The client wanted to implement a customer identity verification mechanism with biometrics/selfie before purchasing.The main challenge was the WooCommerce architecture. By default, when a user is redirected to an external verification service and returns, the system clears the checkout form data. This created a critical security loophole: a fraudulent user could pass the verification with one identity, return to the empty form, and place the order using completely different, unverified details. Our task was to build a mechanism to prevent this manipulation without disrupting the user experience.
