TikTok, the favorite app of 18-25 year olds, is able to monitor everything you type on your smartphone screen through its built-in browser. The Chinese social network is particularly capable of obtaining your passwords or your credit card numbers.
Felix Krause, creator of Fastlane tools and software researcher, analyzed TikTok’s iOS app. The expert focused on the integrated web browser to the social network. When TikTok users click on a link within the app, the webpage is automatically opened within the internal browser. The link does not open in Safari, Chrome, Brave or any other browser installed on the smartphone.
Thanks to this browser, TikTok is able to monitor absolutely everything you type on your phone. The social network can capture “keyboard entries (including passwords, credit card information, etc.) and every touch on the screen, such as the buttons and links you click on”.
Related: TikTok backpedals on personalized ads without user consent
TikTok leaves no choice to its users
Please note that there is no indication that TikTok actually collects this information. Nevertheless, the application is able to do so. According to Felix Krause, the developers at ByteDance, parent company of TikTok, knowingly designed the built-in browser for this purpose.
“The fact that an application adds code to external websites does not mean that it engages in malicious practices. There is no way for us to find out all the details of these collections, or how the data is collected”, explains Felix Frauze in his report.
Moreover, “there is no button to open the page in the default browser”, regrets Felix Krause. An average Internet user, who innocently strolls on TikTok, will inevitably find himself using the integrated web browser, after having clicked on an ad for example. Asked by Forbes, the researcher assures that it is a “conscious choice” on the part of ByteDance. This is no coincidence.
A few days ago, the researcher had already identified the same process within the Facebook and Instagram applications. Mirroring TikTok, both Meta platforms do not use Safari to display external links. The built-in browser is designed to track all user activity. Unlike TikTok, Meta leaves the choice to open the link in another browser.
TikTok denies tracking internet users
Contacted by our colleagues from Forbes, TikTok admits that these features are present in the code of its integrated browser. Nevertheless, the Chinese group ensures that they are not not used for tracking.
“Like other platforms, we use an integrated browser to provide an optimal user experience, but the JavaScript code in question is only used for debugging, troubleshooting and performance monitoring of this experience, and to verify how fast a page loads or if it crashes,” TikTok spokesperson Maureen Shanahan said in a statement.
Nevertheless, we recommend that you always open external links directly in your browser. Finally, it will be recalled that this is not the first time that TikTok has been suspected of monitoring its users too closely. The app is also suspected of transferring some of the collected data to China.
Source :
KrauseFX