The Chinese short video platform TikTok has already been called out for many allegations in the past, and now one more has been added to it that is under research.
TikTok Denied On Monitoring In-App Browser Keystrokes
A security researcher named Felix Krause has made these claims with his latest analysis report. We can rely on his word because earlier, he also made other reports in the past by which he gained authority. According to Felix, TikTok’s in-app browser on iOS injects JavaScript code into external websites, which gives direct authority to TikTok to monitor every keystroke from the users without any filter. So the company might be able to “access sensitive details” such as passwords and credit card information because many users use this browser when we have to complete secure tasks in instructions regarding the app, for example, purchasing after seeing an ad in the app. Besides, Felix directly compared it to outlawed activity and said, “From a technical perspective, this is the equivalent of installing a keylogger on third-party websites”. A spokesperson from TikTok has stated to Forbes regarding all this, expressing that this JavaScript code is only being used for debugging, troubleshooting, and performance monitoring to provide a flexible experience to users. Besides, Meta has already made all transparency about their in-app browser activity. Also, they are already providing the option to open links in the default browser, but on the other side, TikTok does not offer this option. Also, to keep yourself on the safe side and protected from any monitoring activities, you should open every following link in the default browsers of your device, such as Chrome or Safari. Recently, TikTok has also been found to be sending data to its Chinese headquarters, by which FCC appealed for its removal from App Store and Play Store.