Plugin Guides

TrustLens 1.3.5: Link the Stores You Own So a Bad Customer Can’t Walk Between Them

TrustLens 1.3.5: Link the Stores You Own So a Bad Customer Can't Walk Between Them


Plugin Guides · TrustLens 1.3.5

Bad at One Store, Known at All of Yours

TrustLens 1.3.5 ships the Store Trust Network — a Pro feature that lets a merchant privately share customer risk flags across their own linked WooCommerce stores, so a serial returner or chargeback filer doesn’t get a clean slate the moment they visit a different store you own.

The blind spot of running multiple stores

If you run more than one WooCommerce store — two separate storefronts, a primary brand and a clearance outlet, stores in different niches that share a business entity — you already know the operational awkwardness involved. Separate dashboards, separate customer lists, separate everything.

What you might not have thought about yet is the security gap that comes with that separation. A customer who racks up three chargebacks at your first store has a full trust profile there: Risk segment, a string of dispute flags, the pattern clearly visible. But the moment they place an order at your second store, they arrive completely unknown. No history. No flags. TrustLens at the second store sees a new customer and has no local data to score them against — so it starts cautiously optimistic, the way it should with any new shopper.

That gap is the problem the Store Trust Network closes. Not by connecting you to strangers’ stores, and not by sending data anywhere public — but by letting your own stores quietly compare notes with each other.

What the Store Trust Network actually is

The Store Trust Network is a Pro feature in TrustLens 1.3.5 that lets a merchant who runs multiple WooCommerce stores they own link those stores so that customer risk flags — specifically, whether someone was flagged as high-risk or accumulated chargebacks at one of your stores — are recognized at the others.

This is important to frame correctly, because it is easy to imagine and easy to misstate. The Store Trust Network is not a shared database across all TrustLens users. It is not a public reputation network. There is no central server. Your customer data never leaves the stores you own. What the network does is create a private, direct channel between the specific stores you authorize, using a secret key that only you hold.

Think of it as your stores sharing a private shortlist of flagged customers — not a public record, not a third-party service, just your own stores talking to each other about customers you’ve already encountered at your own shops.


Opt-in and off by default

The Store Trust Network is disabled until you explicitly enable it. You need to generate a group key, paste it into each store you want to link, and switch on the toggle. Nothing happens until you do all three. Existing per-store customer data and trust scores are unaffected whether the network is on or off.

How to set it up in three steps

Setup is deliberately minimal. There are three things you do once, and then the system runs on its own.

Generate one group key

In any one of your stores, go to TrustLens → Settings → Store Network and click the Generate button next to the Group key field. This creates a cryptographically random 64-character secret key. Copy it — you’ll use it in every store you want to link.

Paste the same key into every store

In each of your other stores, navigate to the same Store Network settings tab and paste the identical key. The key has to match across all stores because it’s what makes the same customer hash to the same value on each one — if the keys differ, the stores can’t recognize the same customer.

List each store’s URL, enable the toggle

In each store, add the URLs of your other stores (one https:// URL per line) and switch on the Enable network toggle. Once that’s saved in every store, the hourly background sync starts automatically.

That’s the entire setup. No API integrations, no third-party accounts, no configuration beyond those three fields.

What gets shared between stores — and what doesn’t

No customer names, email addresses, order details, or payment information are ever shared between stores. What passes between your stores is a keyed hash — an irreversible HMAC-SHA256 fingerprint of the customer’s email address — paired with a flag level and a reason category.

To make that concrete: if a customer named “Jane Smith” with the email [email protected] racks up chargebacks at store A, store A records a flag entry that looks like a 64-character hex string, a level (either “caution” for customers in the Risk segment, or “high” for Critical), and a short reason slug like “chargeback”. When store B syncs, it receives that hash. When Jane later places an order at store B, TrustLens hashes her email with the same group key and checks whether that hash matches anything in the flagged list. It does. Store B now knows to score her carefully — without ever seeing her name or email in the sync data.

The group key itself is never transmitted. Stores authenticate each other using an HMAC signature of a fresh timestamp — so any party intercepting the request sees an expiring signature, not the underlying secret.


The hashing uses your group key, not your site’s secret keys

TrustLens uses your WordPress site’s secret keys to hash customer emails within each store — which means those hashes are store-specific and intentionally non-portable. The Store Trust Network uses a separate owner-supplied group key for cross-store matching, so the two systems don’t interfere with each other. Your existing customer profiles are not affected.

How the background sync works

Each store pulls flags from its peers via a direct REST API call to the other stores once per hour, using WordPress’s built-in cron scheduler. There is no intermediate server routing the data — store A calls store B directly, and store B returns whatever flags it has recorded since the last sync.

Checkout is never slowed or blocked when a peer store is offline. Each store reads from a local copy of the flags it has pulled — so even if store B is unreachable, store A continues scoring customers normally using whatever network flags it already has. Network errors are handled quietly: if a peer can’t be reached in a given sync round, the sync skips that peer and tries again in the next hour.

The “Share my flags” toggle in the settings gives you an additional control: you can configure a store to pull from its peers without contributing its own flags back to them. This is an edge case — in most configurations you’ll want all stores to share equally — but the option exists if your stores have asymmetric risk exposure.

Catching a bad customer on their very first order

One of the quieter consequences of this design is how it handles brand-new customers at a store where they have no local history yet.

