Facebook patching Android app to halt unauthorized phone number collection


Facebook (NASDAQ:FB) said it is working to patch its Android social networking application to halt the unauthorized collection of user phone numbers.

Last week, security software firm Symantec reported that its new Norton Mobile Security solution for Android automatically flagged the Facebook app because it leaks device phone numbers. "The first time you launch the Facebook application, even before logging in, your phone number will be sent over the Internet to Facebook servers," Symantec said. "You do not need to provide your phone number, log in, initiate a specific action or even need a Facebook account for this to happen. According to Google (NASDAQ:GOOG) Play, hundreds of millions of devices have installed the Facebook application and a significant portion of those devices [is] likely affected."

Facebook confirmed the existence of the security flaw to The Huffington Post and said it was likely introduced in a February 2013 Android app update. "We thank Symantec for bringing it to our attention," a Facebook spokesperson said. "We've fixed it in the next version of the app, which is available for anyone to download as a beta today." Facebook adds that it did not "use or process the numbers in any way," and that the data has been deleted from its servers.

Last week, Facebook unveiled a new public testing program enabling opt-in consumers to trial beta versions of the Android app prior to general release, a move to generate feedback across an array of operating system versions and device form factors. "This new tool will help us get performance data and feedback from more people ahead of release across a wider range of devices and versions of Android," explained Facebook for Android Product Manager Ragavan Srinivasan. "The ultimate goal of the program is to release updates to Facebook for Android that are more reliable and better performing."

Upon joining the Facebook beta program, users will receive a small batch of fixes and new features every month. Facebook asks that they submit reports when they encounter bugs or other issues. The social network is also creating a group to host active Android beta discussions and provide a forum for feedback and sharing updates. To join the program, click here.

Facebook for Android is the most downloaded application on Google Play. The social network's total mobile monthly active users eclipsed desktop users earlier this year and reached 751 million in the first quarter of 2013, a year-over-year increase of 54 percent. Facebook's mobile-only MAUs also increased to 189 million, up from 157 million in the previous quarter.

For more:
- read this Huffington Post article
- read this Symantec Official Blog post

Related articles:
Facebook recruits Android users for app beta testing program
Facebook finally launches hashtag support
Facebook dumping half of ad units to eliminate redundancies
Facebook: Mobile now generates 30 percent of advertising revenues 
Facebook: Mobile users outnumber Web users