[Luyện thi] Magento Solution Specialist - Lesson 1 (part 1)

Bài đầu tiên này Alex viết trước khi tổ chức lớp học Magento Solution Specialist (theo nội dung slide này) Sau khi lớp học chiêu mộ tuyển sinh, thì hiện nay đang có gần 20 bạn join học. Concept là chia nhau các topic để ôn luyện. Mỗi nhóm là owner của 1 topic, hướng đến việc deliver kết quả là document lưu lại kiến thức học, post kiến thức lên stories, sharing key points cho những người khác vào chiều thứ 4 hàng tuần và nếu được biên soạn các câu hỏi để test trình độ.

Phần đầu tiên, mình và @emmy take charge, có biên soạn 1 tài liệu chi tiết hơn ở đây. Mình gửi gắm qua stories ở đây nhé!

Phần 1 này cover những nội dung sau:


1. Understand keyword “Merchandising"

Merchandising is a term used in retail to describe the art and science of floor plan development and the presentation of products. In your Magento Commerce 2.0 store, you might think of the category-based navigation as the floor plan of the store, and the dynamic presentation of products as the conditions that you can apply to the listing of products in the store.

In Magento Commerce 2.0, you will have the feature “Visual Merchandiser “. It is a set of advanced tools that allows you to position products, and apply conditions that determine which products appear in the category listing.



2. What the different between “Multichannel” and “Omnichannel”

Although both multi and omnichannel involve selling across multiple physical and digital channels, the key difference is how the customer experience is joined up across those channels.

A traditional multichannel retailer may have a website and physical stores. These two channels are generally very siloed, and have very little interaction with one another. Stores will have their own stock and will sell directly to customers, while the website will have its own stock. Items purchased in stores can only be returned in store, and sometimes online orders cannot be returned in-store. As a customer, your online interaction with the retailer is completely separated from your offline interaction. In essence, the online and offline channels are treated as separate businesses.

The opposite is Omnichannel when all the channels are integrated. Customers can switch easily among the channels. They can start purchasing from one channel and return/exchange in another channel.

Some well-known Omnichannel strategies:

  • Endless Aisle: Endless aisle refers to the ability retailers give shoppers to still purchase items when they can’t be found in-store. By marrying online and offline inventories, sales associates can ensure customers have access to any product they want.
  • BOPIS: Buy online pickup in store
  • BORIS: Buy online return in store

3. Affiliate Marketing

Affiliate marketing is an online sales tactic that lets a product owner increase sales by allowing others targeting the same audience – “affiliates” – to earn a commission by recommending the product to others.

While product owners make less money per sale because they must pay a percentage of the sale to the affiliate, they are also reaching potential customers they probably wouldn’t reach on their own.

Affiliates can earn commissions on a one-time purchase or recurring income through sales of subscriptions or membership programs.


  • Register to join an affiliate program
  • Marketers receive a unique URL that includes their affiliate ID.
  • They share that unique URL with their subscribers, site visitors, and social networks via text links or ads.
  • When someone clicks on that link, affiliate software records that click and any resulting product sales in the affiliate’s account.
  • When commissions reach a pre-determined threshold, the affiliate is paid.

When using Magento, we need to find an extension or SAAS provider for this function. In the past, Magestore offered this solution. It has been top rated product in the market for several years.

4. Social Marketing

The use of social media (Facebook, Twitter, Instagram, Pinterest, LinkedIn, etc) to spread the word about your company and interact with customers.

Some trending strategies for Social Marketing:

  • Facebook Pixel: A code tracking system installed on your website to link Facebook Retargeting to customer behavior in website. retargeting is simply placing ads and other media in front of individuals who have taken action within your sales funnel in the past. Whether you wish to re-engage a visitor who scrolled down your entire home page, one who clicked through but quickly exited the site or something else entirely, the Facebook Pixel makes it possible

To get started with the Facebook Pixel for your e-commerce store, Essihos recommends adding the following custom conversions to your website once the pixel is successfully installed:

  • View Content
  • Add to Cart
  • Initiate Checkout
  • Complete Purchase

Besides, when installing Facebook Pixel, you can create “Lookalike" group of audience. It’s not the customer who visited your site but a lookalike group based on the behavior of your online shopper. With the super big database of facebook, this group can be generated easily & effectively

  • Live Video: As a final tip, remember to be authentic. Live videos have been successful because they present an unscripted look into your brand. This content gives customers the chance to relate to you and your brand further when you showcase the human qualities that make your brand unique.

