Facebook Security

EVERYTHING YOU EVER WANTED TO KNOW AND M ORE ABOUT FACEBOOK SECURITY At Facebook, we take the privacy and safety of the people who use our site very seriously. Using a combination of technological innovations such as database checks and roadbloacks, as well as our dedicated staff, we're working 24/7 to ensure everyone's information is safe and secure. Facebook works to eliminate SECURITY STARTS HERE security threats and spam to keep your information secure. Social Authentication Login Approvals + Opt-in Only Facebook uses social authentication to If a user logs on using a new or verify your account. This system asks you to identify your friends based on pictures. This is unrecognized device, a required code will be sent to the user's mobile device, information that makes it incredibly hard for a hacker to gain access to your account and helps you access your account easily without you having to remember additional passcodes. If a login attempt for an unsaved device occurs, the userwill be prompted upon their next login to verify the login, LOG IN Log In ID Verification + Opt-in One Time Passv rds + Opt-in did you know? Every user creates a security question and Users can opt to receive a one time password (OTP) by sending a text to 32665 answer for their account. https:// A user can also add their mobile phone number to enable them to verify their identify through a text message. All logins are done through a secure connection. You can enable HTTPS for did you know? your entire Facebook experience from the Account Settings page. Facebook employs 300 full-time staff focused on security and safety. did you know? Session Classifier Facebook bans IPS, user accounts and apps that are reading public data too aggressively. This system uses location, device and other account details to verify every login (e.g. a California user suddenly accessing their account from Africa). did you know? Over tens of millions of dollars are dedicated to security infrastructure. ONLINE Photo DNA User Action Classifier Facebook maintains a blacklist database Identifies when users are Action from federal, state and international law acting maliciously or spammy. enforcement agencies of exploitative images. Each one of the 300 millions photos uploaded to the site each day is checked against this list. did you know? 4-7 million fans are on the Facebook security page sending messages on user education. LinkScanner Clickjacking Domain Reputation System All links are compared against Facebook's and other internet You see a link to an "outrageous video" off-site, but once you click it, it automatically publishes the fake link to your Wall! http:// OMG! http:// security companies databases of known spammy and malicious links;, users are notified if a match is found and the link is blocked from being shared. This behavior is a result of a browser bug, but Facebook is doing more to prevent this from occuring by taking steps like verifying suspected bad links before they're posted. did you know? did you know? Facebook scans 2 trillion Facebook blocks 210 million malicious link clicks per day. actions per day containing malicious links. Application Classifier Self-XSS Analyzes application behavior, and tries to decide if they are acting maliciously. Apps If you ever paste malicious code into you address bar, it can cause your browser to conduct unauthorized activity, such as posting status updates and sending mass spam messages. Facebook combats this by preventing code from being entered automatically, by using roadblocks forverification. did you know? Facebook will roadblock 250-6oo,000 accounts on any given day to help protect the integrity of the site. LOG OUT Log Out Suspected Hacking Remote Logout Users can manually shutdown Users who have forgotten to log out can check their login status and log themselves out remotely. Facebook sessions and reset their Log Out passwords if an unauthorized login is detected. Roadblock Guardian Angels Login Notifications If you lose access to your account or are having problems logging in, a code can be sent to your friends to help you get back into your account, You can pre-select these friends from the Account Settings page. Users get to approve the devices from which they log in. If your account is compromised by malicious software, Facebook will temporarily lock your profile and scan itwith security software, until your A notification can be sent if they have logged in from an unapproved device. account is certified clean. OFFLINE FACEBOOK KEEPS SPAM AT BAY Example Spam Attack 89% 4% Level of Spam versus Facebook Counter Measures 89.1% of email is spam. Less than 4% of content shared on Facebook is spam. .06% .5% 4 pm б рт 8 pm 10 pm As spam is reported by users, Facebook implements counter measures that significantly reduces the level of spam. Only.o6% of over 1 billion logins per day are compromised. Less than 5% of Facebook users experience spam on any given day. THE GROWTH OF FACEBOOK Facebook User Growth 750+ Million 800 M 50% 600 M 400 M Log on to Facebook in any given day Active Facebook Users Worldwide 200 M Active Users The average user has 130 friends. Dec 1, 2004 Jan 1, 2009 Jul 1, 2011 People spend over 700 billion 31 minutes per month on Facebook.