Browse Prior Art Database

Method and System for Protecting Social Media Data from Unintended Third Party Access

IP.com Disclosure Number: IPCOM000241830D
Publication Date: 2015-Jun-02
Document File: 3 page(s) / 196K

Publishing Venue

The IP.com Prior Art Database

Abstract

A method and system is disclosed for protecting social media data from unintended third party access.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 48% of the total text.

Page 01 of 3

Method and System for Protecting Social Media Data from Unintended Third Party Access

Many social media vendors provide a Single-Sign-On (SSO) authentication service, in

which a third party web site asks a user to log in with social network identity and

password. The social network asks the user to grant access to the third party (e.g., emails, profiles) to gain access to certain user data. Users often trust the social network and mistakenly think the access is for the social network, or ignore more details in an authentication page, or are simply unaware. Consequently, even seasoned users may be unaware that the users are granting access to the social network data of the users to a third party which can use the data for other purposes. Incentives, such as sign-on coupons and discounts, make the situation even worse. Thus, there are high chances of potential data leakage in a social network through unintentionally granting access to a third party through the SSO with the social network. Many companies allow account linking to a social shopping cart. Thus, all user data, including shopping history, pricing, behavior, preferences, comments, can get exposed to any third party

without or with little awareness from users. In fact, many smart retailer stores use the data to capture deep customer insight from the social media. The data may also get into hands of a hacker to exacerbate the case.

Disclosed is a method and system for protecting social media data from unintended third party access. The method and system enables a user to define an additional security mechanism through data tagging, in addition to a traditional identifier (ID) and password, to control the access to user data. The data tagging can be applied to one or more of, but not limited to, a forum, a single message or picture. The additional security mechanism uses a communication channel. More secure channels, such as a user's devices that have been registered with the social media site, can be used to access all data in a social network. All data can include more sensitive data in a private

or more restricted area such as a family/relative group or community or private area. Less secure channels, such as channels used by marketing or automatic engines, can be used to access the data that is less secure. The data that is less secure can be the data in a professional forum or public community. The user can also alter security settings in a social media profile of the user to determine accessible data. The user can define the data as accessible based on the type of access channels being used.

Thus, the data tagging enables the user to tag the social data based on security requirement for that data. The tags can be configured such that a social media platform can understand and enforce the security of the data. The social media data is tagged using a well-defined security mechanism for accessing the data. The social network applies the mechanism to filter out the data fr...