Home / Tech / News / Facebook’s two-factor authentication system auto-posts replies on your profile

Facebook’s two-factor authentication system auto-posts replies on your profile

Facebook’s two-factor authentication (2FA) system has come under fire today for some bizarre design elements that seem to have gone largely unnoticed for quite some time. Bay Area software engineer Gabriel Lewis noticed earlier this week that Facebook was using the same phone number he used for 2FA, which offers a more secure way to log into an online account by asking for secondary confirmation of the user’s identity, to notify him about friends’ posts.

Even worse, it seems that replying to this message with any message, such as “Please stop,” auto-posts that message to your Facebook profile. (It doesn’t cause the messages to stop, either.) The Verge confirmed that this behavior occurs with any reply to a Facebook 2FA text message, and other users have popped up on Twitter to say both Facebook and Instagram have spammed them with notifications to their 2FA phone number. In Lewis’ case, he says he never opted in to notifications via text messaging in the first place.

Lewis’ case gained steam today when prominent technology critic and sociologist Zeynep Tufekci tweeted about it in a series of harsh criticisms of Facebook and its behavior regarding alleged “juicing” of its user engagement metrics:

There’s a legal layer to this situation, as well. Facebook is currently embroiled in a number of class-action lawsuits over alleged violations of the Telephone Consumer Protection Act, or TCPA, which states that no company may contact you via text without being given express permission first. In those past cases, Facebook was spamming users with birthday reminder text messages and other automated spam, even when users opted out of text message notifications or had never given Facebook their phone number.

It is unclear whether this more recent behavior is a bug, though the auto-posting feature certainly looks like one. If the company is indeed intentionally using 2FA phone numbers to lure users back to Facebook without getting those users’ express user consent, it could open the company up to lawsuits. Facebook has not yet responded to a request for comment.


Source link

Check Also

Apple devices at repair facility have called 911 over 1,500 times

Apple is working with local police to remedy a surge in unintentional emergency calls to …

Leave a Reply

Your email address will not be published. Required fields are marked *