American Airlines Making Life Worse For Most Loyal Customers By Killing Useful Mile-Tracking Browser Plugin
from the lame dept
It’s still really amazing to me how often we hear about companies making their own customers’ lives worse off in an obsessive need for excess control. The latest such example comes via Rob Hyndman, who points us to the news that American Airlines has forced Award Wallet to stop providing a useful tool for American fliers trying to keep track of their frequent flyer mileage. American had cut off a bunch of web-based services in the past that would log into American’s site for you and provide a different view and other useful tools. In that case, the airline argued — perhaps reasonably — that it was concerned about security of a third party logging into the site and having access to your account/password. There are ways that American could deal with those security concerns, but at least that argument made some sense. In response, however, Award Wallet built a browser plugin that never involved data going to any third party. Basically everything stayed local. All it did was give users a better way to view the information (and was apparently especially handy for families).
And American Airlines didn’t like it.
It couldn’t use the “security” argument this time, because everything was local. But, actually, it tried to use that same argument anyway, responding to a question from BoardingArea, saying that it shut down Award Wallet to maintain the company’s…
……long-held stance on how third-party websites access proprietary AAdvantage member details… Because travelers’ AAdvantage account numbers and passwords can be used to claim AAdvantage mileage awards out of their accounts and access personal details, American will always protect this information.
We simply cannot permit websites that have not satisfied our security requirements the access needed to track AAdvantage balances or any other function that is otherwise secured behind AA.com login credentials.
But that falsely assumes that the browser plugin is a “website.” It’s possible that American is just confused… but the more likely situation is that American Airlines is still just worried about controlling the customer, rather than making sure they have the best experience for them. What services like Award Wallet do is make American’s frequent flyer program more valuable to consumers, but apparently American doesn’t want that if it means having less control.
Filed Under: browser plugin, control, frequent flyer mileage, software, users
Companies: american airlines, award wallet
Comments on “American Airlines Making Life Worse For Most Loyal Customers By Killing Useful Mile-Tracking Browser Plugin”
But if customers are able to keep track of their frequent flyer miles so easily we might *gasp* actually have to give them the rewards we promise for being a frequent flyer with so many miles!
That’s not very secure for American Airline’s wallets now is it?
There is a difference
There is a difference between airlines and providers of music, though. Now, up-and-coming artists can release and promote music themselves and profit much better for themselves than they could ever do under the control of a record label. As far as I know, it is not possible for average people to fly themselves to various destinations (especially for which other modes of transportation are no longer viable options e.g. traveling from Washington DC to San Francisco), so the airlines frankly don’t stand to lose too much from this otherwise terrible move. Plus, when it comes to power/control versus a satisfied customer base, if they are essentially guaranteed revenues anyway thanks to the airline industry essentially being an oligopoly, which do you think the airlines will pick? (Hint: it starts with a “p” and rhymes with “hour”.)
"Awards"
Yeah–awards programs exist so people can be convinced they might get some sort of reward, game the system or somesuch.
People aren’t actually supposed to be able to get rewards from these programs.
Plugins like this “Award Wallet” defeat the purpose of having an awards program in the first place.
A browser plugin can still read all of your data and store it, depending on the permissions that were set. Hopefully this plugin scoped itself appropriately.
I don’t agree with what they are doing, I’m just saying that it’s not true a plugin “never involved data going to any third party”.
They have a point ...
If I were a nefarious bastard, I might write a browser plug-on or little applet thingy that helped users more easily view their miles.
And then surreptitiously phone home with that info. Once I’ve collected lots of info from lots of users, I can decide whose account I want to compromise and steal miles from.
Far fetched? Yes.
Possible? Yes.
This isn’t control for control’s sake. This is protecting very valuable information. Credit card miles are very useful things, and very valuable. I just used credit card miles to get a $1200 round trip ticket (April can’t come quick enough!)
Re:
What didn’t you understand about “everything stayed local.”?
If everything stayed local, then yes, it is absolutely true that no data went to a third party.
They are confused.
AA, ones in the public eye, are the most technological illiterate folks you’d ever come across.
There is a control aspect of things, too. But it’s more AA concerned on perception, than anything else. They concern themselves over every little detail that may “offend” somebody.. It’s crazy. AA is a control freak, controlled by “political correctness.”
is there any company used by the public that doesn’t want to have complete control over them? i’m just waiting for the day when all these companies start fighting amongst themselves to see which one gets to have the most control of the most data from the most customers to use in the most ways that will benefit that winning company the most! should be interesting to see which company issues the most law suits!
Another story
Regarding American Airlines’ attitude to customer experience, you may be interested in Dustin Curtis’s story complaining about AA’s website: their site is horrid, so he designed a better one; an actually competent UX guy from AA responded and explained; AA fired the UX guy by way of saying thank you.
They have a point ...
I’m not sure that’s possible. For example, in order for a Chrome extension to use XMLHttpRequest to send info to your server, you’d have to put your server’s URL in the manifest’s permissions section. Then anyone installing the extenion would get a popup like:
People would notice that. Someone would open the .CRX file (it’s just a zip file containing plaintext files) and check your code.
Of course, I don’t actually know how this particular “plugin” was implemented, so I can only theorize. If anyone has more info about what Award Wallet was, I’d like to hear it.
Another story
If Curtis is such a UX genius how come the response is in such an unreadable combination of text and background colors? I had to highlight the text to read it. But we digress…
If Points and Rewards and Awards were a good deal for the consumer they wouldn’t exist, which is why I avoid them whenever possible. Of course the cost for such things is baked into the price of what you’re buying, so you’d want to try to collect them, but the time and aggravation are still not worth it.
welcome to AA employees world..
ok, so now you “real important “folks can have a taste of what American does to it’s employees on a daily basis. Sure you can accrue sick days, you just can’t call in sick or you’ll be fired! Yeah we’ll negotiate a contract with you, then we’ll restructure you out of that and more! the executhieves will be happy!!!
They have a point ...
Giving credit where credit is due and all: Josh in CharlotteNC said:
They have a point ...
Then anyone installing the extenion would get a popup like:
Install Mile Viewing Thingy?
It can access:
-Your data on aa.com
-Your data on totallynotaphisher.com
What makes you think John (or Jane) Q Public would notice or object? I worked in IT long enough to know that most people just click ok on most messages.
They have a point ...
Hello, Alexi from AwardWallet.com here. I am the one who architected the browser extension and I was in charge of the dev team who implemented it. Here is how it worked: (1) user enters their user name and password into the plugin and the credentials are encrypted and stored locally inside the plugin on that computer. (not on our server) (2) user clicks “Update” on AwardWallet. (3) a new browser tab opens up and the user’s browser navigates to aa.com (3) the extension grabs the locally stored credentials and logs the person into aa.com (4) the extension reads that cached web page from the browser and using x-path finds the mileage balance (5) the balance is then stored in the same plugin alongside with the encrypted credentials.
In this process no AA related data ever goes to AwardWallet.com, there are two ways to verify that: (1) network sniffer (2) look at the source code.
Cheers,
-Alexi