep up with changes to all the various stores? If I were a niche retailer, is there a way to be on the amber.io system? I'd think a plugin to some of the popular eCommerce solutions on the market (magento, woocommerce) would be great for getting more stores onto your network.

Thanks, we're glad to see the market recognising potential here. It's still early days but the support we're seeing is very promising.

Changes to the checkout process are dealt with regression testing. As for supporting new retailers (even niche ones), feel free to email us at founders@amber.io to support your site.

As for Magento and other platforms we're in discussions to support them too.

Very interesting. The scraping aspect of it scares me a bit if they don't stay up on the various changes a retailer might make to their store. But all in all, this could shake some shit up.

Very true. We have regression tests going in the background all the time checking and looking at different pieces.

If something fails one of us gets an email / sms / a strongly worded letter from our parents telling us we could better.

This is really cool.

eCommerce on mobile is still way too much work and I could see people building marketplaces or purchase-enabled wishlisting/product bookmarking apps really quickly with this.

How are you getting around retailers' terms of service?

What happens when they find out about you plugging credit card information and block you?

Excellent question, and probably the most popular we're getting. We're currently having discussions with a lot of retailers and the ones that react do so positively. Surely there will be some backlash from some of the big players and we'll remove support for them if they explicitly ask us to. We expect that much.

Then again here's a quote from a merchant that reached out just this morning: "How do we get our store added, what you guys are doing is rad! [redacted] I've actually already been talking to a handful of app photo app developers about integrating our store into their app as a way to create incremental revenue -- I'd love to be able to have them use your API instead of having to build something ourselves."

If they're around maybe they can publicly contribute to the discussion.

Thanks for your interest HackerNews. Feel free to get in touch at founders@amber.io for in-depth questions or just to say Hi!

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact