Ideally you shouldn't require users to make an account to make a purchase at all. There should be a "guest" path for purchases. Some sites still get this right. I can buy anything from plane tickets to pizzas without having an account on the company's website. Meanwhile half the "Show HN" non-commercial toy websites I come across seem to require a confirmed email for no good reason at all (probably because the webdev is hoping his little toy website somehow becomes a real business, and then he can spam my inbox with updates about this and turn me into a paying customer.)

Off the top of my head, here are some companies that don't require me to confirm my email address when making a purchase or an account: Southwest Airlines. Dominos Pizza, Hacker News, Reddit.

If those guys don't need a confirmed email address, probably your site doesn't either.

Southwest Airlines knows an awful lot more information about you than you provide them. They don't need your email address because they know who you are - and they make it your responsibility to monitor changes to your schedule/flight.

Dominos Pizza allows you to monitor in real time the status of your delivery on their website after checkout. You can provide an email address to access the tracking status page again if you close it.

Hacker News is not a good representation of anything outside of a very tech-focused forum. It's designed to be anonymous, there is nothing to keep track of (order status etc) and if you lose your password to HN, you might just be SOL. That's not going to fly for the general public.

Reddit is focused on eyeballs and clicks - nothing else. You're not buying things on Reddit and waiting for them to deliver to your house or whatever. Reddit just needs you to click and look at things to make money. Reddit also requires an email address, but if you don't provide a real one then you're SOL if you lose access. Again, not going to fly for the general public.

The reality is, most regular sites do need a reliable way to contact you for business reasons. Some are even required to have your contact information (for international shipments, as one example).

Your email inbox does a good job of holding emails for you, so let's stop pretending it's a huge burden to get an email... and if you find your way onto some newsletter list just click the unsubscribe button. It's not that hard...

Dominos doesn't even verify that you own an email address when you register one. I have received Dominos delivery updates sent to my email address for pizzas delivered to a person who doesn't even live in the same country as me. These updates contained a bunch of PII information about the customer including their exact home address depicted on a map inside the email.

Web developers: verify that people own the email addresses or phone numbers that they register!

Considering that Domino's doesn't verify you're actually at the physical address you're having a pizza delivered to, I doubt they are sweating an email addy

In these cases, which I think are more unusual than usual, a email can be required during checkout. There's almost never a valid reason to require a confirmed email account during account creation, before the user has even decided if they want to make a purchase.

Buying something online or subscribing to a service? The company does need a way to contact you... which is going to be email.

Email addresses are more-or-less globally unique, which makes them very handy for identifying an individual customer. Verifying the email address is an extra step that can provide the business with more confidence when dealing with a new potential customer. Certain types of fraud vanish or are greatly impeded with email verification, such as carding attacks. Customer support tasks can be performed more reliably and with identity confidence of who they are dealing with, stopping account impersonation attacks and more.

With all that said, sites that choose not to verify email addresses put a greater burden onto the customer for support needs. Password resets, order tracking, cancelling subscriptions etc. all become more difficult if the email address entered by the customer had a type-o for example, or belongs to someone else.

That doesn't mean all sites should verify email addresses - but it does mean railing against any site that does is misguided.

Account registration is the perfect time to do email verification, if the business is going to do it. The user already is in that "mindset"... and clicking a link is really not very difficult. Everyone in that flow understands what is going on.

Sites like Etsy probably have a significant fraud problem... and as previously discussed verifying email addresses goes a very long way towards minimizing risk.

Companies like Twitter and Discord likely require verification for the same reasons - fraud/abuse. I am aware Twitter has had a history of abusing that data, but the initial reason for verification remains the same.

I'm actually surprised more websites don't require verification. It's easy to do, and the benefits are very obvious. Most users aren't bothered by it either...

Smaller ecommerce sites still keep the Guest Checkout flow available because they would rather not impede checkout for any reason - although that means they take on additional risk. Major ecommerce sites require accounts (think Amazon, Newegg, Etsy, Walmart, Zappos, Chewy) and some do require verification. At their scale, fraud and abuse become very difficult problems that require a lot of time/resources.

OAuth/Social Login has removed some of the need to verify email addresses at the business level. This is because a trusted 3rd party Identity Provider has already done that for you, and most OIDC IDP's already provide an "email_verified" flag of sorts. Depending on your trust level (connecting to Google's IDP vs. random IDP), you can just use this data and assume it's been verified, removing that step for the customer.

With an email address the customer can reset their own password for using their account with self service features - like get a duplicate invoice or view/change/cancel a reservation or similar stuff.

Without an email address / phone number / something to link a customer to their order, the customer will need to phone up a call centre or visit a store or use live chat to get what they need.

Southwest probably have a call centre or live chat anyway. Dominos have stores (and presumably a customer service department) and a pizza order is probably only interesting for a short time.

If the customer can't sort their order out or get it sorted out, they will complain or give bad feedback. Even if it was their choice not to leave an email as they were too busy.

Your business without any of these things has no incentive to get them if it can just collect emails instead and let users use self service features. Even if you already have call centers / live chat / stores then your cost of dealing with the customer via a self service portal is probably way cheaper than using them.