By default, TrustLens waits until a customer has placed at least three orders before moving them out of the Normal segment — the logic being that two or three orders gives the scoring engine enough signal to be meaningful. A customer with a single order doesn’t have enough data to score confidently, so TrustLens holds off on assigning a risk segment.

That threshold is sensible for organic new customers. But a customer who has already been flagged as high-risk at another store you own is not really an unknown quantity — they just haven’t done anything locally yet. The Store Trust Network overrides the thin-data wait for flagged customers: if a peer store has flagged someone, TrustLens scores them on their very first order at this store, treating the network flag as a credible signal even without local history.

In practice this means a customer who has burned you at store A doesn’t get to place an unscored order at store B while local history builds. Store B sees the flag immediately and weights the score accordingly.

The Settings → Store Network panel

The settings tab that covers the Store Trust Network has two sections.

The first is the configuration form: the enable/disable toggle, the group key field with its Generate button, the linked store URLs textarea, the Share my flags toggle, and two penalty fields. The penalty fields let you control how much the network signal weighs on a customer’s score — a caution-level flag (Risk segment at a peer) deducts a configurable number of points (default 15), and a high-level flag (Critical segment or chargeback at a peer) deducts more (default 35). Both are adjustable if you want the cross-store signal to carry more or less weight relative to your other scoring modules.

The second section is the sync-status panel. It shows when the last sync ran, how many flags this store has shared with peers, and how many it has pulled in. Below that is a per-peer table: each linked store URL, whether the last connection was successful or failed (with a reason if it failed — for example, “Rejected — check the group key matches this store”), how many flags were pulled in the last round, and when the check was last attempted. A “Sync now” button triggers an immediate manual pull if you want to test connectivity or pull in flags without waiting for the next cron run.

For free-version users and for Pro stores with a single-site license, the tab shows an informational upsell panel describing the feature. None of the controls are shown until the feature is available on the active license.

Who can use it

The Store Trust Network is a Pro feature on multi-site (or unlimited) plans. A single-site Pro license can’t enable it — not because of an artificial restriction, but because a single store has nothing to link to. The feature only makes sense when you have more than one store, and multi-site plans are the licenses designed for that setup.

Free-version users see the Store Network tab in settings, but the working configuration form is replaced with an informational upsell. All other TrustLens features — the eight detection modules, the trust-score engine, the Command Center dashboard, the chargeback tracking, the checkout blocking — are unaffected and unchanged regardless of whether you have access to the network feature.

If you’re running more than one WooCommerce store and want to understand what TrustLens does for a single store before thinking about linking them, the TrustLens first-time setup guide covers the basics from installation through the first scoring pass. And if you’re curious about how linked-account detection works within a single store — catching customers who create multiple accounts — that’s a separate module covered in how TrustLens detects linked accounts and what it shares.

Also in 1.3.5: the smaller changes worth knowing about

Three other changes shipped alongside the Store Trust Network in 1.3.5. They’re smaller, but two of them affect accuracy silently — worth a brief look.

More accurate return-rate scoring

TrustLens tracks each customer’s return rate as part of the behavioral scoring engine. An off-by-one in how the stored return rate was calculated meant every customer’s figure was slightly skewed — not dramatically wrong, but enough to nudge scores in the wrong direction on the return-abuse detection module.

The bug is fixed in 1.3.5. Existing customer profiles are recalculated automatically the first time the plugin runs after the update — you don’t need to trigger a Historical Sync manually. Scores that shift are reflecting more accurate underlying data.

Lighter WordPress dashboard

TrustLens previously loaded its full admin script and style bundle on every WordPress admin page, including the main dashboard home screen where it doesn’t show any UI. In 1.3.5 the plugin loads only the small stylesheet required by the Customer Trust widget on the dashboard — the heavier script bundle stays on the pages that actually need it. A minor change, but your WordPress dashboard home now loads lighter for every admin session.

Removed WordPress 6.7+ translation notice

WordPress 6.7 tightened the rules around when plugins can load translations, and TrustLens was triggering a “translation loaded too early” notice in Site Health and debug logs via the Freemius activation message. The fix is straightforward: the affected call now runs on the init hook instead of at load time. If you run WordPress 6.7 or later with debug logging on, this notice will no longer appear.

What to do next


Practical next steps

  • Update TrustLens to 1.3.5 from your WordPress plugins screen. The return-rate fix and the dashboard performance improvement apply immediately on update.
  • If you run multiple stores on a multi-site Pro plan: go to TrustLens → Settings → Store Network in each store, generate a group key in one store, paste the same key in all the others, add the peer URLs, and enable the toggle.
  • After enabling the network: hit “Sync now” to do an immediate first pull and confirm the per-peer status table shows green for each linked store. If a store shows a “Rejected” error, double-check that the group key is identical in both stores.
  • On single-site Pro or the free version: the 1.3.5 update still brings the return-rate fix and the dashboard improvement — only the Store Trust Network is gated to multi-site plans.
  • Check Site Health if you run WordPress 6.7+ with debug logging enabled — the translation notice should now be gone.

The Store Trust Network is a narrow feature by design — most stores don’t need it, and it requires a deliberate setup step to activate. But if you’re one of the operators who runs several WooCommerce storefronts and has been quietly absorbing losses at each one from the same bad customers cycling between them, this update gives you a way to close that gap without any customer data leaving your control.

TrustLens 1.3.5 is live

Update from your WordPress plugins screen. The Store Trust Network activates only after you configure it — nothing changes automatically on update.