© Regis Duvignau / Reuters
Facebook has confirmed it uses phone numbers, provided to them by security-conscious users for two-factor authentication on their accounts, to target the same individuals with advertising.

The tech giant's confession follows a report in Gizmodo based on research carried out at Northeastern and Princeton universities which uncovered the deceptive practice.

"We use the information people provide to offer a better, more personalised experience on Facebook, including ads," a Facebook spokesperson explained, adding that users can opt out of this by not using phone-number-based two-factor authentication.

However, the option to enable the security technique, which provides a second layer of authentication to help keep accounts secure without providing your phone number, was only introduced in May. Before then, people who handed over their phone number for the security feature were unwittingly drawn into a privacy and security trade-off.

The revelation that the company has been using information, explicitly provided for security purposes, for targeted advertising has outraged many and further damages user trust in the social network.

Researchers also found evidence of the corporation using shadow contact information to target individuals with ads - something they had previously denied doing. This is data, such as a phone number, that has not been provided by the user to Facebook but is collected from their friends' contacts list and shared with advertisers.

Lead author on the paper, Giridhari Venkatadri, said this was the most surprising finding, that Facebook was targeting ads using information "that was not directly provided by the user, or even revealed to the user." Facebook did not dispute any of the researchers' findings.