Archive for the ‘Privacy’ Category

What information about Facebook friends is shared during social login, and does it spam them?

August 20th, 2014

Will my friends get spam if I use Facebook social login? What information about my friends will be shared?   These questions come to many when faced with the Facebook login option on websites and captive portals. This post seeks to answer these questions from the technical standpoint.

Graph API is the Facebook’s API that enables apps to read and write to the Facebook social graph. The discussion here is with respect to the API version 2.0 (released in April 2014) and later versions. To leverage the Graph API, there first needs to be a Facebook app. The app can be easily created in any Facebook account from the menu options. By default, apps can access the social login user’s public profile, email and friends list in the Facebook social graph. For access to additional information, the app needs to go through review and vetting process with Facebook. For illustrative purposes, let’s take the example of a consumer facing business that creates an app called “Da Brand” with default access rights.


Da Brand

Facebook apps are accessed using the OAuth method from webpages and mobile apps that provide the Facebook login option. In our example, the website or the captive portal will have the Facebook login button that is linked at the back end to the “Da Brand” Facebook app created above. Visitors using the Facebook login option will be interacting with the Facebook social graph via the “Da Brand” app.

With this setup in place, let’s now look at the login workflow to understand what information about friends can actually be shared during the social login. In fact, there are multiple barriers during the actual login workflow that block access to the login user’s friends list.


Login User Side Control


When the user clicks on the Facebook login button on the webpage, he has the option to deselect the permission to share friends list. Deselecting this option prevents Facebook from sharing the login user’s friends list with the app. Here, the user also has the option to deselect permission to share his own email address – in which case even the login user will not be able to hear back from the brand.


Facebook permission picture


Network Side Control


In the OAuth method, the Facebook login widget on the webpage (“Client” in OAuth terminology) fetches information about the login user (“Resource Owner” in OAuth terminology) from the Facebook social graph (“Resource & Authorization Server” in OAuth terminology) and presents that information for analytics. Accordingly, the OAuth Client (Facebook login widget on the webpage) ultimately controls what kind of information is fetched and presented for analytics, within the confines of  what the app is configured to ask for and what the login user permits at login time.

For example, the social Wi-Fi login widget on AirTight’s cloud hosted captive portal does not present the friends list of the login user for analytics. This is because, the preferred way of using social Wi-Fi in the field is for one-on-one engagement with customers of the brand rather than to look into their friends list. This network side control is very effective in controlling the information sharing, as it transcends the app configuration and the end user actions.

Facebook Social login _ OAuth Client and Server


Social Graph Side Control


The Graph API version 2.0 has implemented another interesting behavior with respect to sharing friends list with apps, see Facebook Graph API version 2.1:

“This will only return any friends who have used (via Facebook Login) the app making the request”.


Take the example of login user (John) who has Bob and Alice as Facebook friends. Bob has previously used Facebook to log into the “Da Brand”, but Alice has never logged into the “Da Brand” before. In this case, if John permitted at login time and if the network side control allowed fetching the friends list, Facebook will provide Bob’s reference to the OAuth Client as John’s friend, since Bob has already opted into the same app. However, it will not provide Alice’s reference to the OAuth Client as she never logged into the “Da Brand” app.

This behavior provides assurance to Alice that her social handle will not be shared with the brand that she herself is not registered with, even if her friend John granted permission to share friends list at login time and even if the network side control supported fetching the friends list. Outside of the Wi-Fi use case, this new control in the Graph API has actually disappointed app developers, since many social apps on the web are designed to tap into the friends list to share with them or invite them to the user’s activity. For example, by prompting the user to share the game score by showing the user the entire friends list inline within the gaming app.

By virtue of the various technical controls described above, the social login user does not have to give away the friends list and thus friends’ information is insulated from the user’s social login activity. This also precludes the possibility of spamming the friends.

Hopefully this blog shed some light on the mechanics of friends list sharing during the social login process. Thanks to those who highlighted this issue about friends list sharing on social media, which provided inspiration for this blog.


Dale Rapp and Omar Vasquez  tweets on social-login


Social Wi-Fi Roundtable on Vimeo - vimeo


Related Information:


Related Videos:

Noodles Case Study WFD7

Drew Lentz WFD7 YouTube



Privacy, WiFi Access, Wireless Field Day , , , , , , , , , , , , ,

What is Driving Free Guest Wi-Fi?

May 9th, 2014

In the comments to my earlier blog post (Social Wi-Fi and Privacy: Keeping Balance in the Force), Dale Rapp correctly notes that brick and mortar stores can use social Wi-Fi and analytics as a way to compete with online commerce, where every click of the mouse is tracked and scrutinized.

It’s been my experience that many B&M stores begin their thinking on implementing Free Wi-Fi as simply for Free Wi-Fi’s sake – they recognize that their competitors are doing it and that more and more shoppers are using its presence as a deciding factor in where they spend their time; this creates the feeling of crap-we-need-to-do-this-too (and most people don’t like to feel that way).

New opportunities for engagement

Plain-vanilla Wi-Fi or social Wi-Fi? Savvy businesses pick social.

Plain-vanilla Wi-Fi or social Wi-Fi? Savvy businesses pick social.

It’s the savvy groups that recognize that their network can provide more than just Free Guest Wi-Fi; it’s a new opportunity to communicate directly with their visitors, one that takes advantage of the latest technologies and behaviors of modern consumers – and that’s the whole idea behind Social Wi-Fi.

Read more…

Privacy, Retail

Social Wi-Fi and Privacy: Keeping Balance in the Force

May 8th, 2014

I read with interest Lee Badman’s article in Network Computing: Social WiFi Sign-In: Benefits With A Dark Side. Despite the gloomy title, the article is a fair and balanced look at both benefits and privacy implications of social Wi-Fi.


Would you join a loyalty program to get a coupon?

Perfect timing, I said to myself. Facebook just announced that they will be adding new functionality to their OAuth capabilities which would allow users to access any service using Facebook OAuth anonymously. This is obviously in reaction to the ongoing privacy conversation across the entire Internet spectrum. And it just so happens that we at AirTight released a blog post about it on the same day as Lee Badman’s article ran: Facebook ‘Anonymous Login’: What Is the Impact on Social Wi-Fi? We’ve maintained since the beginnings that Social Wi-Fi should allow an anonymous path for any user who does not want to engage on social media.

Read more…

Privacy, Retail

Facebook ‘Anonymous Login’: What Is the Impact on Social Wi-Fi?

May 7th, 2014

Reporting from Facebook’s developer conference, CNET writes:

“The biggest news for Facebook’s 1.28 billion members is “Anonymous Login,” a twist on the standard Facebook Login option that gives people a way to try an app without sharing any of their personal information from the social network. The move addresses concerns about user privacy as Facebook seeks ways to encourage people to explore new apps.”

Note "Not so social?" option below the social login buttons.

Note “Not so social?” option below the social login buttons.

“Facebook says it’s testing the new log-in option with select developers,including Flipboard. That means you likely won’t see the black button in your favorite apps for several months.”

“The news aligns with one of the event’s broader themes around putting people first and giving them more control over their data. Zuckerberg expounded upon this notion of improving trust and getting people more comfortable with using Facebook in conjunction with third-party apps.”

How does this impact social Wi-Fi, and specifically social log-ins?

As it turns out, we at AirTight recognized early on that despite tremendous growth and acceptance of social media generally, it’s essential that users are provided a means to utilize Wi-Fi services anonymously.

Read more…

Privacy, Retail

Free Wi-Fi is a Win-Win for Retail Marketers and Customers

May 9th, 2013

by Lina Arseneault


Retailers have long battled the dual pressures of online shopping and congested marketing channels just to get people to walk through their door. Now showrooming has moved the war inside the store, as a fragile economy combined with the ubiquity of mobile devices has created a savvy new breed of consumers who use their smartphones and tablets to research products and prices while they browse the aisles. It’s like having scores of invisible competitors whispering in the ears of your hard won customers.

Fortunately, there’s a way to fight back, gain control of the conversation, and provide a deeper, more meaningful relationship with your customers, all while providing them with a service they’ve been asking for: free in-store Wi-Fi.

Read more…

Privacy, Retail , , , , ,

To shop or not to shop, in-store Wi-Fi is the answer to that question

April 22nd, 2013

By Lina Arseneault

Did you know that 80% of mobile consumers are influenced by in-store Wi-Fi as a factor in deciding where they shop?

In early 2013, IDC issued the updated version of its IDC Retail Insights report outlining the top 10 predictions for the world-wide retail industry.  One of the report’s authors is retail research director Leslie Hand.  She and I recently met at IDC’s Directions annual conference in Silicon Valley to discuss the recently published report.


Most of our discussion centered on the first four predictions from IDC’s top 10 predictions list.

IDC Retail Insights 2013 TOP 10 Predictions

  1. Omnichannel Retail Maturity Will Move from Foundation to Convergence and from Precision to Immersion
  2. Retailers’ Omnichannel Objectives Will Require Platform and Architecture Investments
  3. Retailers Will Invest in Customer Analytics, Merchandizing, and Marketing Technologies to Curate Commerce and Contextualize Communications
  4. Retailers Will Pivot Merchandizing and Marketing on Customer Analytics to Drive Revenue and Profit, Relevance and Reciprocity Being the Watchwords



RSR Research and AirTight Discuss the Benefits of In-store Wi-Fi

Webinar: Wi-Fi as a Competitive Retail Advantage | Date: April 30,2013 Time: 11 AM Pacific

Register for the webinar


Leslie and I agreed that consumers are forcing retailers to act faster than they traditionally have and that this type of pressure is only likely to increase.  Digital and physical interactions are increasingly intertwined and consumers are demanding that retailers engage with them on these terms.

Retailers are realizing that knowing more about their shoppers can be the key to building relationships and boosting sales.


Retail Motion Infographic

Retail Motion Infographic


80% of mobile consumers are influenced by in-store Wi-Fi as a factor in deciding where they shop


View our Retail Motion Infographic



Retailers serious about meeting the customer expectations challenge head on can make continuous nurturing refinements based on  retail analytics.  Savvy retailers will need to make the most of their Wi-Fi networks to not only drive sales but also to build up CRM programs.

Leslie and I rounded out our conversation by touching on AirTight’s experience in working with PinkBerry, the five year old Los Angeles based Brand best known for its highly popular handcrafted yogurt bar. Central to the PinkBerry promise is the belief in the power of human connection.  Accordingly, the driving force behind PinkBerry’s Wi-Fi deployment was the launch of The Pinkcard, PinkBerry’s loyalty program and mobile app; as well as requests from store customers and owners for Wi-Fi access services.  The company exceeded its three-month goals in just one month.

Pinkberry - AirTight case study




Read the PinkBerry case study




I can think of no better way to close our this blog post than by letting (virtual) Leslie Hand touch on the new retail paradigm and the opportunities it presents.

View the YouTube video, Mobility: The New Retail Paradigm by Leslie Hand.


Additional Information:

Note: A version of this blog was originally published as a guest post for the PurpleWifi blog.

Privacy, Retail , , , ,