Ex-Facebook Security Chief Slams its Phone Number Look-Up Feature

Adjust Comment Print

He also revealed that the company shares 2FA phone numbers with its other platforms, like WhatsApp and Instagram.

But, it was not previously clear that this also includes numbers provided to the site only for security reasons.

Facebook confirmed phone numbers may be used to inform ads personalization.

"In April 2018, we removed the ability to enter another person's phone number or email address into the Facebook search bar to help find someone's profile". He explained in a series of tweets that Facebook lets its users decide if their phone numbers can be used this way by everyone, friends of friends, or friends.

The setting, available in the "Privacy" tab, is set to "everyone" by default and you'll have to change it to "friends" or "friends of friends".

"It's obvious that if you are providing a number for 2FA (which is a standard practice) that the number wouldn't be used for other purposes without consent", said Marty Puranik, cybersecurity expert and CEO of Atlantic.Net, a cloud computing and hosting services provider.

Tap that, and you'll have the option for Everyone, Friends of friends, or Friends. The fact that users' phone numbers can now be used to look up profiles, even if they weren't registered on Facebook, has caused severe unrest among its user community.

Donald Trump Blasts 'Bullsh*t' Investigations and 'Collusion Delusion' at CPAC
Trump has repeatedly slammed the Mueller investigation as a "witch hunt" and insisted there was "NO COLLUSION" with Russian Federation .

Last year, it was discovered that the social network was allowing advertisers to target users by uploading information which Facebook could match against a phone number.

'Now it can be searched and there's no way to disable that'. He tweeted highlighting Facebook's privacy setting that doesn't have any feature to completely hide the phone numbers. And, you can't opt-out.

Anyone on Facebook can search for you using your number by default, but you can limit it to friends of friends or just your friends.

"For years Facebook claimed that adding a phone number for 2FA was only for security", he said via Twitter. On desktop, navigate to Settings Security & Login and click "Edit" next to Use two-factor authentication.

But according to Burge, this addendum only came within the last few months.

So, as you can see, it's very hard to avoid giving Facebook your phone number when everyone from advertisers to high school besties can upload it to the social network with a few taps. But two words - "and more" - that fail to disclose what the company might actually be doing with your personal invitation is just like the problems tech companies including Facebook have run into with Terms of Service: they're technically covered, but don't actually provide clarity or control to users.