TikTok’s in-app browser tracks keyboard input and screen taps when opening links; according to a security researcher.
The functionality is “the equivalent of installing a keylogger.” researcher Felix Krause told MacRumors. However, Any external link opened from the iOS app will prompt TikTok to monitor keyboard input and screen taps.
On the Other hand, TikTok’s representative refuted the allegations.
More From Us:Twitter Tests Phone Number And View Count Labels
Moreover, “Misleading report findings concerning TikTok. The researcher argues the JavaScript code doesn’t suggest our app is harmful and confesses they don’t know what our in-app browser collects. Contrary to the report, this code is only utilised for debugging, troubleshooting, and performance monitoring.”
Michael Beckerman, VP, Head of Public Policy, Americas at TikTok, denied keylogging in a CNN interview in July.
In addition, “just because an app injects JavaScript into external websites; doesn’t mean the app is doing anything malicious.” says Krause. TikTok’s in-app browser head says it only collects, transfers, and uses data to ensure the programme is bug-free.
Krause discovered that Facebook and Instagram do the same thing. Krause designed InApp Browser to assess apps from within them. It reports which JavaScript instructions run. Krause thinks the open-source community will improve it.
TikTok is the only app Krause has evaluated that doesn’t offer a default browser option. Finally, A TikTok spokesman said using a browser outside the app would be “suboptimal / clunky experience” and wouldn’t assure a secure user experience.
Leave a Reply