AOL browser problems

I want to thank those who volunteered to help shed some light on the problem that those using the AOL browser have reported. What we saw was not at all what we expected.

First, a little background. We have had comments that items placed in a visitor’s cart disappeared when they went to checkout. I started asking questions and learned that every visitor that used the AOL browser had the same problem. But, if they switched to Internet Explorer, Firefox, or Safari they had no problem.

Each time a browser visits a page, information is sent that is used to identify that unique visitor. We take the privacy and security of our customer’s data very seriously. It is possible for some malware residing on the visitor’s computer to intercept the “session ID” and gain access to that customer’s order history, and other private data. One part of the hash is the visitor’s external IP address. If the the actual IP address does not match the hash it has to be assumed that it is no longer the same person and the browser is prevented from displaying any personal data that would otherwise be available.

What we didn’t expect was that the AOL browser goes through AOL’s proxy server which changes the IP assigned to a user within the same session, especially when going from a regular HTTP page to HTTPS (the secured connection indicated by a little padlock). Encoding all of the info on a page and then unencoding it when it arrives at the browser can add to the time it takes to display a page. For that reason, we only use HTTPS when personal data is being sent between the browser and our site.

So, every time the user would go to checkout, the connection switched to HTTPS, AOL returned a different IP address, and the cart contents vanished. Sometimes, it would even change for no reason!

Now, I could compromise the security for everyone in order to accomodate users of the AOL browser, but, I’m not willing to do that.

  1. AOL users can use Internet Explorer, Firefox, Chrome, or Safari and not have the problem.
  2. The number of AOL users is very small and shrinking at an increasing rate.

Security has been and will continue to be very important to us.

Comments are closed.