The Motley Fool Previous Page

LinkedIn Attempts to Quell Intro Security Fears

Chris Neiger
October 28, 2013

Source: LinkedIn.

LinkedIn (NYSE: LNKD) introduced its new Intro feature last week, bringing LinkedIn profiles directly into an iOS user's mail app. It was supposed to be a way to add email contacts to the LinkedIn network and learn more about potential connections, but the feature sparked a firestorm from security firms.

LinkedIn stresses the app is secure, but can investors be confident the company is making the right mobile moves?

Much ado about something
LinkedIn received backlash from security professionals because of how Intro works -- essentially routing a user's emails to a LinkedIn server, adding information, then sending it back out.

In a blog post this week, the company's information security manager, Cory Scott, said when Intro was being designed the company, "Made sure we built the most secure implementation we believed possible."

He went on to list a number of security parameters for Intro, including:

  • Having security consultants iSEC Partners perform a line-by-line code review
  • Implemention of SSL/TLS at each point of email flow
  • Encrypted data is deleted from LinkedIn's systems
  • Intro doesn't change any device security profiles, but rather adds an email account to the system that communicates with Intro

That all sounds good, but it may not be enough to change the minds of security firms and users -- and investors should take note of that. 

Intro to mobile  
First, it's important to note that LinkedIn is in the middle of pushing its mobile offerings even further, and Intro is a result of that. In concept, the feature is an inventive way to engage users and seamlessly tap into a user's email and try to grab more mobile usage from it.

But LinkedIn may have unsuspectingly stepped into the mire of Internet security uncertainty.

Last year, LinkedIn suffered a security breach resulting in 6.5 million users having their passwords stolen. But as bad as that was, it's a bit unfair to only point to LinkedIn's security breach without acknowledging that a massive amount of companies that collect secure data online have suffered their own breaches. Facebook, Buffer, Twitter,