Users have begun to feel that Facebook, the 800-million-user network is not taking privacy seriously enough. The problem is in the way application developers can access information about Facebook users with the possibility of unauthorised password changes.  Considering the amount of time users spend interacting with their network on Facebook, this could snowball into major identity theft issues.

To filter and modify user information stored in the site’s database, Facebook applications employ FQL, a special query language, which is accessible to just about anyone. While extracting email addresses needs a unique API key, a lot of other private information can easily be accessed without these limitations. According to hackers, getting an API key is not rocket science. A programmer with bad intentions can get, and misuse, an API key easily for an app in development which can access a lot of data during this stage. But it seems that hackers do not have to go through the trouble to get an API key to get hold of sensitive data. All they have to do is install a legit app on their profile and use its key to query information with different IDs. This can access information shared by users within their friends’ network. Scary? Yes, very.

If you think Facebook’s security team would spot this misuse quickly, yes they would. But by this time, hackers would have already picked up what they want and disappeared. In spite of being notified about this, Facebook continues to claim that everything on the site is working as intended. Hackers, however, disagree since APIs can be queried directly. While application analysis based on velocity is fine for worms and malware, a hacker can easily attack a single user.

Facebook’s app platform has always posed security risk. Recently, IDG News Service reported that Antivirus vendor Trend Micro has detected a drive-by download attack on Facebook that used malicious advertisements to infect users with malware.  That it does not require user action renders it more dangerous.

In the last week of September 2011, Facebook made changes to the way information is stored on the site, following issues with users being tracked even after they signed out from the network.

Facebook also announced changes geared to increase interaction between users that took privacy and security to new levels.  This raises some serious concerns, naturally. According to Bitdefender, these are:

• Facebook’s smart lists will encourage users to share their info publicly, making it indexable laying it open to attack. Think 800 million users.
• Hijacked accounts are reported on Facebook all the time and now, there will be more spambots as well with the subscribers feature, just like Twitter. While Facebook is taking steps, security is not being adequately addressed.
• While the Facebook timeline is great in terms of usability, whatever a user shares on Facebook is there for the whole world to browse and see. This means friends, photos, places, and everything.
• Health information you share is set to public by default
• Widgets translate to spam and savvy developers know exactly what to do with them and social media scammers can easily exploit these.

How can you protect yourself on Facebook?

One simple way is to go to your account settings and manage your privacy, changing the default public setting on most features into how you want to share them. Be alert to what you “like” on Facebook. One common threat is “likejacking” which tricks users into posting status updates for pages unintentionally.  Facebook is a happy breeding ground for third-party app developers. Since Facebook cannot keep track of these, the onus of protection lies with the user. Security experts advise keeping your software up to date and disabling the Java plug-in from your browser since most attacks are Java based. Use antivirus programs that can scan web traffic and warn you of attacks.

At the time of writing this, Facebook is being investigated by the Irish data protection commissioner about the way it handles user data across Europe and the report will be available by the end of this year. The social networking giant is also under pressure in the US as the Federal Trade Commission might audit the website following complaints about privacy issues.

Mobile marketing is increasingly becoming a part of the marketing mix, thanks to its ability to keep the user engaged and increase sales. With developing technologies, mobile marketing offers great opportunities to track the results of different marketing campaigns.  As part of an integrated strategy, mobile coupons are among the most successful tools that help leverage mobile marketing.  Since it’s easy to implement, monitor and track, mobile coupons score over their paper version in several ways.

A mobile coupon can be defined as an instrument with a designated monetary value, and allows the consumer to redeem it and receive a discount or a special offer on a specific product or service. These coupons are usually distributed to mobile users via text messages as well as other media as numeric or alpha numeric codes and they can be redeemed digitally, unlike their paper counterparts which involves manual processing.

In contrast to the paper version, mobile coupons are received and stored on a mobile phone or a computer which makes mobile coupons easier and quicker to distribute. They can be published across various online or print media. Mobile coupons can be delivered in 1D or 2D barcode format, but because they need scanners which involve the use of hardware and software at the point of sales, many marketers still prefer to text them to users.

Rate of redemption

Mobile coupons offer a high rate of redemption when they are distributed based on research and matched to customer profiles. They are measurable and as a result, the ROI of the coupon campaign can be accurately measured based on the goals set. Every marketer would like to get the maximum return on investment on any promotional campaign.

Easier distribution and cost-effective

Mobile coupons are digitally distributed to the users’ mobile phones and cost of distribution usually covers the cost of messaging.

Redeemable instantly

The mobile coupon can be quickly validated at the point of sale based on the availability of the product on which the coupon is valid.

Facilitates data collection

With mobile coupons, it is easy for marketers to collect market data helping them create customer profiles and study their behaviour while tracking the coupon from where it was distributed and where and when it was used. This is useful in calculating ROI and devising ways to engage the customer better.

With the above in mind, there are several types of mobile marketing campaigns where you can use mobile coupons, as they can be incorporated into other marketing channels to get the best benefit. Have you used mobile coupons as part of an integrated marketing strategy? Let us know in the comments.

Soon you may find yourself carrying a much slimmer wallet, without all those bulky cards as your mobile phone could replace them.  The mobile phone, also referred to as the “digital wallet” is set to transform the way we transact, by enabling payments directly from your phone.

For the user, it is always convenient to have a choice of payment methods, since it means more loyalty programs and consequently more benefits, while resulting in increased sales for the marketer. A quick look at NFC World, reveals that some of the top NFC enabled phones will also have a digital wallet where you can add your various bank cards and loyalty cards to give you the best mobile payment experience.

What about safety?

Naturally, as with any online payment method, adequate precautions must be taken to ensure that mobile payments are safe.  One way is using a secure digital wallet app, certified by your credit card issuers. Digital wallets are considered safe as they eliminate the possibility of someone memorising your credit card number and misusing it. Since the payment transaction happens between two computers, unless the right things are said, it cannot go through. Other ways to keep your mobile phone safe are setting a password, as you would with any account, keeping your software up to date, getting a security app, and being discreet when you download anything, as a rule. It is also advisable to pay attention to the list of permissions each time an app is downloaded.

How successful the mobile wallet is likely to be

Mobile banking will certainly be safer than credit cards. The mobile wallet will require the user to enter a pin number each time they use it to make a payment, to make it more secure. Perhaps the biggest obstacle in rolling out the digital wallet concept is convincing people about the safety of their transactions via a mobile phone. Although most people do not hesitate to use their credit cards, they are nevertheless nervous about using their mobile phones to transact. The first adopters of digital wallets will obviously be those who are already technology savvy.

Digital wallets, will, however, become popular, especially if issued and endorsed by the user’s bank. Mobile payments will likely follow the same trend as debit cards and online payments in terms of usage. Initially, users were skeptical about giving up sensitive information online, but today, online payments are quite common and considered more secure, reliable and convenient.

It is certainly advantageous to be able to carry less cash and credit or debit cards around, as it minimises the risk of stolen cards and all the damage control that follows. While nothing is 100% secure, with digital wallets, data encryption software could facilitate secure transactions over wireless networks. This is safer than credit cards being swiped without verification. Mobile payments will also require logging in with a password into the digital wallet app, adding to the security aspect.  On the flip side, there are the additional user charges the user will incur, along with the frustration of unstable wireless connections. Google has already begun rolling out its digital wallet in a phased manner and it is only a matter of time before mobile payments will become a way of life.