Internet

TikTok Can Track All Your Movements In Its In-App Browser

TikTok Can Track All Your Movements In Its In-App Browser
TikTok Can Track All Your Movements In Its In-App Browser
Advertisements

TikTok ‘s proprietary in-app browser on iOS is reportedly injecting JavaScript code into external websites that allows TikTok to monitor “all keyboard inputs and taps” when a user interacts with a particular website, according to security researcher Felix Krause . reportedly denied it.

Krause said TikTok’s in-app browser can “see” all keyboard inputs when a user interacts with an external website, including sensitive details such as passwords and credit card information, and every touch on the screen.

Advertisements

Regarding the JavaScript code TikTok injected, Krause said , “Technically, this is equivalent to installing a keylogger on third-party websites.” But the researcher said, “Just because an application injects JavaScript into external websites does not always mean that the application is doing something malicious.” he added.

TikTok Can Track All Your Movements In Its In-App Browser

Advertisements

TikTok Denies Allegations

In a statement shared with Forbes, a TikTok spokesperson acknowledged the JavaScript code in question but said it ‘s only used for debugging, troubleshooting, and performance monitoring to ensure an “optimal user experience .”

Krause said users who want to protect themselves from possible malicious use of JavaScript code in in-app browsers should switch to viewing a specific link in the platform’s default browser, such as Safari on iPhone and iPad , if possible.

Facebook and Instagram are two other apps that add JavaScript code to external websites that are loaded into their in-app browsers and allow apps to monitor user activity, according to Krause.

Advertisements

You may also like

Comments are closed.

More in:Internet