This post is also available in: Slovenian
Facebook changing the use of its platform to external sites and applications. For some time now FB can be used over HTTPS if we want, at the end of the year it will be accessed only over HTTPS to Facebook and its related applications for greater security.
Many users data leaked to others already, because of the poor security in FB authentication via HTTP which they then can use for their own purposes, mainly of a commercial nature.
Timeline migration to HTTPS and OAuth 2.0:
- 1. September, all applications needs authentication must use OAuth 2.0
- 1. October, the iframe applications must use SSL access
OAuth 2.0 is an open standard, which was created along with Yahoo, Twitter, Google and others; use a secure https connection to the web pages and applications. For safer platform Facebook has teamed with Symantec s, for better intrusion and spam prevention.
This means that all those who have a FB page and edit t he specific welcome page and others, must obtain the SSL certificate. SSL certificate cost about 30 $ per year or have pages through special services.Again a lot of work for developers and they put in a bad mood the owners of the FB pages too, since they only recently had to move from the use of FBML to the iframe.
Do not think that Facebook started to take action because the recent spam or because it’s concerned to keeps users’ privacy, but because the outflow of information about users to thirds, reducing its profit. These so easily obtained data wants to keep for themselves and gets as much money as it can from user data.