Facebook-Integrated Apps Can Steal Your Data

— September 05, 2012

Privacy protection company secure.me is launching App Advisor, which has been designed to protect users from “data-hungry” apps that could compromise the security of personal and company information.

The secure.me solution safeguards Facebook users from social apps, that over-collect personal data, SPAM the friends networks of users and pose security risks. The company has analyzed app activities of 50 million Facebook users and more than 500,000 apps, and that analysis has been integrated in App Advisor.

“What many people aren’t aware of is that social apps linked to your Facebook can essentially track your life - your current location, your behaviors and who you interact with,” says Christian Sigl, founder of secure.me. “Your entire data halo that has accumulated around your online activities is given to every social app the instant they get access to your Facebook ID, regardless of your privacy settings.”

App Advisor’s browser extension provides users with transparency around an app’s data access and sharing habits before connecting a new app to the Facebook profile. Users will be warned as soon as a new app is connecting with their Facebook profile, whether it’s on Facebook or elsewhere on the internet while browsing. The browser extension, available for Safari, Firefox and Chrome browsers, helps protect users’ data before it is shared via Facebook.

The company has also created the App Security Network where users can get a full view of their apps’ data collection and activities and find out what data their social apps retrieve and which actions they perform.

Apps Post as You on Your Biz Page
Findings by secure.me indicate that more than two- thirds of the apps that integrate with Facebook have access of the user’s email address, while about 6 out of 10 can post on a user’s timeline without permission. This could be embarrassing and libelous for businesses using social media.

The access doesn’t just stop at the user, however; 21% of the apps surveyed can access personal data of the user’s friends, including birthdays, education and work history.

These findings are not exclusive to one operating system. ”Seven of the top 10 grossing iOS apps and six of the top 10 Android apps have integrated with Facebook and it’s notable that app providers have been able to collect user’s most sensitive data without any regulations so far,” Sigl notes.

With use of Facebook on mobile devices and the implementation of  BYOD policies on the rise, personal and even company data could become vulnerable due to unwanted app activity on an employee’s device an Sigl sees benefits in enterprise use.

He also believes that the date App Advisor reveals could force developers to create more secure Facebook-compatible apps.

Ranking Apps
secure.me uses a system of five reputation rank levels ranging from very poor (red) to very high (green). The reputation levels are influenced by three factors including Facebook permissions, app behavior and user rating:

  1. Facebook permissions: Shows the user in detail which data an app retrieves and which activities it can perform on the user’s profile and in its friends network.
  2. App behavior: Points out how an app behaves. For instance, the user will learn whether an app sends unwanted emails or posts in the user’s name; highlights if an app includes malware or adult content.
  3. User rating: Utilizes valuable recommendations and reviews of millions of users to provide Facebook members with transparency around the experience others made with an app.

POST A COMMENT

comments powered by Disqus

RATE THIS CONTENT (5 Being the Best)

12345
Current rating: 0 (0 ratings)

MOST READ STORIES

topics

Must See


FEATURED REPORT

Mobile Risk: Security Is Not a Game

IDC predicts 2 billion mobile devices will be shipped by 2017, while Gartner expects a 26 billion Internet of Things installed base (excluding smartphones and tablets) by 2020. With more devices, more machines, more connectivity comes more risk.