Not sure if this is a good place for this post or not, but here goes.
I reject outbound connections to meta domains at the firewall. I noticed this banking app refuses to prompt for login credentials unless I am on mobile or a public WiFi network. I watched my FW logs and noticed many rejected connections to graph[.]facebook[.]com.
I contacted their support team, but they denied the connection was their app. I shared the screenshot on this post and they closed my case without comment.
I emailed the address on the Google play store and they also denied the connection was their app. I shared the screenshot and they asked if I downloaded the app from the play store, implying the official app doesn’t do this, but of course it does.They closed my case without proper resolution as well.
Just thought I’d share this here so people know that some banks make direct connections to Facebook to share analytics, without your knowledge or informed consent, and they lie about it when called on it.
It’s probably NTP a lot of banking apps have extra protections and if it can’t determine the time from its own trusted authority it may not allow the connection.
Launchdarkly is likely a culprit as well. Just doing a background search reveals that the service allows dev teams to do A/B testing, enable new features without releasing a new version, and various other “dynamic” functions.
OP is on the wrong side of Occam’s razor
This is definitely probably it. I can’t believe more things aren’t broken by blocking launchdarkly
If you set it up correctly it defaults to a specific flag state if it can’t connect. I.e. always show the user the old treatment instead of the new if you can request the actual state of their enrollment.
They get blocked constantly and my old company just routed the requests through our domain so they’d stop getting blocked
how would that explain connection to facebook?
Is it normal that a bank app tries to connect to meta?
Meta provides a lot of other backend B2B services beyond just Facebook, Instagram, and Threads.
You think that’s the only way they have of scarfing down data? Absolutely not, they make other useful tools as well that businesses can use, because if they can’t get their info directly from you, they can get it from the people you have to regularly interact with instead.
This is gross… but also not something I’ve really thought about.
You better start thinking about it.