Facebook is set to stop using member’s phone numbers when recommending friends after a number of concerns were raised against their privacy implications. Despite this, Facebook admitted to have fed the numbers into targeted advertising and friend recommendations system. With the new system, friends can choose to have a code sent to their registered mobile phones when logging into their accounts. This action is aimed at making things hard for hackers after an increase in cases of cyber security. The company plans to have completed the new changes during 2020 as part of a settlement with US regulators.
To enhance security, most social media networks are now offering two-factor authentication commonly referred to as two-step authentication. Thanks to this security measure, hackers tend to find it hard in breaking into an online account as they need both the password and a one-off code, which is sent to the account holder’smobile phone. However, security researchers and privacy advocates have criticized this systemsaying the practice was deceptive and could erode trust in two-factor authentication.
People You May Know option by Facebook is designed to identify people you wish to add to your friends list. To make this possible, the option relies on a number of signals to work out perfectly. Among the most notable signals used include having lots of mutual friends on Facebook, being tagged in a photo together, being in the same “network” to mention a few. However, Facebook and messenger can still collect contact information from the address book of your smartphone. This means they can easily identify people who have your number in their address book thus encouraging them to add you as a friend. Actually, they relied on phone numbers provided for two-factor authentication in making these changes.
Facebook is set to make this change as part of a $5bn settlement with the US Federal Trade Commission (FTC). The company will stop using the numbers for friend suggestions in Ethiopia, Cambodia, Pakistan and Libya in the next few days. On the other hand, any person who has already set up two-factor authentication will have to disable it first.