ISA 2011: Live-Blogging Growth and Monetization on Mobile Social Platforms
In our fourth panel of the day, Matthaus Krzykowski is moderating a panel on the growth and monetization of mobile platforms. The panelists: Martin Essl, Strategic Software Partner Management, Sony Ericsson Anil Dharni, Co-Founder, Funzio; Founder, Storm8 Jason Oberfest, VP Social Applications, ngmoco:) (now part of DeNA) Asokan Thiyagarajan, Dir. of Platforms & Tech. Strategy, [...]

In our fourth panel of the day, Matthaus Krzykowski is moderating a panel on the growth and monetization of mobile platforms.

The panelists:

Martin Essl, Strategic Software Partner Management, Sony Ericsson
Anil Dharni, Co-Founder, Funzio; Founder, Storm8
Jason Oberfest, VP Social Applications, ngmoco:) (now part of DeNA)
Asokan Thiyagarajan, Dir. of Platforms & Tech. Strategy, Samsung
Matthaeus Krzykowski, Founder, Xyologic

The live transcript (paraphrased in parts and edited for brevity)

JO: The platforms are just in different stages of evolution. If there are a hundred million devices, there’s definitely a smaller footprint. We’re making a bet, long-term, that we’re at a special point in time. Unlimited data plans may be coming, localization, and the capability and usability of these devices being where we can build what we want to. Those things combining we think will create an unbelievable growth period for mobile.

AD: The more you spend, the costlier it gets. The flipside of this on the mobile side, what we noticed is, there’s so much inventory coming in, and so many free to play games coming in, that the cost of user acquisition is not scaling up, and you can have a business model to support that. Today, if I had to have a model of what it looks like on Facebook for the next six months, it’s hard to estimate that. The window on mobile is predictable right now, but it might change in the next six months to a year. I think the time right now is pretty good.

MK: Tell me about 2010. How does your job change this year?

AT: We announced two big things last year. One was social hubs. Today, you take an app-based approach. If you want to call a friend from an app, you have to go back to your contacts. What we did is, you can link in your contacts to various other apps. If a friend calls in and he posted something on Facebook about being in Dallas, it can show that. So you bring in a seamless, integrated experience. The second thing we did was bring in the media hub, where we allow users to download full-length movies on Samsung handsets. The idea is to move them across devices.

MK: That was 2010, right? How big will all this be this year, what are you working on?

AT: Last year a lot of work was done on things done from the handset, getting data in. We’re trying to see how we can best optimize data usage on the handset. Moving to a model where we’re pushing data in a very optimized way. Because of this model, let’s say you’re getting data from five networks at once. So we’re working to get 80 to 90 percent optimization of the data coming into the handset. This is good for both operators and users. For the user, it’s the battery. Last year I carried two or three batteries with me.

MK: Martin, the App Store came along and your job became obsolete, right?

ME: I don’t think obsolete, and I think the device manufacturers are underestimated in many ways. At Sony Ericsson, we’re looking at what else we can do for developers — tutorials, SDKs, we provide additional hardware features that may allow new usage features. We can promote you in different channels.. we’re not so much interested in pre-loading anymore, by the time we have a phone in the market, the apps could be obsolete.

MK: Can you elaborate on deep integration:

ME: Deep integration is something you’d see much more going forward. That doesn’t mean you’re replicating what Facebook does, but that you’re utilizing Facebook’s social graph. We want to surface features much better for the user. Another thing is that we’re doing a lot of marketing, for Foursquare for example, and integrating that..

MK: How do you feel about Android?

JO: We’re very excited about Android. We see it as a big growth opportunity — we’re happy with the devices, with the distribution, and how the content looks on the devices. There’s no doubt that you need good acquisition channels.

MK: Why do you need to connect Facebook to Android?

AD: There’s a short term take and a long term. DeNA and Ngmoco are long-term, and that makes sense. But if you’re acquiring a lot of users on Android, they may not be paying much. You may need backers. The real winners will be those that time it right, and there’s still room for new winners to come into the market. In terms of social, we actually haven’t seen much success with people who have apps on the iOS and try to force users to connect with Facebook. You can look at any of the apps that have Facebook integration and look at their reviews — people are just bitching about being connected to Facebook. People on the iPhone hate when that’s the only option. I’d say, if you’re thinking about it, fine, but it doesn’t have to be in version one of your apps.

JO: You have to enable users to source relationships and contacts from where they want to do that. There are certain games and apps that lend themselves to it. In other games, it’s much more about meeting someone for the first time in the context of the game. It’s a question of good product design.

MK: I think there’s a consensus that the most important thing Facebook has done is single sign-on. You have companies like Loopt where Facebook is giving a userbase and you innovate on top of that. How big is Facebook single sign-on for you?

AT: My take on it is that it’s still in its infancy. We don’t see mobile as just Facebook. We see it in other segments as well. There could be other social networking taking place in other parts of the world — in Korea there are other things going on. We don’t see Facebook as the single conduit for single sign-on. But we are following trends in the market pretty closely, and will make some decisions in time.

JO: Facebook has done a good job of providing the platform in a more granular way. Facebook may be a good source of contact information, and free-to-play game is an ongoing relationship with the user and having the ability to contact them is important. In some cases it may make sense to use Facebook as that channel.

AD: All I’d add is the game perspective. For games, I think the analogy is very similar to why real-time interactions on Facebook don’t work, they’re not online at the same time and probably don’t want to play the same games you do. I’ve got a million people available, but how many have an iPhone and Facebook at the same time? Suddenly the userbase shrinks. It’s just an add-on.

ME: We understand that Facebook isn’t strong in every market, but we do see in Sony Ericsson’s markets that Facebook is usually the primary network. To me, it’s not a question of who is the social network, Facebook is the social layer that’s on top of everything. For our devices, they’ll all come with Facebook single-sign on pre-loaded. In the next couple months you’ll see it coming.

MK: Let’s talk about why that’s relevant.

ME: We encourage developers by promoting Facebook single sign on so when a user authorizes it, they don’t have to enter a username and password anymore.

MK: [What about the Playstation phone?]

ME: I can’t comment on that.

MK: Give me some examples of what you’re working on and the coolest use-cases you see.

AT: There are multiple touch-points in a connected home, so we’re looking at use cases. Let’s assume you’re driving your kids and they’re watching a movie. You reach home, turn off the movie, and turn on your TV to watch it there. You bring your tablet with you, and say, here you go — it’s streaming from the tablet to the TV. Getting a bit more social, let’s say you’re landing in an airport and want to tell your wife you’re coming home. So you can say you want to share your location for the next hour, and she can turn on the TV and see exactly where you are. (Audience laughter.) I know there are a lot of discussions around privacy, but these are the use cases. Let’s say you’re watching TV and the washer finishes its cycle, it could tell the TV. And social dating applications, based on your profile, where you are and what you’re doing, location-based dating is possible. What we’ve been trying to see is to make sure this integration becomes seamless.

Audience question: You see a lot of companies going from Facebook to mobile — when do the mobile companies take their apps to Facebook?

JO: All of the new game tech we’re building is on the idea that you build a single codebase for multiple distributions. We’re ready for that today.

Audience question: We’ll have all these access points — what are the opportunities or risks based on designing your game for a particular access point? Not just that it’s a bigger screen, as with a computer or iPad over the mobile device.

AT: The first thing is, I deal with a lot of developers on a day to day basis. Data has become very big in 2010 in the US. If you’re building a data-intensive app and take it to the Asian market, it’s not going to work. You need to be careful to make sure you’re targeting the right audience. If you don’t do that, you might make a good solution without any takers.

ME: Basically you need to understand the market you’re going into — demographics, context and the device you’re targeting.

Audience question: Do the lack of in-app payments in Android account for its lack of success?

JO: Yes, it does…

MK: I think that 98.4 percent of all downloads on Android are free now, so everyone is waiting for in-app purchases.

Audience question: You said it seemed like common sense that user acquisition would run into a barrier in six months, what will make that happen?

AD: I think as more and more advertisers come into the space, there’s only so much of a pool on these devices. There will be a place where Android will start slowing. It’s exactly what has happened on Google Ads and Facebook — when that happens, the economics will change, and I think that’s six months to a year away.

Audience question: I don’t think Flash will work on mobile, so what path should Facebook developers take to mobile devices?

JO: We’ve addressed that by focusing entirely on Javascript as a development environment. We were unsatisfied with where HTML5 is today, it’s not comparable to the experience in native UIs, so we’ve built a framework that plugs into the native UI.

AD: Don’t let that slow you down. There are enough genres that you can succeed with just HTML and Javascript, and there are companies that have been successful with that. You can look at with the space and figure out where you need to go native, and where you can do HTML / Javascript.

Audience question: Have you seen any example of a title that has crossed over between mobile and Facebook?

AD: I don’t think anyone has proved that it works. They’ll be successful on just one platform. The audience is different, the play style is different and usage patterns, the genres that succeed on Facebook might not on mobile and vice versa. That’s why we started Funzio, to prove that it can work.

Audience question: What kind of technology can you recommend for mobile to make a social experience less intrusive?

JO: I think it just depends on asking for the right amount of information that’s in context of what the user’s expectation is. Facebook, for example, gives you a lot of flexibility in how you use their platform. A lot of people don’t think about that as much as they could, and optimize for it. A lot of it is about compulsion loops and the user understanding why you want them to do things.

Audience question: Will the Facebook app itself be pre-loaded on Sony Ericsson devices?

ME: Yes, that’s what it means, and we’ll incentivize users to sign in with things you’ll see coming later this year.

Audience question: How many devices have you sold?

ME: I think we sold nine million Android devices last year. Sony Ericsson isn’t that big in the US yet, so it’s something we’ll have to fight for.

Will Facebook battle Skype, Google Voice with VoIP calling?
Facebook has remained mum on the subject of the alleged Facebook phone, but a photo has surfaced revealing the website’s interest in other areas of communication. Multiple sources have spotted what looks like a calling function on the site.

Facebook Offers Protection Against Wireless Firesheep Attack
Facebook is rolling out a more secure way to connect to its website, which will protect users from a widely publicized wireless networking attack called Firesheep.

Facebook Combats Image of Insecurity with HTTPS and Social Authentication
Facebook officially launched two security features this morning. The new Secure Browsing (https) feature gives user the option of accessing Facebook over an encrypted, albeit slower connection that prevents others on the same network from eavesdropping. Developers can now set up a secure canvas URL to allow HTTPS connection to their apps. Social Authentication protects [...]

Facebook officially launched two security features this morning. The new Secure Browsing (https) feature gives user the option of accessing Facebook over an encrypted, albeit slower connection that prevents others on the same network from eavesdropping. Developers can now set up a secure canvas URL to allow HTTPS connection to their apps. Social Authentication protects users from suspicious login attempt to their account by forcing the person trying gain access to identify that user’s friends in photos.

The features will help keep users in control of their personal information and should increase trust in Facebook, though early tests of Social Authentication have occasionally locked legitimate owners out of their accounts.

This year, Facebook has been accused of putting users at risk of spam and malware despite implementing many new security features including security questions, one-time use passwords, and remote log-out. It responded to a flurry of criticism about how already public User IDs were being shared with third-party applications by implementing the iFrame Post Proposal that encrypts the IDs. Today’s announcement should help Facebook combat the exaggerated perception of insecurity that the media has propagated.

Secure Browsing (https)

Over the next few weeks, Facebook will roll out Secure Browsing (https) as an opt-in option users can enable from within Account->Account Settings->Account Security. When enabled, users will see a green bar or lock icon on their browser’s address bar, and all of a user’s communication with the site will be encrypted. Note that Facebook already encrypts logins, but Secure Browsing will keep data like Messages private.

The feature is designed to keep user information safe while they’re browsing over a public network. Facebook recommends “enabling this option if you frequently use Facebook from public Internet access points found at coffee shops, airports, libraries or schools.” It will also protect users from software and browser extensions like Firesheep that let others on the same Wi-Fi network spy or identify another user’s cookies.

Developers who wish to serve their canvas iFame applications over a secure connection can specify a Secure Canvas URL in the Facebook Integration tab of the Developer app. If a user with Secure Browsing enabled visits an app without a Secure Canvas URL, they’ll be shown a warning that they’ll be switched from HTTPS to HTTP. Developers should therefore provide this URL as not to scare away users concerned about security.

Social Authentication

If Facebook detects a suspicious login attempt, such as one coming from Australia when the user had logged in from the U.S. just hours ago, it will trigger Social Authentication. The person trying to gain access to the user’s account will be shown a set of pictures of one of that user’s friends. They’ll have to identify the friend by choosing between six names, try refreshing to see a different set of photos, or skip the question. Five correct answers are required to regain access to the account, though its unclear how many wrong answers or skipped questions are permitted.

Facebook has been testing this alternative to CAPTCHA since at least July with mixed results. As users aren’t always identifiable from their photos, some legitimate owners were locked out of their accounts because they couldn’t identify childhood or costumed Halloween photos of friends. Some users have many friends who they hardly know, such as people they’ve friended through social games. A few found it impossible to identify these people, and were prevented from accessing Facebook for months.

Some of these issues appear to have been addressed in this official version of Social Authentication. The photos appear to hone in on the friend’s face, similar to Facebook’s facial recognition photo tagging feature, meaning users likely won’t be asked to identify photos that don’t show the friend’s face at all. Users can also refresh to a different set of photos if the initial set isn’t adequate. To solve the social gaming friends issue, hopefully Facebook will only require users to identify the close friends who they most frequently interact with.

There are ways to thwart Social Authentication. If a user has set their friend list to be visible to the public, or they’ve given photos and friend list access to a third-party application that then sells this information to hackers, the data could be used to pass the test.

Improved Security with Fewer False Positives

Facebook explains that, “hackers halfway across the world might know your password, but they don’t know who your friends are.” If this latest set of efforts can both improve security without accidentally blocking legitimate logins and can dispel the perception that Facebook isn’t protecting users, it will be able to refocus attention on its innovations.

Facebook Boosts Security with Encryption, ‘Social Authentication’
Facebook on Wednesday introduced two new security features, including the option to encrypt your Facebook session at all times and an easier account authentication process.

Facebook Tests Voice Chat, Could the Facebook Phone Run on VoIP?
Facebook has been spotted testing a new voice chat feature. There are few details at the time, but it appears users experiencing the test see a “Call” button next to options to Chat, Message, and Poke on the profiles of friends. When pressed, users see a “Calling [friend's name]” dialog pop up. The Call feature [...]

Facebook has been spotted testing a new voice chat feature. There are few details at the time, but it appears users experiencing the test see a “Call” button next to options to Chat, Message, and Poke on the profiles of friends. When pressed, users see a “Calling [friend's name]” dialog pop up.

The Call feature could be a build out of Facebook’s partnership with Skype that brought the ability to browse the social network to the the Skype 5.0 for Windows VoIP app. However, no Skype branding appeared in test, so Facebook might be working on voice chat independently.

Facebook recently removed a job posting for a Network Engineer – Voice, meaning it has likely hired someone for the position. This employee could be helping develop the feature, or could simply be managing an internal phone system for Facebook offices.

Native web voice chat could pull business away from mobile operators, as users wouldn’t need to reach for their phones to call friends. The feature could also position Facebook to offer its own mobile handset that makes VoIP calls. COO Sheryl Sandberg has previously said “we want to make Facebook available everywhere on every device. That’s actually complicated in a world of so many cell phones, so many mobile operators.” If voice chat can be perfected on the web interface, it could eventually allow a Facebook phone to bypass the tangle of mobile operators.

ISA 2011: Live-Blogging Growth and Monetization on Mobile Social Platforms
In our fourth panel of the day, Matthaus Krzykowski is moderating a panel on the growth and monetization of mobile platforms. The panelists: Martin Essl, Strategic Software Partner Management, Sony Ericsson Anil Dharni, Co-Founder, Funzio; Founder, Storm8 Jason Oberfest, VP Social Applications, ngmoco:) (now part of DeNA) Asokan Thiyagarajan, Dir. of Platforms & Tech. Strategy, [...]

In our fourth panel of the day, Matthaus Krzykowski is moderating a panel on the growth and monetization of mobile platforms.

The panelists:

Martin Essl, Strategic Software Partner Management, Sony Ericsson
Anil Dharni, Co-Founder, Funzio; Founder, Storm8
Jason Oberfest, VP Social Applications, ngmoco:) (now part of DeNA)
Asokan Thiyagarajan, Dir. of Platforms & Tech. Strategy, Samsung
Matthaeus Krzykowski, Founder, Xyologic

The live transcript (paraphrased in parts and edited for brevity)

JO: The platforms are just in different stages of evolution. If there are a hundred million devices, there’s definitely a smaller footprint. We’re making a bet, long-term, that we’re at a special point in time. Unlimited data plans may be coming, localization, and the capability and usability of these devices being where we can build what we want to. Those things combining we think will create an unbelievable growth period for mobile.

AD: The more you spend, the costlier it gets. The flipside of this on the mobile side, what we noticed is, there’s so much inventory coming in, and so many free to play games coming in, that the cost of user acquisition is not scaling up, and you can have a business model to support that. Today, if I had to have a model of what it looks like on Facebook for the next six months, it’s hard to estimate that. The window on mobile is predictable right now, but it might change in the next six months to a year. I think the time right now is pretty good.

MK: Tell me about 2010. How does your job change this year?

AT: We announced two big things last year. One was social hubs. Today, you take an app-based approach. If you want to call a friend from an app, you have to go back to your contacts. What we did is, you can link in your contacts to various other apps. If a friend calls in and he posted something on Facebook about being in Dallas, it can show that. So you bring in a seamless, integrated experience. The second thing we did was bring in the media hub, where we allow users to download full-length movies on Samsung handsets. The idea is to move them across devices.

MK: That was 2010, right? How big will all this be this year, what are you working on?

AT: Last year a lot of work was done on things done from the handset, getting data in. We’re trying to see how we can best optimize data usage on the handset. Moving to a model where we’re pushing data in a very optimized way. Because of this model, let’s say you’re getting data from five networks at once. So we’re working to get 80 to 90 percent optimization of the data coming into the handset. This is good for both operators and users. For the user, it’s the battery. Last year I carried two or three batteries with me.

MK: Martin, the App Store came along and your job became obsolete, right?

ME: I don’t think obsolete, and I think the device manufacturers are underestimated in many ways. At Sony Ericsson, we’re looking at what else we can do for developers — tutorials, SDKs, we provide additional hardware features that may allow new usage features. We can promote you in different channels.. we’re not so much interested in pre-loading anymore, by the time we have a phone in the market, the apps could be obsolete.

MK: Can you elaborate on deep integration:

ME: Deep integration is something you’d see much more going forward. That doesn’t mean you’re replicating what Facebook does, but that you’re utilizing Facebook’s social graph. We want to surface features much better for the user. Another thing is that we’re doing a lot of marketing, for Foursquare for example, and integrating that..

MK: How do you feel about Android?

JO: We’re very excited about Android. We see it as a big growth opportunity — we’re happy with the devices, with the distribution, and how the content looks on the devices. There’s no doubt that you need good acquisition channels.

MK: Why do you need to connect Facebook to Android?

AD: There’s a short term take and a long term. DeNA and Ngmoco are long-term, and that makes sense. But if you’re acquiring a lot of users on Android, they may not be paying much. You may need backers. The real winners will be those that time it right, and there’s still room for new winners to come into the market. In terms of social, we actually haven’t seen much success with people who have apps on the iOS and try to force users to connect with Facebook. You can look at any of the apps that have Facebook integration and look at their reviews — people are just bitching about being connected to Facebook. People on the iPhone hate when that’s the only option. I’d say, if you’re thinking about it, fine, but it doesn’t have to be in version one of your apps.

JO: You have to enable users to source relationships and contacts from where they want to do that. There are certain games and apps that lend themselves to it. In other games, it’s much more about meeting someone for the first time in the context of the game. It’s a question of good product design.

MK: I think there’s a consensus that the most important thing Facebook has done is single sign-on. You have companies like Loopt where Facebook is giving a userbase and you innovate on top of that. How big is Facebook single sign-on for you?

AT: My take on it is that it’s still in its infancy. We don’t see mobile as just Facebook. We see it in other segments as well. There could be other social networking taking place in other parts of the world — in Korea there are other things going on. We don’t see Facebook as the single conduit for single sign-on. But we are following trends in the market pretty closely, and will make some decisions in time.

JO: Facebook has done a good job of providing the platform in a more granular way. Facebook may be a good source of contact information, and free-to-play game is an ongoing relationship with the user and having the ability to contact them is important. In some cases it may make sense to use Facebook as that channel.

AD: All I’d add is the game perspective. For games, I think the analogy is very similar to why real-time interactions on Facebook don’t work, they’re not online at the same time and probably don’t want to play the same games you do. I’ve got a million people available, but how many have an iPhone and Facebook at the same time? Suddenly the userbase shrinks. It’s just an add-on.

ME: We understand that Facebook isn’t strong in every market, but we do see in Sony Ericsson’s markets that Facebook is usually the primary network. To me, it’s not a question of who is the social network, Facebook is the social layer that’s on top of everything. For our devices, they’ll all come with Facebook single-sign on pre-loaded. In the next couple months you’ll see it coming.

MK: Let’s talk about why that’s relevant.

ME: We encourage developers by promoting Facebook single sign on so when a user authorizes it, they don’t have to enter a username and password anymore.

MK: [What about the Playstation phone?]

ME: I can’t comment on that.

MK: Give me some examples of what you’re working on and the coolest use-cases you see.

AT: There are multiple touch-points in a connected home, so we’re looking at use cases. Let’s assume you’re driving your kids and they’re watching a movie. You reach home, turn off the movie, and turn on your TV to watch it there. You bring your tablet with you, and say, here you go — it’s streaming from the tablet to the TV. Getting a bit more social, let’s say you’re landing in an airport and want to tell your wife you’re coming home. So you can say you want to share your location for the next hour, and she can turn on the TV and see exactly where you are. (Audience laughter.) I know there are a lot of discussions around privacy, but these are the use cases. Let’s say you’re watching TV and the washer finishes its cycle, it could tell the TV. And social dating applications, based on your profile, where you are and what you’re doing, location-based dating is possible. What we’ve been trying to see is to make sure this integration becomes seamless.

Audience question: You see a lot of companies going from Facebook to mobile — when do the mobile companies take their apps to Facebook?

JO: All of the new game tech we’re building is on the idea that you build a single codebase for multiple distributions. We’re ready for that today.

Audience question: We’ll have all these access points — what are the opportunities or risks based on designing your game for a particular access point? Not just that it’s a bigger screen, as with a computer or iPad over the mobile device.

AT: The first thing is, I deal with a lot of developers on a day to day basis. Data has become very big in 2010 in the US. If you’re building a data-intensive app and take it to the Asian market, it’s not going to work. You need to be careful to make sure you’re targeting the right audience. If you don’t do that, you might make a good solution without any takers.

ME: Basically you need to understand the market you’re going into — demographics, context and the device you’re targeting.

Audience question: Do the lack of in-app payments in Android account for its lack of success?

JO: Yes, it does…

MK: I think that 98.4 percent of all downloads on Android are free now, so everyone is waiting for in-app purchases.

Audience question: You said it seemed like common sense that user acquisition would run into a barrier in six months, what will make that happen?

AD: I think as more and more advertisers come into the space, there’s only so much of a pool on these devices. There will be a place where Android will start slowing. It’s exactly what has happened on Google Ads and Facebook — when that happens, the economics will change, and I think that’s six months to a year away.

Audience question: I don’t think Flash will work on mobile, so what path should Facebook developers take to mobile devices?

JO: We’ve addressed that by focusing entirely on Javascript as a development environment. We were unsatisfied with where HTML5 is today, it’s not comparable to the experience in native UIs, so we’ve built a framework that plugs into the native UI.

AD: Don’t let that slow you down. There are enough genres that you can succeed with just HTML and Javascript, and there are companies that have been successful with that. You can look at with the space and figure out where you need to go native, and where you can do HTML / Javascript.

Audience question: Have you seen any example of a title that has crossed over between mobile and Facebook?

AD: I don’t think anyone has proved that it works. They’ll be successful on just one platform. The audience is different, the play style is different and usage patterns, the genres that succeed on Facebook might not on mobile and vice versa. That’s why we started Funzio, to prove that it can work.

Audience question: What kind of technology can you recommend for mobile to make a social experience less intrusive?

JO: I think it just depends on asking for the right amount of information that’s in context of what the user’s expectation is. Facebook, for example, gives you a lot of flexibility in how you use their platform. A lot of people don’t think about that as much as they could, and optimize for it. A lot of it is about compulsion loops and the user understanding why you want them to do things.

Audience question: Will the Facebook app itself be pre-loaded on Sony Ericsson devices?

ME: Yes, that’s what it means, and we’ll incentivize users to sign in with things you’ll see coming later this year.

Audience question: How many devices have you sold?

ME: I think we sold nine million Android devices last year. Sony Ericsson isn’t that big in the US yet, so it’s something we’ll have to fight for.

Will Facebook battle Skype, Google Voice with VoIP calling?
Facebook has remained mum on the subject of the alleged Facebook phone, but a photo has surfaced revealing the website’s interest in other areas of communication. Multiple sources have spotted what looks like a calling function on the site.

Facebook Offers Protection Against Wireless Firesheep Attack
Facebook is rolling out a more secure way to connect to its website, which will protect users from a widely publicized wireless networking attack called Firesheep.

Facebook Combats Image of Insecurity with HTTPS and Social Authentication
Facebook officially launched two security features this morning. The new Secure Browsing (https) feature gives user the option of accessing Facebook over an encrypted, albeit slower connection that prevents others on the same network from eavesdropping. Developers can now set up a secure canvas URL to allow HTTPS connection to their apps. Social Authentication protects [...]

Facebook officially launched two security features this morning. The new Secure Browsing (https) feature gives user the option of accessing Facebook over an encrypted, albeit slower connection that prevents others on the same network from eavesdropping. Developers can now set up a secure canvas URL to allow HTTPS connection to their apps. Social Authentication protects users from suspicious login attempt to their account by forcing the person trying gain access to identify that user’s friends in photos.

The features will help keep users in control of their personal information and should increase trust in Facebook, though early tests of Social Authentication have occasionally locked legitimate owners out of their accounts.

This year, Facebook has been accused of putting users at risk of spam and malware despite implementing many new security features including security questions, one-time use passwords, and remote log-out. It responded to a flurry of criticism about how already public User IDs were being shared with third-party applications by implementing the iFrame Post Proposal that encrypts the IDs. Today’s announcement should help Facebook combat the exaggerated perception of insecurity that the media has propagated.

Secure Browsing (https)

Over the next few weeks, Facebook will roll out Secure Browsing (https) as an opt-in option users can enable from within Account->Account Settings->Account Security. When enabled, users will see a green bar or lock icon on their browser’s address bar, and all of a user’s communication with the site will be encrypted. Note that Facebook already encrypts logins, but Secure Browsing will keep data like Messages private.

The feature is designed to keep user information safe while they’re browsing over a public network. Facebook recommends “enabling this option if you frequently use Facebook from public Internet access points found at coffee shops, airports, libraries or schools.” It will also protect users from software and browser extensions like Firesheep that let others on the same Wi-Fi network spy or identify another user’s cookies.

Developers who wish to serve their canvas iFame applications over a secure connection can specify a Secure Canvas URL in the Facebook Integration tab of the Developer app. If a user with Secure Browsing enabled visits an app without a Secure Canvas URL, they’ll be shown a warning that they’ll be switched from HTTPS to HTTP. Developers should therefore provide this URL as not to scare away users concerned about security.

Social Authentication

If Facebook detects a suspicious login attempt, such as one coming from Australia when the user had logged in from the U.S. just hours ago, it will trigger Social Authentication. The person trying to gain access to the user’s account will be shown a set of pictures of one of that user’s friends. They’ll have to identify the friend by choosing between six names, try refreshing to see a different set of photos, or skip the question. Five correct answers are required to regain access to the account, though its unclear how many wrong answers or skipped questions are permitted.

Facebook has been testing this alternative to CAPTCHA since at least July with mixed results. As users aren’t always identifiable from their photos, some legitimate owners were locked out of their accounts because they couldn’t identify childhood or costumed Halloween photos of friends. Some users have many friends who they hardly know, such as people they’ve friended through social games. A few found it impossible to identify these people, and were prevented from accessing Facebook for months.

Some of these issues appear to have been addressed in this official version of Social Authentication. The photos appear to hone in on the friend’s face, similar to Facebook’s facial recognition photo tagging feature, meaning users likely won’t be asked to identify photos that don’t show the friend’s face at all. Users can also refresh to a different set of photos if the initial set isn’t adequate. To solve the social gaming friends issue, hopefully Facebook will only require users to identify the close friends who they most frequently interact with.

There are ways to thwart Social Authentication. If a user has set their friend list to be visible to the public, or they’ve given photos and friend list access to a third-party application that then sells this information to hackers, the data could be used to pass the test.

Improved Security with Fewer False Positives

Facebook explains that, “hackers halfway across the world might know your password, but they don’t know who your friends are.” If this latest set of efforts can both improve security without accidentally blocking legitimate logins and can dispel the perception that Facebook isn’t protecting users, it will be able to refocus attention on its innovations.

Facebook Boosts Security with Encryption, ‘Social Authentication’
Facebook on Wednesday introduced two new security features, including the option to encrypt your Facebook session at all times and an easier account authentication process.

Facebook Tests Voice Chat, Could the Facebook Phone Run on VoIP?
Facebook has been spotted testing a new voice chat feature. There are few details at the time, but it appears users experiencing the test see a “Call” button next to options to Chat, Message, and Poke on the profiles of friends. When pressed, users see a “Calling [friend's name]” dialog pop up. The Call feature [...]

Facebook has been spotted testing a new voice chat feature. There are few details at the time, but it appears users experiencing the test see a “Call” button next to options to Chat, Message, and Poke on the profiles of friends. When pressed, users see a “Calling [friend's name]” dialog pop up.

The Call feature could be a build out of Facebook’s partnership with Skype that brought the ability to browse the social network to the the Skype 5.0 for Windows VoIP app. However, no Skype branding appeared in test, so Facebook might be working on voice chat independently.

Facebook recently removed a job posting for a Network Engineer – Voice, meaning it has likely hired someone for the position. This employee could be helping develop the feature, or could simply be managing an internal phone system for Facebook offices.

Native web voice chat could pull business away from mobile operators, as users wouldn’t need to reach for their phones to call friends. The feature could also position Facebook to offer its own mobile handset that makes VoIP calls. COO Sheryl Sandberg has previously said “we want to make Facebook available everywhere on every device. That’s actually complicated in a world of so many cell phones, so many mobile operators.” If voice chat can be perfected on the web interface, it could eventually allow a Facebook phone to bypass the tangle of mobile operators.

Share on Facebook