TikTok’s internal browser can monitor every click and text written by users

TikTok’s internal browser can monitor every click and text written by users

For example, if you open a web page from TikTok and enter your credit card information, the app will register them. Here is the discovery of a security researcher.

The security researcher Felix Krause announced on his blog the launch of InAppBrowser, a complex but highly useful tool, because it lists all the commands executed by an app on iOS devices while using its internal browser. In other words, applications like TikTok, Instagram, Facebook Messenger e Facebook they are based on an in-app browser capable of modifying all open pages. “This includes adding tracking code (such as inputs, text selections, taps, etc.), inserting external JavaScript files, and creating new HTML elements,” said Krause. These browsers are also capable of recording the metadata of a website, even if for the researcher this is the most “harmless” aspect.

In this context, one of the most aggressive apps is TikTok. The platform of the Chinese company ByteDance uses its in-app browser to monitor users’ inputs and keyboard touches. So, for example, if you open a web page from TikTok and enter your credit card details, the app will register them. Unlike its competitors, TikTok does not even have the option that allows you to open a site from your default browser (Chrome, Mozilla, Safari, etc.), making it mandatory to use the one present within the app.

A disturbing aspect, which focuses on the dangers to which the privacy of the individual user is subjected in the intricate internet network. The Chinese company behind the popular social network, however, is of a completely different opinion: a spokesperson for TikTok confirmed to Forbes that the internal browser monitors user interactions, but states that “the Javascript code in question is used only for debugging, troubleshooting and performance monitoring “. In short, all this is needed to deliver “optimal user experience”, he has declared. Whatever the purpose, TikTok – but not only – records the actions of users, so for safety it would be better to avoid entering your data in the internal browsers of the apps mentioned here.

Leave a Comment