Facebook App Authorisation – Can We Steal Your Content?

By March 3, 2010January 19th, 2015No Comments

1. fab2-580x286

Facebook is getting saturated with various apps, the majority either mindless variants of farm, pet or city growing, or tiresome surveys/quizzes.

That’s why we jumped at the opportunity to create an application that can have impact in the real world. ”Giving Nature a Voice” is a Facebook based multi-petition application for Forest & Bird New Zealand. Their first petition was to encourage people to speak up and help prevent more mining of our conservation areas. 

There are existing Facebook petition apps about (eg; Causes), but they are all bloated with unnecessary extra features and weren’t able to be branded as tightly as Forest and Bird required. A custom solution was the best course forward, not only as we could design as we saw fit, but so we could learn what makes Facebook apps tick.

For obvious security reasons, Facebook has locked down how apps work – you have to authorise them before you can use them. The issue with this for app creators is conversion rates  – a user may see a Wall post that interests them, like the one below:

2. fab

But when they click it, they get a scary looking dialogue:

3. access-580x243

This is immediately a barrier to users, many will leave the application at this point, as it seems too intrusive and they are worried that their personal information will be mined and used for dubious purposes. The recent Facebook wall spam issues won’t help to change attitudes here and I predict that its going to get progressively more difficult to use this part of the API as a way to make an app more viral. In our case we were seeking to present the user with a simple way to send the petition on to their friends.

So what is the solution? I wouldn’t suggest getting rid of the warning – it’s there for a good purpose, to prevent dodgy apps from collecting all your personal information.

There are two tactics that can be used:

1. Link users to the Facebook App Page rather than directly to an App. Pages require no security to access, and its very easy for someone to become a fan of a page. Another bonus here is the speed of setting up a page, less than 10 minutes in most cases – so a topical subject can have its own page within a few minutes of the news breaking. Add the app later to the page for more interactivity.

2. You don’t have to ask users access unless you’re actually using their Facebook data. Facebooks calls these Public Canvas Pages

Here’s the base link for our app:

You can visit this link without even being signed into Facebook. As soon as you click one of the petitions however, authorisation is required as the app needs it to see if your friend have signed, to post to your wall, etc.

Leave a Reply