  • Split Test Your Way To The Top

Social platform enables you to do A/B Testing for the ads. users are able to split test based on everything from the country one lives in to their relationship status to their age and more. Take advantage of this data by testing to see who your brand resonates most with. The key to effective split-testing though, as Essihos explains, is to never try everything all at once. Instead, similar to science experiments, isolate the variables to be certain of which preferences are resulting in the desired outcome.

  • Integrate Social Proofing

Recommendation on Facebook: it has been reported that 92 percent of consumers are more likely to trust recommendations from individuals they don’t personally know over brand recommendations.

  • Authentic content from influencer on Social channel

User generated content is another effective way to grow your business, as it engages your customers and lets them shine using your stage as a platform.

Encourage users to tag you in their product photos for a chance to be featured on your page or run a contest for the best live video that shows customers opening their product packages.


A next level of Social Marketing is Social Commerce

It differs from social media marketing as you’re not redirecting users to an online store, but offering them the ability to checkout directly within the network they’re using at that moment.

At its core, it’s about making it easy for users to complete their purchase.

It’s about removing the potential for confusion and thus abandonment.

Selling on facebook:

5. Email Marketing

Basic understanding about Email Marketing: https://mailchimp.com/email-marketing/

First, you need to build email list

  • Create a signup form on your website.When people come to your website for the first time and like what they see, they’ll want a way to stay in-the-know about your brand.

  • Create a form for newsletter signups and install a pop-up for first time visitors.
    Use a good old-fashioned signup sheet.Whether it’s at your brick and mortar store, or an event that you’re hosting or attending, when you’re surrounded by people who are into what you do, provide a place for them to sign up and learn more.

  • Drive signups through social media.If you don’t have a substantial email list (or you’d just like to see it grow), but you’ve got an engaged social media following, tap into that resource. Share your signup form on your social channels.

  • To add more subscribers to an existing list:

Host a contest or offer a discount.We’re big fans of giving people an incentive to sign up for your email list—and we know that contests work. Try offering a prize for some lucky new subscriber or a discount code for a first purchase.

  • Make your emails easy to share. When you create beautiful, compelling emails, people will want to share them. Mailchimp gives you features (like share buttons and social media post builders) that let the word about your emails spread quickly.

  • Build a landing page through Mailchimp. Landing pages offer one more way to grow your email list. Using your best imagery and content, landing pages give people a clear call to action and drive email signups way, way up.

Shouldn’t buy email list. Be aware of GDPR regulation (https://gdpr-info.eu/issues/email-marketing/)

Send targeted campaign:

Send targeted campaign: 2 types of email. Newsletter & Triggered Email based on behavior (email automation) Email automation is the ability to send time or action triggered emails to subscribers with relevant information. Automation is useful for a variety of different marketing purposes.

6. Set up new online store

New store can be your start of business or it’s the next phase in your business development besides a physical store or a selling place on a marketplace. You need to think from Business side first before thinking in terms of technical stuff.

  • Strategy (90%): who is your competition. and what will set you apart? What are you offering that your competitors will not offer? Why do you want to get into this business?

Try to find your Unique Selling Points. What is your branding statement? What will be the main difference from your store compared to other competitors?

  • Technology (10%):
    • Determining the platform to start with. If this is a small company with limited funds, Magento is likely not the best option. A SaaS platform is likely to be the best option. It has a low cost of entry (monthly fees) and has many features. However, if you have a quite complicated business concept which requires a more sophisticated platform to serve, it should be Magento.

Understand the marketshare of ecommerce platform

According to builtwith report in 2018, Magento has 13% market share in the total and be leading platform for Top 100 Retailing in the world.

To understand suitable Magento products for your need, please follow this to explore https://magento.com/

Steps that you need to take when setting up a Magento Store:

  • Hosting: We like MageMojo, but there is a plethora of hosting options on the market. It is good to talk with the hosting company to determine the server specifications necessary to find the right balance between computing power and paying too much.

  • Deployment: getting the site going. Launching a new site is much easier than migrating existing websites. You just have to point the domain name at the store, remove any temporary protections (such as a password entry present during development), and you are good to go.

  • Maintenance: the basic level of maintenance (from a developer’s point of view) includes patching. From a store owner’s view, they need to keep the products up to date, fulfill orders, and follow their strategy for growing the company. If you are using Magento, you should subscribe to Security Portal where Magento always keep updated with new patch or new issue.

