Fraudulent and duplicate entries are a concern when running any type of contest. However, if you're installing your campaign as a Facebook application - or if you are enabling Facebook features on your campaign - you can limit these kinds of entries by adding the Facebook ID field to your list's form.
How the Facebook ID Field Works
Each personal Facebook profile has its own unique Facebook ID number. Because each ID number is unique - and because Facebook’s Terms stipulate that each individual person is limited to one profile - Facebook ID numbers are a great way to restrict list entry and reduce repeat and fraudulent entries.
However, to access a user’s Facebook ID number, ShortStack must first get the user’s permission to access his or her basic Facebook profile information. The way ShortStack obtains permission for this information is with the Facebook ID field, which appears on the form to the end user as the Log in with Facebook button.
When a user clicks on the Facebook ID field while filling out a form, they’re presented with an Allow Prompt. When they grant ShortStack this permission, we receive a special code from Facebook that allows us to access very basic information from the user’s account, including their Facebook ID number. We store each entrant’s Facebook ID access code along with their submission. When future entries are submitted, our servers check those Facebook IDs against the Facebook IDs connected to previously submitted entries. Because these special codes are almost impossible to guess, it’s very difficult to cheat this system.
Using the Facebook ID Field
With the Facebook ID field added to your form, you can limit entry a number of different ways. You can choose "one entry only," which limits each Facebook ID number to one single entry; "unlimited entries," which allows every Facebook ID number an unlimited number of entries; "one entry every…," which lets you meter how often a Facebook ID can re-enter (e.g., once per day); or "a maximum of," which lets you set the maximum number of entries one Facebook ID number can submit. You can also edit the error message the user sees if a repeat entry is submitted that violates your settings.
The Email Address field gives you the same restriction options as the Facebook ID field, but restricts entry based on the email address the entrant submits. This method is much less reliable than the Facebook ID field.
Other Facebook ID Field Behavior
- When a user grants permission to access his or her account, the Log in with Facebook button is replaced with the user’s profile picture. We refer to this as logged-in to the list.
- If a user had previously granted permission and later returns to the app, he or she is automatically logged-in to any lists that have the Facebook ID field. (this can sometimes take a few seconds).
- Name fields are populated automatically when a user logs in to the list.
- If a user grants permission in another widget (such as the Voting Widget), the user will be automatically logged in to any lists on the app that have the Facebook ID field.
- Because asking a user for permission to access his or her account may cause the user to reconsider entering, you should only use the Facebook ID field when limiting repeat entries is important. In general, if you are running a promotion with a valuable prize, you’ll want to use this field.
- Keep the Required option checked in the Facebook ID field, or the user won’t have to grant permission in order to submit the list's form.
- Remember that the Voting Widget will automatically include a View My Entries button for any lists with the Facebook ID field. This is especially convenient when a user wants to share his or her entry without wading through all the other entries.
- See Dealing with Fake Facebook Accounts in the Promotion Best Practices document for more information.