Not sure if this is a good place for this post or not, but here goes.

I reject outbound connections to meta domains at the firewall. I noticed this banking app refuses to prompt for login credentials unless I am on mobile or a public WiFi network. I watched my FW logs and noticed many rejected connections to graph[.]facebook[.]com.

I contacted their support team, but they denied the connection was their app. I shared the screenshot on this post and they closed my case without comment.

I emailed the address on the Google play store and they also denied the connection was their app. I shared the screenshot and they asked if I downloaded the app from the play store, implying the official app doesn’t do this, but of course it does.They closed my case without proper resolution as well.

Just thought I’d share this here so people know that some banks make direct connections to Facebook to share analytics, without your knowledge or informed consent, and they lie about it when called on it.

  • Doug [he/him]English
    155·
    11 months ago

    So I just tested this. I’m not at home so I had to VPN in which is no issue.

    • I opened graph.facebook.com and confirmed it was working
    • I opened and logged in to my Ally app
    • I added graph.facebook.com to my pi-hole’s black list as a regex entry
    • I opened graph.facebook.com in the browser and confirmed it was blocked
    • I force closed and cleared the cache on my Ally app
    • I opened and logged in to my Ally app

    It’s not the Meta connection that’s giving you trouble.

    • Another_Reddit_Refugee@lemmy.worldEnglish
      38·
      11 months ago

      I added graph.facebook.com to my pi-hole’s black list as a regex entry

      Yes, but did you clear the DNS cache on your device after doing this? Once the DNS lookup is done it doesn’t matter what you’ve done on your pihole. The IP is cached and pihole will not even see the query.

      • Doug [he/him]English
        271·
        11 months ago

        It’s a fair point but I’ve got two counters.

        1. It was blocked in the browser, which implies there’s not a cached record for it on the device

        2. The Pi-hole logs the queries it receives and I do have four separate entries for that URL today, spaced in an amount of time that does not imply automatic requests but does likely match up with my test cases.

        • deweydecibel@lemmy.worldEnglish
          5·
          11 months ago

          I’ll just point out that I have tracker blocker running on my rooted Android at all times, graph.facebook.com is blocked across all apps on the device, Ive made sure of this. For maybe the 3 or so years I’ve been running it like that, I’ve very, very seldomly found an app that fails if it can’t reach Facebook, though many try.