Facebook Gifts could encourage users to expose more private information
Security experts outline potential security and privacy risks posed by Facebook's new social gifting service
IDG News Service - Facebook Gifts, the new social gifting service launched by Facebook on Thursday, might encourage users to expose information like their home addresses, birth date, clothing or shoe size that could pose security and privacy risks, according to security experts.
Facebook used to have a Gift Shop application that allowed users to send virtual gifts in the form of images, but it was discontinued in August 2010. The revamped Facebook Gifts feature is the result of Facebook's May acquisition of mobile e-commerce app Karma and allows users to send physical gifts to their friends.
"Choose a gift, attach a card and send," Facebook said Thursday in an announcement on its website. "You can post your gift to your friend's timeline or send it privately. Your friend can then unwrap a preview of the gift and it will show up on their doorstep a few days later."
Facebook has partnered with many vendors in order to offer a large selection of gifts that includes stuffed animals, cupcakes, toys, coffee mugs, Starbucks gift cards and more. The company receives a percentage of every gift purchase.
Facebook Gifts will be rolled out gradually to users starting with those in the U.S, the company said. Users will have the option to send gifts from the birthday reminder panel on their news feeds or by clicking on a gift icon in a friend's timeline. The payment can be made before or after the intended recipient has accepted the gift.
Recipients will receive a notification when someone sends them a gift and can select the item's size, color or even swap it for another item of equal or lower price. They then have to input a delivery address or select from the ones already saved under their account.
The launch of the new Facebook Gifts service is good news for Facebook investors because it will provide the company with a new revenue stream and the feature might even prove popular with users in the long run. However, some security experts are concerned about its security and privacy implications.
"The amount of private data users are sharing on social networking sites already exceeds all security precautions," said Bogdan Botezatu, a senior e-threat analyst at antivirus vendor Bitdefender, via email Friday. "Making it so much easier for the user to add a number of addresses they can receive parcels at (including probably work or school addresses) would make it even easier for real-life criminals to gather information about a potential victim."
"The new information that might be shared by users is particularly dangerous in the case of account compromise," the Bitdefender security researcher said. Home addresses combined with other information commonly shared by users on Facebook like vacation dates, pictures of houses or news about recent high-value purchases, could make it very easy for burglars to select potential victims and plan raids, he said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Topic Center White Papers | Webcasts