Nav: Home

Design could help Facebook members limit security leaks

December 04, 2011

A sign-up interface created by Penn State researchers for Facebook apps could help members prevent personal information -- and their friends' information -- from leaking out through third-party games and apps to hackers and identity thieves.

When Facebook members sign up for apps developed by third-party companies, they may not know that these apps are sometimes overriding their global settings on privacy preferences and information sharing, said Heng Xu, assistant professor of information sciences and technology.

"One illusion is that people think that they have set global privacy settings, so it's secure," said Xu. "But the broken element is in the third-party applications that people use to play games and interact in different ways with each other on Facebook."

Members who sign up for an app must agree to new terms of information disclosure that are often different from their main Facebook privacy settings when they sign up for an app, Xu said. The sign-up screen currently is a general agreement that shows information third-party developers are requesting. If the member does not agree, the member cannot use the app.

The screen designed by the researchers allows members to decide what types of information they are comfortable sharing and with whom they want to share it.

Xu, who worked with Na Wang, doctoral candidate, and Jens Grossklags, assistant professor, both of information sciences and technology, designed two alternative third-party privacy agreement screens to clearly show members what data and privacy details they agree to share with the developer.

The researchers, who presented their findings today (Dec. 4) at the Association for Computer Machinery Symposium on Computer Human Interaction for Management of Information Technology, Boston, asked a group of Facebook members to try two app sign-up page designs, a single-color scheme and one that used three colors -- green, yellow and red -- to designate critical information. The design also features three boxes to offer members the option to share their app activity history with all the members of their network, just specific people, or keep all of the information private.

Of the 11 participants, all said that improving the security and privacy of the sign-up pages is important. Six of the testers preferred the multiple-colored scheme to the monochromatic version.

Privacy settings allow members to determine how much information the member wants to display or share with their members of their network and Facebook. This data can include birthdate, hometown and current city, as well as pictures the members uploaded to their pages.

Members may not consider data like hometown or birthdates vital information, but Xu said that hackers can use such information to guess social security numbers.

Xu said that people may not even know that they may expose their friends' personal data if they use apps. A calendar app, for example, could allow developers to access the member's birthdate, as well as the birthdate of friends who are part of the member's network.

"Some people may know that they are allowing these companies to access their data," Xu said. "However, they might not know that their info will be leaked through their friends, use of games and other applications on Facebook."

According to Xu, many Facebook app developers try to make money from their games and tools by selling or sharing the data with advertisers and other companies.

"The only way to find out how the information is going to be used is to go to each app's website and review the terms of use," Xu said. "And many people won't do that."
-end-
The National Science Foundation supported their work.

Penn State

Related Facebook Articles:

Depressed by Facebook and the like
Great holiday, fantastic party, adorable children, incredible food: everyone shows their life in the best light on social networks.
Can Facebook improve your mental health?
Contrary to popular belief, using social media and the internet regularly could improve mental health among adults and help fend off serious psychological distress, such as depression and anxiety, finds a new Michigan State University study.
How stress leads to Facebook addiction
Friends on social media such as Facebook can be a great source of comfort during periods of stress.
The dead may outnumber the living on Facebook within 50 years
New analysis by academics from the Oxford Internet Institute (OII), part of the University of Oxford, predicts the dead may outnumber the living on Facebook within 50 years, a trend that will have grave implications for how we treat our digital heritage in the future.
Facebook is free, but should it count toward GDP anyway?
A new study by MIT researchers puts a dollar value on all those free digital goods people use, and builds the case that online activity can and should become part of GDP some day.
More Facebook News and Facebook Current Events

Best Science Podcasts 2019

We have hand picked the best science podcasts for 2019. Sit back and enjoy new science podcasts updated daily from your favorite science news services and scientists.
Now Playing: TED Radio Hour

Erasing The Stigma
Many of us either cope with mental illness or know someone who does. But we still have a hard time talking about it. This hour, TED speakers explore ways to push past — and even erase — the stigma. Guests include musician and comedian Jordan Raskopoulos, neuroscientist and psychiatrist Thomas Insel, psychiatrist Dixon Chibanda, anxiety and depression researcher Olivia Remes, and entrepreneur Sangu Delle.
Now Playing: Science for the People

#537 Science Journalism, Hold the Hype
Everyone's seen a piece of science getting over-exaggerated in the media. Most people would be quick to blame journalists and big media for getting in wrong. In many cases, you'd be right. But there's other sources of hype in science journalism. and one of them can be found in the humble, and little-known press release. We're talking with Chris Chambers about doing science about science journalism, and where the hype creeps in. Related links: The association between exaggeration in health related science news and academic press releases: retrospective observational study Claims of causality in health news: a randomised trial This...