Facebook-Integrated Apps Can Steal Your Data

— September 05, 2012

Privacy protection company secure.me is launching App Advisor, which has been designed to protect users from “data-hungry” apps that could compromise the security of personal and company information.

The secure.me solution safeguards Facebook users from social apps, that over-collect personal data, SPAM the friends networks of users and pose security risks. The company has analyzed app activities of 50 million Facebook users and more than 500,000 apps, and that analysis has been integrated in App Advisor.

“What many people aren’t aware of is that social apps linked to your Facebook can essentially track your life - your current location, your behaviors and who you interact with,” says Christian Sigl, founder of secure.me. “Your entire data halo that has accumulated around your online activities is given to every social app the instant they get access to your Facebook ID, regardless of your privacy settings.”

App Advisor’s browser extension provides users with transparency around an app’s data access and sharing habits before connecting a new app to the Facebook profile. Users will be warned as soon as a new app is connecting with their Facebook profile, whether it’s on Facebook or elsewhere on the internet while browsing. The browser extension, available for Safari, Firefox and Chrome browsers, helps protect users’ data before it is shared via Facebook.

The company has also created the App Security Network where users can get a full view of their apps’ data collection and activities and find out what data their social apps retrieve and which actions they perform.

Apps Post as You on Your Biz Page
Findings by secure.me indicate that more than two- thirds of the apps that integrate with Facebook have access of the user’s email address, while about 6 out of 10 can post on a user’s timeline without permission. This could be embarrassing and libelous for businesses using social media.

The access doesn’t just stop at the user, however; 21% of the apps surveyed can access personal data of the user’s friends, including birthdays, education and work history.

These findings are not exclusive to one operating system. ”Seven of the top 10 grossing iOS apps and six of the top 10 Android apps have integrated with Facebook and it’s notable that app providers have been able to collect user’s most sensitive data without any regulations so far,” Sigl notes.

With use of Facebook on mobile devices and the implementation of  BYOD policies on the rise, personal and even company data could become vulnerable due to unwanted app activity on an employee’s device an Sigl sees benefits in enterprise use.

He also believes that the date App Advisor reveals could force developers to create more secure Facebook-compatible apps.

Ranking Apps
secure.me uses a system of five reputation rank levels ranging from very poor (red) to very high (green). The reputation levels are influenced by three factors including Facebook permissions, app behavior and user rating:

  1. Facebook permissions: Shows the user in detail which data an app retrieves and which activities it can perform on the user’s profile and in its friends network.
  2. App behavior: Points out how an app behaves. For instance, the user will learn whether an app sends unwanted emails or posts in the user’s name; highlights if an app includes malware or adult content.
  3. User rating: Utilizes valuable recommendations and reviews of millions of users to provide Facebook members with transparency around the experience others made with an app.

POST A COMMENT

comments powered by Disqus

RATE THIS CONTENT (5 Being the Best)

12345
Current rating: 0 (0 ratings)

MOST READ STORIES

topics

Must See


FEATURED REPORT

Who Owns Mobility

Less than one decade ago, smartphones and tablets changed workplace technology—virtually overnight. IT lost "control" and users became decision makers. Is it any wonder we are still trying to figure things out, and that the question of  "who owns mobility" remains? This research examines the current state of mobility in an attempt to answer that question.