The Changelog: Software Development, Open Source Securing ecommerce: "It's complicated" (Interview)
34 snips
Mar 20, 2025 
Ilya Grigorik, a distinguished engineer at Shopify, dives deep into the complexities of securing e-commerce checkouts. He discusses the rise of sophisticated threats like digital skimming and the importance of PCI compliance. Ilya shares insights on optimizing checkout performance and the innovative sandboxing approach used to manage third-party integrations safely. He also touches on how tools like Retool and advances in AI are reshaping developer efficiency and security in the rapidly evolving e-commerce landscape.
AI Snips
Chapters
Transcript
Episode notes
PostRank and Social Signals
- Ilya Grigorik co-founded PostRank in 2008, aiming to improve search algorithms by incorporating social signals.
- They built products for publishers and marketing agencies, leading to an acquisition by Google.
Web Performance at Google
- While at Google, Ilya Grigorik worked on performance measurement, leading to the creation of the W3C Web Performance Working Group.
- This involved collaborating with browser developers to establish objective metrics for website speed.
Core Web Vitals and RUM
- Core Web Vitals aim to define key metrics for website user experience, like a heartbeat for websites.
- Real user measurement (RUM) is crucial, as lab environments don't reflect the unpredictable real-world internet.