Instagram further restricts API after a password breach in which an application sent users’ unencrypted personal information to a remote server. Instagram is now restricting its Application Program Interface and is planning on excluding support for apps’ access to users’ instagram feeds, which means that the third-party apps that could supply information to external source will no longer have access to user’s details.
Representatives for Instagram explained that feedback from their users and the community showed them that the public had concerns about not knowing where their content was being shared and who was viewing it. Representatives have declared that, as a response to these concerns, Instagram will stop granting consent for “users”, “self”, “feed” and “media” or “popular” API endpoints to new applications.
Instagram has also announced its intention to start verifying both new and current apps on December the 3rd and is expecting the owners to submit their apps until June 1, 2016 when Instagram will be closing the connection to the feeds.
This new effort will give both users and developers more control over the content and the information that is shared through Instagram. But it will also make photo editing the focus of future Instagram apps because the few apps that will connect to feeds will be known to have more potential of being used for malicious purposes.
This initiative currently targets feed eating apps alone which means that third-party photo editing apps can remain untouched for now, and whether they will get to stay will be decided in June. The platform’s policy has also been updated in order to clearly state which cases of use of feed information it does support.
The use cases that are supported mostly revolve around allowing people to share their content via third-party apps, which allows brands and advertisers to engage their target audiences better as well as supports broadcasters and publishers to disseminate the information more effectively to audiences.
This new set of restrictions on feed access for applications could be a reaction to customer concern, but it also ties into past issues that the platform has had with the use of sensitive customer information by applications.
Recent security concerns were raised when representatives announced that an app named Who Viewed Your Profile – InstaAgent, which Instagram users could access to see who had viewed their profiles, was caught collecting customers’ account usernames and passwords and then sending the unencrypted information to remote servers.
The app was also found to post images on users’ feeds without their permission. This may have prompted Instagram to make sure that the apps that are granted access to its API will not mislead users about where their information in going.
Image source: www.pixabay.com