Bugs hit Facebook application verification program

The special badge for approved applications isn't showing up in the directory's search results

Facebook's Application Verification Program, controversial due to its concept of charging developers to have their applications certified as "trustworthy," has run into technical problems.

Announced in November and launched on Wednesday, the program has system bugs that are preventing developers from reaping some benefits of having paid to have their applications reviewed and approved.

In a thread on the official Facebook developer forum, developers who shelled out the US$375 review fee began reporting a variety of system problems on Wednesday.

In that same thread, Facebook on Thursday afternoon acknowledged that at least three of the bugs reported exist and that the company is working to fix them.

For example, the special green checkmark that denotes verified applications' special status isn't appearing in the Applications Directory search results. Consequently, without that special badge, the applications look no different from those posted by developers who didn't pay for the verification.

In addition, some developers are reporting that they can't submit their applications for review because the link to do so doesn't work, another bug Facebook has acknowledged exists for some applications.

Another bug Facebook has acknowledged is that the boost in user notifications and requests that verified applications get isn't always showing up in the developer's control panel stats.

Other developers complained in the thread that they couldn't find their applications at all-- green checkmark or not -- although this may be due to the way the Facebook algorithms work in displaying certain applications to certain people and not others.

The program became instantly controversial when it was announced in November because critics said developers shouldn't have to pay to have their applications labeled "trustworthy." They argued that it should be up to Facebook to ensure that applications built for its site comply with this requirement.

In response, Facebook has said that, in fact, all of the more than 52,000 applications on its platform must comply with requirements and policies that make them trustworthy. The Application Verification Program, which is optional, gives developers a chance to make their applications stand out by adopting an additional set of best practices for them regarding user experience and user communications, according to Facebook.

Still, some Facebook developers remain unconvinced about the value of the program, and even more so now with the technical issues affecting it.

"I will not pay to be approved. It's not worth the money. Any good application will do just fine without it," said Christopher Bourton, games developer and consultant at Lethos Designs in London, which has developed three Facebook applications and is building two more.

Bourton, contacted via e-mail on Thursday, said he fears that the program will create "an elitist two-tier system" in which large developers that can pay the fee will get the benefits, while smaller developers with fewer resources will not be able to afford it.

Applications approved through the system get the verified status for 12 months, after which developers must re-submit them for review and pay the $375 fee again.

Other developers are more positive about the program, like Tim O'Shaughnessy, CEO of LivingSocial, which has created about 10 applications for Facebook, including its very popular namesake and Visual Bookshelf.

"The verification program is a nice way of allowing users to weed through the noise and know [that] if they're adding a [verified] application, there is a sense of trust behind that add," O'Shaughnessy said via e-mail.

Living Social submitted Visual Bookshelf for verification and got it approved, but while the process was fairly simple and straightforward, it took Facebook longer than O'Shaughnessy expected to complete its review. "Now that the initial applicants have been verified, however, my guess is the process will be much shorter in the future," he said.

For O'Shaughnessy, a big question regarding the value of the program is whether it will truly give Facebook users a sense of security towards verified applications. He also hopes that Facebook will continue to evolve the program.

"As new Facebook features and functionality are made available, will the verification program keep up with new, relevant additions? This seems like a necessity in order for the program to have long-term value," he said.

Gartner analyst Ray Valdes thinks that establishing the program was a good move by Facebook. "Facebook's value proposition is having a quality user experience and that includes the experience of applications," Valdes said in a phone interview. "As the number of applications has grown, the quality of the experience has decreased. This is part of their ongoing maintenance and cultivation of the user experience."

IDC analyst Al Hilwa concurs that end users will benefit from having a set of applications that Facebook has certified as meeting special criteria for user experience and trust. "I think this is a welcome move to rein in what could potentially be a tiring process of finding well-behaved and trustworthy apps," he said via e-mail.

"Relying on market forces to sort out the wheat from the chaff may work in the long run and sounds good as an ideal, but with the velocity of business these days, and the ephemeral stickiness of online sites, it is maybe too late for a platform to be successful to wait for that process to settle down," Hilwa added.

On Wednesday, Facebook launched the program with an initial set of 120 verified applications, but it expects developer interest to pick up considerably now that the program has been launched.

Join the CSO newsletter!

Error: Please check your email address.

Tags securitysocial networking

More about FacebookGartnerIDC Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Juan Carlos Perez

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place