Yesterday, Facebook cleared up the situation around the SMS notifications sent using the company’s two-factor authentication (2FA) system, stating that the messages were surely caused by a bug. In a blog post, Facebook Chief of Security Officer, Alex Stamos wrote that, the company says the error led it to “send non-security-related SMS notifications to these phone numbers.”
Facebook uses the automated number 362-65, or “FBOOK,” as its two-factor authentication number which is an assured way of confirming the identity of a user by sending a numeric code to a subaltern device say a mobile phone. However, it was that very number that happened to send notifications to Facebook users without their permission and when users attempted to put the SMS notification to a stop, the replies were posted on their Facebook profiles as status updates.
The problem which may have lasted for months or even longer than that was flagged by software engineer of Bay Area, Gabriel Lewi, who made a tweet about it earlier in the week. It was then that the eminent sociologist and critic of technology Zeynep Tufekci took advantage of the situation to criticize Facebook’s alleged unethical behavior with the thought that the 2FA notifications may have been an attempt by Facebook to encourage the engagement of users.
In the blog post, Alex Stamos apologized saying:
“I am sorry for any inconvenience these messages might have caused. We are working to ensure that people who sign up for two-factor authentication won’t receive non-security-related notifications from us unless they specifically choose to receive them, and the same will be true for those who signed up in the past.” “We expect to have the fixes in place in the coming days. To reiterate, this was not an intentional decision; this was a bug.”
Stamos further stated that an additional peculiarity in which responses to its 2FA number were automatically posted to a user’s Facebook timeline was an unintended consequence of the company holding on to an archaic SMS feature from the days before the smartphone, when SMS Facebook updating was more dominant. Stamos writes that, “This feature is less useful these days. As a result, we are working to deprecate this functionality soon.”