Thursday, April 19, 2018

Risk of Logging in with Facebook

As a society, we would like to do everything in the most convenient way and that's great most of the time. Until we realize that Google and Facebook know so much about us that we might not even really know about ourselves. 

We all have used The Login with Facebook feature to log in to services, such as Airbnb, Spotify, etc. Fakebook's API allows users to carry parts of their profile information to other websites and apps. According to a new research from Princeton University, using the Facebook login feature on lesser known websites could cause security risks. From this study, it seems like some third party tracking scripts have the capability to scoop up information from Facebook's login API without users knowing. This, for the most part, is because most users have an invisible tracking ecosystem around them in the web without their knowledge. Most of the scripts the researchers examined grab a user ID that is unique to that website, as well as the person's name and email. But the problem is, using Facebook's API, you could easily link that unique ID to someone's Facebook profile.

After Princeton published this report, a Facebook spokesperson said in a statement that scraping Facebook user data is in direct violation of their policies and they Facebook will suspend this ability. Princeton has identified seven different scripts that are capable of pulling information from Facebook's login.


To sum up, if you want to avoid your data from being collected in the way described above, be careful using Facebook's universal login feature on sites you might not visit often, or ones where the functionality doesn't necessarily make using a site more convenient. In addition, installing a trusted ad blocker could also help avoid many tracking scripts from accessing any information about you. 

Source: https://www.wired.com/story/security-risks-of-logging-in-with-facebook/

No comments: