Back to News for Developers
Deprecating support for FB Login authentication on Android embedded browsers
We have been monitoring an uptick in phishing attempts on Android embedded browsers (also known as webviews), so beginning in August, we will no longer support FB Login authentication on Android embedded browsers. Prior to this date, we will continue to prevent access to Facebook Login on embedded browsers for certain users we deem high-risk in an effort to prevent malicious activity.
If your app currently surfaces Facebook Login on an embedded browser on Android, you should ensure you are using the SDK, have updated to version 8.2+, and remove any overrides in Login Behavior during login (i.e., using LoginBehavior.WEB_VIEW_ONLY). If your app is using version 8.2+ of the SDK, we utilize several methods to authenticate the user through other methods — including options like sending a push notification to verify the user’s identity (a.k.a. “Passwordless flow”) or asking the user to complete the login in the Chrome browser (Chrome Custom Tabs) or Facebook Android app (a.k.a. Android App Switch). In addition to being a more secure option, these alternative authentication methods also improve the user experience and increase conversion rates, as the user will no longer need to manually enter their password to log in.
Despite this approach, there may be some cases where we’re unable to authenticate users through alternative methods, in which case the user will be blocked from logging in on an Android webview. In this case, we recommend users use another device to log in.
We appreciate your partnership as we continue to invest in platform security.
Since 2013, Facebook Connectivity, together with our partners, has accelerated people’s access to a faster internet around the world. Currently, over 300M people have benefited from better infrastructure, network analytics, or access technologies. We have accomplished this thanks to strong partnerships and innovative technologies, such as: Our first-ever transatlantic, 24-fiber-pair subsea cable system will connect…
Today we are releasing Facebook SDK v12.0 and additional updates to our Facebook Platform SDKs. This post outlines these updates and the required steps developers should take to avoid disruption for their applications that integrate with Facebook. Here is a quick overview of some of the updates included as part of the SDK v12.0 release:…
This article was written in collaboration with Hasnain Lakhani, a software engineer at Facebook. For today’s interview, we have Hasnain Lakhani who is a software engineer on the product security team at Facebook. Specifically, Hasnain’s team works on dynamic analysis through building large-scale fuzzing infrastructure and tooling. While working on this team, Hasnain has been…
Starting November 1, we’ll host daily Live Shopping experiences on Facebook and Instagram with brands like Benefit Cosmetics, Cocokind, Macy’s, Paintbox Nails, Tanya Taylor, Ulta Beauty, Vuori and Walmart to educate shoppers and share exclusive deals. We’re bringing back #BuyBlack Friday to highlight Black-owned businesses and are providing weekly #BuyBlack collections on Facebook and Instagram.…