7. Search strategies: SEO & Keyword search, auto-suggest, auto-complete, and guided navigation

Should clarify the “search strategies" here. It has 2 meanings:

  1. How people can find your store/your product online (goole search - how to do SEO in Search Engine)
  2. How a product/information can be found on your site? (internal search)

How to do SEO for Ecommerce Store

Ultimate guide for this topic: https://neilpatel.com/blog/optimize-online-store-organic-search/

  • Keyword Research

  • Choose keyword for your website and your landing page

  • On page SEO: put keyword in different places on your page (title/description/H1-H2/Image file name/URL

  • Site architecture: a flat & clear structure can help Google understand your site the most

  • Social media integration

  • Mobile Optimization

  • Page Load Speed

  • Site Errors

  • Layout, formatting: Google rate based on time on site & online behavior of your customers

  • Fresh Content, Blog Content & Long Tail keyword: Google like updated content

  • Inbound Link & Outbound Link

  • Using rel=”canonical” to avoid duplicate content flags.

    • The canonical tag tells search engines which single URL is the source for that product. Common within Magento will be a product in multiple categories, resulting in the same product page accessible via several URL paths (one for each category). If you don’t tell Google which URL is the “master” (vs. the duplicates), Google will pick one.
    • Ensuring that those canonical links exist.

How to do site search


  1. Econsultancy found that due to the higher level of intent, site search users convert at a rate of five to six times their counterparts not using search. If you’re not paying attention to search, like most marketing and web teams, you are certainly missing out.

  2. Understand the role search plays in your user experience. Where does your search results page land in terms of traffic? Does the frequent path of users include a search query? If you install GA for your site, it can tell this number .

  3. Use the language of your customers rather than your own. Every company has their own internal jargon they use for what they are doing and often their own view of how life-changing their products are. Your customers don’t want buzzwords. Spend some time talking to a sample of customers and find out how they view your products and services and position your message accordingly.

What you can do to improve site search

Read more here: http://www.cybersitesearch.com/docs/e_commerce_site_search.html

(It’s the guide of Cyber product, however, it states all the ideas of how to optimize your search system in ecommerce site)

How to improve site search: https://www.marketingsherpa.com/article/interview/how-to-improve-your-sites

You can use:

  • Keyword Search, Auto Suggest & Auto Complete is quite easy to understand
  • Guided navigation: Drilled down product attributes (Price/Brand/Category/Color…)

8. Upsell & Cross Sell in Ecommerce

The difference

Cross-selling identifies products that satisfy additional, complementary needs that are unfulfilled by the original item.

Upselling often employs comparison charts to market higher-end products to customers.

Cross-selling and upselling are similar in that they both focus on providing additional value to customers, instead of limiting them to already-encountered products. In both cases, the business objective is to increase order value inform customers about additional product options they may not already know about.

Implement in Magento

Magento 2 CE also support related product, upsell and cros-ssell function. The basic one which you can configure in each product.


Related Products, Up-sells, and Cross-sells are a powerful tool in Magento. Do you find yourself spending a lot of time managing Product Relationships for your business? You release a new product and now you need to go to multiple other products and add the new Product Relationship. Related Products Rules can save a lot of time and effort spent managing your businesses’ Related Products, Up-sells, and Cross-sells on your B2C or B2B eCommerce website. Want to cross-sell socks with shoes? You can create a Related Products Rule and viola you are done. No more Relating Products item by item – now that time can be spent growing your business!


Besides, Alex has an article about the Related Product, Cross Sell and Up Sell, follow this link: https://stories.magestore.com/t/phan-bi-t-related-product-up-sell-va-cross-sell/186/5


1. User data security standards in different marketss (USA, Canada, Australia, Europe)

• USA is one of the most lenient in the world.

Instead of formulating one all-encompassing regulation such as the GDPR, it chose to implement sector specific data protection laws and regulations that work together with state-level legislation to safeguard American citizens’ data.

• EU data privacy states that you cannot store most any

customer data outside of the EU. Used to have safe harbor

agreement in place, but that no longer exists.

Replacing the EU Data Protection Directive 95/46/EC that was felt no longer adequately addressed the tremendous technological growth of recent years, the GDPR aims to harmonize data privacy laws across Europe, while not only protecting EU citizens’ sensitive data, but also empowering them to better control their data.

The US seems more concerned with integrity of data as a commercial asset, while the EU, with the GDPR, has firmly put individual rights before the interest of businesses. In the EU, it will be companies that will be held liable in the eyes of the law and pay if they fail to protect EU data subjects’ data.

• Canada just introduced very strict spam laws.

2. PCI Standards and processes

PCI SAQ (self-assessment questionnaire):

What is PCI?

  • The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment. PCI is managed by the PCI SSC
  • Cardholder data must not ever be stored or transmitted unencrypted.
  • Unencrypted cardholder data must not be seen by unqualifed individuals.
  • Encrypted cardholder data is still subject to safety measures.

• Reference:




1.Determine your merchant level.

2.Determine your validation type.

