I have a web site using Facebook Connect where people have a strong incentive to create fake Facebook accounts and login multiple times in order to get more "votes" in my singing competition.
Anyways, I've come up with a strategy to identify these fake accounts and not let them use my site. (Haven't done the programming yet)
If their earliest wall post is more than 30 days old, then validate them.
If they have more than 20 friends, then validate them.
If their first profile picture is more than 30 days old, then validate them.
If their account has been phone verified, then validate them.
Number 4 is the one I'm having trouble with. One post I read says the GRAPH API has a verified field, but suggests that shows if the email has been verified (but not phone). This has proven a tough thing to search for. So I'm still unsure if this is possible.
Any comments on my strategy or help with #4 would be appreciated.
Thanks.
Actually the verified field should be what you are looking for. From the docs:
A user is considered verified if she takes any of the following
actions:
Registers for mobile
Confirms her account via SMS
Enters a valid credit card
We use verified and friend count to limit people. We even put those requirements into our legal terms so there's no misunderstanding.
Related
I came from a similar state in this question.
My objective is to reply to interested customers via whatsapp messages. I'll use a very special setup, so I'll be using the API.
Reasons:
With not to pay anyone other than container hosts
Solution with custom API
Customer doesn't like any extra costs
Just like user noboundaries, I see the numbers, but I cant get the certificate
User Navjot Singh has explained I need to create a "business api account"
I tried just that, put out all my contacts and stuff, in this site.
They did respond yes, but only with pointless instructions, since I wish not to contract any messaging providers. I had taken a look at it, but they charge a very expensive price beyond the $0.005 whatsapp will charge. Also, the solution I'm creating requires messages to be sent programatically, and the partners don't seem to provide the correct solution.
So, I wish to skip into using the api. I followed the appropriate guides:
Getting started
Phone Number
I already got some things done:
two phone numbers (one of them for testing) with whatsapp business;
company has been verified, with domain
have business management account
local environment with docker
I can access the local environment and I have set an user account and the admin acount. I can log into those via the API, since postman can ignore certificates, but in order to proceed I really feel like I need that certificate.
So to sim up I guess I need help creating the whatsapp business account for my customer. Any advice?
Also i'd appreciate any other helpful insight or feedback. I really feel lost and I don't see a place where I can talk to people trying to do the same thing, or doing this is much of a madness after all?
thanks for getting to read until here, and I apologize for my non natural, almost broken English.
Hi I wanted to start big in stackOverflow but I fell flat.
About the subject at hand, westerday I dwelt deep into the rabbit hole.
For most companies, you actually are forced to work with a provider, such as twllio or messagebird. They act as intermediary between the facebook business and the whatsapp business api.
Some of they offer messaging separated from whatsapp api setup I still need to take a look into it, but for those who are trying to set up whatsapp business api on their one, it seems as of november 2020 it's not possible.
please check out:
respond.io's guide
blog post from take.net PT-BR (google translate didn't like me trying to translate this to English)
This is not exactly a programming related question but it is closely related to developing so I think it is pertinent.
I´ve been charged in my work with developing an app with access to Facebook Messenger. I needed a Facebook Account and I didn´t want to use a personal one (and I don´t use Facebook anyway) so I created a new gmail account to use it to sign up in Facebook, as user and as a developer.
After a couple of days of work, having created the page, my webhook, done some tests, etc., and investing a good deal of work hours, my account appeared as disabled.
I have to admit a didn´t use much of real info on this account (I´m kind of allergic to disclosing personal information unless mandatory), and the account was new so I thought that maybe that was the reason (they don´t give you any).
So I tried again a second time with an account I had been using for years (just for logging in some sites, not much of real information there neither, as I say I don´t really use Facebook), and after a couple of days, same results, locked account.
I can´t stress enough I don´t use the API extensively, I just send some messages to another user I have added as one of the application developers so I can test (that other account is never blocked, by the way). It´s not like I am sending hundreds of messages or anything like it. And by the way, I have never been blocked while I was doing something (so I could indentify my wrongdoing). It just happened that at some point when I was going back to work (first hour in the morning, or after lunch for example) I tried to log in again and then I got the warning.
So I have tried a third time, this time I have given all my real information, reluctantly uploaded a personal picture, given all my data to Facebook (yikes!).
And after a couple of days: damn, same result. Blocked account. Work lost. They prompt you to upload a picture to check your Id, but to no avail (no answer yet, not even a notice of any kind) and they don´t give you absolutely any reason why the have blocked you.
And if I go to https://facebook.com/help/contact/260749603972907 to fill the form where they ask you to upload an ID then it says that the email doesn´t belong to a disabled account!
What is the unusual activity they have detected? What have I done wrong? Has someone experienced the same problem? Has someone got any clue of what it is that I could be doing wrong?
Because I don´t want to go through the whole process once again only to get blocked in a couple of days.
Thanks.
EDIT 1:
Ok, after checking again now it recognizes the account as a disabled one. I have gone to https://facebook.com/help/contact/260749603972907 to fill the form and I have uploaded my ID (even though I completely disagree with disclosing that kind of information).
Honestly, I don´t know what it means by "shortly". It´s been two days now and I have not received any kind of notification yet.
By the way, I haven´t received any kind of notification (mail, sms, anything) during any step of the process EVER. No one. Nothing. Not even an automatic email response. Plain absolute silence.
Honestly, if Facebook uses a security system like this, that lets hackers in while blocks legitimate users, creating false positives and making us lose many hours of work, without any reason or notification or explanation, then Facebook security is plain wrecked.
And I cannot do anything less than to strongly discourage any developer to use it if they can avoid it (what unfortunately I can´t).
EDIT 2:
After some days I regained access to my account again. Without any notification, I just tried again and now it worked (really good communication policy, Facebook, congratulations).
My App had disappeared, so I had to go through the whole process again. And after sending ONE message to the API, this again:
And once again the asked me to upload a picture of myself (I think they already have enough pictures of me to make an album).
This is just plain crazy.
How would I get the email address associated with an active Facebook App ID, if all the usual methods (such as here, and here) don't return any email information with my creator-uid?
(I simply don't get the email field returned, even when I specifically request it as per here. I don't think this is a case of this as I didn't get an "App has no owner" error, or any error whatsoever.)
I've also tried this, but I'm in a catch-22 as I can't log in to select the application first.
I'm looking for the owner email address, so I can log in to make administrative updates following graph API updates.
Other specifics:
I get the following when I hit the Graph API via: https://graph.facebook.com/{my-app-id}?access_token={my-access-token} or https://graph.facebook.com/{my-app-id}?access_token={my-access-token}&fields=email
{
"name": "my-name",
"id": "my-creator-uid" }
I've tried to recover my FB account using all emails I can think of, but FB says 'no account exists' for each that I try. (This is a data-analytics corporate account being used to gather data for 12+ months, so I can't simply create a new account/app ID and start using that instead, as app-scoped user IDs will change.)
I've also tried viewing https://www.facebook.com/app_scoped_user_id/{my-creator-uid}/ and https://www.facebook.com/{my-creator-uid}/ from another company FB account, but both get:
Sorry, this content isn't available right now The link you followed
may have expired, or the page may only be visible to an audience
you're not in.
What else would you suggest? What might have happened? I've tried to contact Facebook, but that search led me to this forum post, so I'm here. Thank you in advance for your help.
This is not a programming question, try to get in touch with the Facebook Team, if you are working with Facebook paid services (like Advertising) you might have an account representative that can accelerate the things a little bit (But this can be a really long wait).
A more realistic option is to create a new profile and an new app, also your application will be reviewed as well (Take a little less time than previous option).
I created a new Facebook account and verified it with my cell phone. I even see "Your mobile phone has been successfully verified." in https://www.facebook.com/confirmphone.php address.
So, everything seems perfect.
Then, I became Facebook friends with my friend (he is also verified and already created an Application). We are trying to add ME as an ADMIN for this Facebook Application from HIS account.
Even though both are completely verified by phone, HE canNOT add me as ADMIN for that application. He is getting
Only verified developers can be added as listed developers of this application. Read http://www.facebook.com/help/?faq=17580 for details.
message all the time.
We waited more than an hour just in case the Facebook system did not recognize my new verification.
In fact, I even tried removing the phone number and get verified again.
None of above did work and still getting the message which does not allow me to become an Admin of the application.
Could you help me?
Thanks in advance
I've heard of people having all kinds of problems with the developer section of Facebook.com
One resolution seems to be to log out of both accounts and log back in again.
It turns out that, facebook itself does not accept my account and thinks it is duplicate account. And in order to make them believe the Facebook team want me to provide these below:
Our systems indicated that your account may not be authentic based on
a variety of factors. If you believe you are being prevented from
creating apps by mistake, please reply to this email with a digital
image of your government-issued identification. Make sure the
identification you provide meets all of the following requirements:
Must be government-issued (e.g. passport, driver's license)
Must be in color
Must clearly show your full name, date of birth, and photo
If possible, please save this file in JPEG image format.
I dont know why they are making such a huge problem.
In my case, I used phone number to login my account and hadn't any email attached. after adding email as a primary contact I was able to verify my developer account.
I have performed a number of searches on this topic and found some related questions however none of which provided a clear picture of the best practice for developing a sign-in system on a site that relys on 3rd party server-side OAuth.
We have opted not to offer a traditional member sign-in method, allowing users to log in to the site via Facebook or Twitter (we may choose to offer further support for other networks at a later date).
We are keen to provide a seemless user experience for both new and returning users and would appreciate some advice & best practice from anyone who has successfully done this in the past.
The initial plan was as follows
- When a user signs in via Facebook we require them to provide a username which will be used throughout the site
- When a user signed in via Twitter we use their Twitter name as our username
This approach has an obvious flaw. What if a Twitter user signs in only to find that their username is being used by another member who chose it via signing in with Facebook?
This is unacceptable user experience therefore we need to re-think.
New approach
Currently our new approach is upon initial sign-in to present the user with a form to provide the remaining required information
For Twitter sign-ins:
- Display name. Pre-populated with Twitter username if available or suffixed with 0,1,2,3 etc..
- Email address. This will be confirmed via a verification email to complete the sign-up process.
For Facebook sign-ins:
- Display name. Pre-populated with Facebook Display name if supplied & available or suffixed with 0,1,2,3 etc..
- Email address. Pre-populated from Facebook account, no need to verify unless they decide to use a different email address, in which can the process will be the same as above.
It would be great to hear your thoughts on this matter.
I think second style is the simple one and user can feel less burden .
my vote for second only .He can pushed to login in the that same page and felt free.
hey ! just post weather which style you decided at the end ..because I need to know the result of this $100 question :))