Although fun and interesting, quizzes on Facebook have the potential of releasing your personal information to companies.
FIU SCIS PhD students Sajedul Talukder, Mozhgan Azimpourkivi, and Georges Kamhouaalong along with CaSPR Labs showed NBC 6 News exactly what happens when you want to take a quiz that tells you what Disney character your most like.
In order to take part, users generally have to allow applications access to their Facebook information. Often the quiz won’t work without these requested permissions. Some apps allow you to choose which info you’re willing to share. If you’re lucky, you’ll be able to give up as little information as possible and still be able to play the game. By default, Facebook’s privacy settings let applications access information on your profile even if you have restricted access to a specific network or friend group. In addition, Facebook’s default settings allow applications run by your friends to pull information from your profile.
“Like – you are doomed. Because they got all of your data here,” FIU student Sajedul Talukder said on NBC 6 News segment “The Darker Side of that Online Quiz”.
Personal Pictures, birthdays, vacations, anniversaries and interests are all part of the data that get collected and transmitted to companies via Facebook quizzes. By giving quiz companies permission on Facebook, you are giving them the power to access your information. To stop companies from collecting future information, you can simply delete the app. However, you must contact the company directly to get rid of any information they have already collected.
“You need to be more cautious about the applications you choose to use,” FIU student Mozhgan Azimpourkivi said. Ms. Azimpourkivi was recently featured for her novel on custom two-factor authentication (2FA) system called Pixie that relies on users taking a photo of a personal object.
The Cyber Security and Privacy Research (CaSPR) Lab develops efficient solutions to ensure a trustworthy use of mobile and social networks. Problems of interest include online service fraud and abuse, mobile authentication, social media validation, and cryprocurrencies.