Many orders in my ZenCart store go to PayPal and use the IPN system. There is an occasional problem when the order includes digital goods that are authorized for download after PayPal sends notification of payment.

Apparently, when a customer has cookies disabled in his browser, ZenCart cannot finalize the order because the session doesn't survive the trip to PayPal and back to my store. All of this is understandable. My question has to do with warning the customer about this problem before it occurs.

1) Is it correct that 'Force Cookie Use' in Configuration | Sessions must be True for a customer to receive a warning? (My testing suggests that this is correct.)

2) Is it correct that a cookie must be used to maintain the session during the round trip to PayPal and back?

3) What are the other implications of setting 'Force Cookie Use' to True? I recognize that the cookie_usage page may scare the heck out of customers, so I want to make sure it is necessary before I do that.

Thanks in advance!