3.Complete and report an attestation of compliance and self assessment questionnaire (SAQ) annually.

4.Complete and report results of all external vulnerability assessment scans (all public facing IP addresses used to process, view, or handle credit card data require scans) performed by an approved scan vendor (ASV) quarterly.

5.Create and update an information security policy annually.

Utilize a PCI scanning tool that will provide a report on the level of compliance. If there are any failures, they will need to be addressed and resolved before a rescan is to take place.

Reference: https://www.dynamicnet.net/pci_complance_process/

What are PA-DSS / PCI-DSS rules and practices?

• Every organization that handles credit cards needs to comply with PCi DSS, only vendors that make and sell payment applications need to meet PA DSS.

• Every organization that handles credit cards needs to comply

with PCI DSS (Payment Card Industry Data Security Standard). However, the number of card transactions that your company handles can impact the compliance validation requirements to PCI DSS. Entities that have limited scope in their cardholder data environment (ex: retailers that use imprint only or process all card data with an online provider and have no electronic storage of cardholder data at their sites or on their networks) may not be required to submit a Report on Compliance (ROC) and can use the self assessment questionnaires (SAQs) for PCI DSS compliance

• Build and maintain a secure network.

• Protect cardholder data.

• Implement strong access control measures.

• Ensure the maintenance of information security policies.

• Vendors that make and sell payment applications need to

meet PA DSS (Payment Application Data Security Standard).

3. What are SSL and TLS?

SSL Usage in ecommerce: SSL stands for Secure Sockets Layer, and is the industry standard when it comes to safe and secure online transactions between websites and users. Put simply, the SSL technology allows for an encrypted connection to take place between a user’s web browser and the web server of the website that the customer is browsing.

SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Normally, data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping. If an attacker is able to intercept all data being sent between a browser and a web server, they can see and use that information.

• SSL when transmitting cardholder data is a must.

• Preferably use TLS 1.2 (Transport Layer Security) but limited due to older browsers that no longer support that.

• Browser vendors are pretty much forcing all sites to switch

to https (Hypertext Transfer Protocol Secure, là một giao thức kết hợp giữa giao thức HTTP và giao thức bảo mật SSL hay TLS cho phép trao đổi thông tin một cách bảo mật trên Internet)

SSL and TLS are both cryptographic protocols that provide authentication and data encryption between servers, machines and applications operating over a network (e.g. a client connecting to a web server). SSL is the predecessor to TLS.


1.Browser connects to a web server (website) secured with SSL (https). Browser requests that the server identify itself.

2.Server sends a copy of its SSL Certificate, including the server’s public key.

3.Browser checks the certificate root against a list of trusted CAs and that the certificate is unexpired, unrevoked, and that its common name is valid for the website that it is connecting to. If the browser trusts the certificate, it creates, encrypts, and sends back a symmetric session key using the server’s public key.

4.Server decrypts the symmetric session key using its private key and sends back an acknowledgement encrypted with the session key to start the encrypted session.

5.Server and Browser now encrypt all transmitted data with the session key.


Cám ơn chị Jasmine & Emmy. Bài dài và rất công phu ạ hi vọng em sớm đọc xong được hết :smile:

Thank em. Chị phát hiện ra trong giờ nghỉ trưa, thay vì lướt Face, lướt Stories cũng ra nhiều cái hay phết :wink:

1 Like

@walter anh có thể giải thích cho em 1 số ý ở dưới đây thêm đc k?

  1. SSL và TSL khác nhau thế nào ạ? TSL được cho là sinh ra sau thì có điểm gì nổi trội và hạn chế so với SSL
  2. khi nào thì website bị chuyển về https và khi nào thì k ạ? Việc chuyển đổi này có liên quan đến SSL và TSL k ạ?

Thank you :smiley:

Thứ 1: SSL vs TLS cơ bản giống nhau vì đều là hai thuật toán mã hoá (hiểu nôm na là khi em truy cập site thì mọi thông tin đi trên internet đều được mã hoá với SSL or TLS) TLS sinh sau đẻ muộn nên thuật toán tiên tiến hơn, khó phá hơn, vậy nên nó được ưa dùng hơn so vs các đời SSL từ v3 đổ xuống.

Thứ 2: Website bị chuyển về https khi có cấu hình ưu tiên cho nó (tức toàn bộ yêu cầu http được máy chuyển hết về https). Việc chuyển đổi này không liên quan tới thuật toán. HTTPS được xây dựng dựa trên thuật toán mã hoá là SSL và TLS. Còn người dùng có muốn dùng hay không chính là liên quan tơi chuyển hay không chuyển https


1 Like

thank kiu thank kiuuuu :smile: