Comment on Norwegian government to set 15-year age limit for using social media
01189998819991197253@infosec.pub 3 weeks agoIf truly masked, it might be fine. But the site has to gather that data in order to append it to the API call and it, therefore, mean that they could keep it (even of they actually may not). There are ways around it, such as with session tokens passed between the social media’s page and the bank’s official API page. But, knowing fb, they won’t use the latter.
InverseParallax@lemmy.world 3 weeks ago
Obviously not, it’s like Google authentication , you log into a site, doesn’t mean the site can see your Gmail.
01189998819991197253@infosec.pub 3 weeks ago
It depends how it’s implemented. If they implement correctly, then you’re right. But not all do. That’s a fact that bit me in the arse once, and I no longer use those features for lack of trust.