It is not surprising that a large website like Facebook offers a two-step identification system. The concept is simple, to confirm that it is you trying to log in, you receive a confirmation code by SMS. The problem is that with Facebook this number can then be used by others.
Some consider that two-step authentication via SMS is not a particularly secure system, which is why services like Google offer alternative methods by default. Anyway, an extra security step on a popular site like Facebook is not in itself a bad thing, the problem is that the social media giant didn’t do things as it should (but we’ve been used to that for some time).
As Digital Trends points out, it also uses this number to target ads. It’s not pretty but it’s Facebook, and it’s pretty normal for today’s data harvesting scene. The real problem is mainly in the area of security.
When users enter their phone number to be able to use authentication, this number is obviously associated with Facebook, which allows everyone to search for a user via their phone number, the same number that was supposed to be used only for security purposes. In short, the number is associated with the account and anyone can find you.
“Facebook’s new search feature will allow fraudsters to use Facebook to verify the identity of phone users, even when Facebook users have hidden their number on their profile to avoid this,” as Breitbart indicates, the less security oriented users probably already have many elements of their public profile (date of birth, photos etc) visible, so the phone number is just added to the list.
Without necessarily wanting to be cynical, it would be interesting to see who is still surprised by this kind of stunt. Facebook has proven several times what it is capable of, including only reacting when the alarm siren is sounded.
What do you think? Do you still use Facebook?