bug being squashed

Sign-up bug resolved

Leave a Comment / News, Release notes / By

Sign-up bug resolved

Normally, we don’t report on every bug that we fix in ChatMDR. Not that we have many (ahem…) but usually they roll up into the next software release.

On March 20, however, we hit a bug – and solved it the same day – that affected dozens of customers. And unfortunately it made ChatMDR unusable for new users. We wanted to make sure everyone who was affected by this and people we could see got the associated error message on their screens were also notified by email.

The problem

When you create a new account for ChatMDR, two things happen:

  • A login account is created in the Amazon cloud. This securely stores your email and password, for instance.
  • A subscription record is created with our payment provider Stripe. This is by default the ChatMDR Free plan, with 20 questions per month and GPT-3.5

The reason for this seemingly complex architecture is to ensure that none of your data is stored on the ChatMDR servers. There are too many stories in the world of data leaks. That is why password information is stored with Amazon and things like your credit card information with Stripe. We left these things to the people who do information security for a living.

Stripe connects back to Amazon and attaches the subscription to the user account. That is how ChatMDR knows how many questions you have left. However, due to a bug introduced in the most recent release of ChatMDR, the freshly created user account did not contain this information yet. At the risk of getting technical: after login, Amazon provides a token to your web browser. This token, like an entrance ticket to a museum, gives you access to the site every time you ask ChatMDR a question. In the case of the new user account, the token had already been ‘printed’, so to speak, before Stripe wrote the subscription data on it.

The solution

The problem could be resolved by logging out and back in, or simply by waiting. For security reasons, the token is refreshed every few hours. When a new token is issued, it does contain the Stripe information. Many users were eventually able to get up to speed with ChatMDR and have been using it ever since.

But for some, this was their first encounter with ChatMDR and not a very promising start. Our apologies to all those affected. As regulatory / software people, we have taken this piece of post-market surveillance into account and now know how to prevent it in the next release.

About that…next release with new features coming soon. Keep an eye on the newsletter!

If you encounter a problem with ChatMDR

Please reach out to us via the Contact Page!

Leave a Comment

Your email address will not be published. Required fields are marked *