This last week, we have reported Facebook, to stop the process of misusing with users personal phone numbers. But what we come to know is that Facebook has doubled this process of misusing users personal phone number. With the help of the mobile number of a user, which the user has provided in the two-factor authentication (2FA), anyone can find the user’s profile easily. Users who want 2FA to protect their profile or you can say account and get protected, Facebook is forcefully asking users to choose one between security and privacy.
During the process, the setting is available to choose from the three options whether, “everyone,” “friends of friends,” or “friends” can manage your phone number this way, there is no alternative to options out entirely.
This problem with Facebook’s personal phone number seems not to be a new feature. In April 2018, in the wake of the Cambridge Analytica scandal, Facebook has already told that they were going to disable the functionality. But luckily now, any of the users are not able to enter your personal phone number directly in the Facebook search bar to find any profile they want to find with the help of phone number. But still, they can able to use your personal phone number “in several ways, like when anyone updates your contact information to Facebook from their mobile phone,” A Facebook spokesman told USA Today, the several methods of doing so. Previously user has to enter your personal phone number in the Facebook search bar or into their phone contacts, the outcome is the same. Still, anyone can use your personal phone number to find your personal Facebook profile.
From then onwards, Facebook started asking page administrators to enable the two-factor-authentication. It is secure to think that numerous users have begun using the security feature and also marking of how Facebook misuse it. Although in May 2018, Facebook has stopped asking phone numbers for a two-factor-authentication response. As we know that for most of the users, two-factor-authentication can still be the most usable option.
As per the given reports, In response to a tweet by a page administrator looking to this serious issue, several numbers of people forced Facebook to respond to users issue and problems and media reports. Facebook’s reply is less than convincing.
One of the reports is given below:
When asked specifically if Facebook will allow users to users to opt-out of the setting, Facebook said it won’t comment on future plans. And, asked why it was set to “everyone” by default, Facebook said the feature makes it easier to find people you know but aren’t yet friends with.
A few years ago, several researchers from all around the world such as Northeastern University and Princeton University make known to others that the company has already using two-factor-authentication phone numbers—and even worse, “shadow” contact information that users never directly provide the company—for specific advertising.
After all, this happens, the scope of Facebook’s personal phone number looks like or you can say feel like more than average. In the opposition of users strong belief and security great practices, the main problem is, it is making users’ 2FA phone numbers visible by uncovering it. And not only to advertisers but also to normal users or you can say, regular users. Now, this issue is at high risk and it the last time when Facebook has to fix this issue or you can say fix this problem before many users profile are put at high risk. Facebook should never have made users personal phone numbers that were offered for security capable of being computationally searched by everyone in the first place.
Alex Stamos the chief security officer at Facebook also practiced in one of the tweets, and said: “Facebook can’t credibly require two-factor for high-risk accounts without segmenting that from search and ads.”
And now, Alex Stamos is an adjunct professor at Stanford University. In August 2018, he has left Facebook and from than Facebook has not hired any person for the position of a chief security officer.