TikTok Allegedly Monitors In-App Browser Keystrokes as Congress Labels App 'High-Risk' Over Privacy Issues

Research revealed that TikTok is capable of monitoring activity in its in-app browser.

TikTok, which is owned by China's ByteDance, is capable of monitoring user activity in its in-app browser, new research has revealed. When users tap on TikTok ads or visit links on a user's profile, the app does not open the page in a way that browsers such as Google Chrome or Apple's Safari does and instead uses a TikTok-made browser that has the ability to rewrite parts of web pages.

Forbes reported that findings from Vienna-based software researcher Felix Krause has found that TikTok can track their users' activity on its in-app browser by injecting lines of code, specifically JavaScript, into the websites visited within the app. This creates new commands that lets TikTok know what users are doing in its in-app browser.

Does TikTok's In-App Browser Raise Privacy Issues?

Krause, who is the founder of a service called Fastlane that tests and deploys apps which was also acquired by Google five years prior, explained that TikTok's unique browser that injects JavaScript code into the website was definitely "an active choice the company made." He added that such occurrence is "a non-trivial engineering task" and "does not happen by mistake or randomly."

According to Krause's research, it is currently undeterminable how TikTok uses such data inputs, however "from a technical perspective, this is the equivalent of installing a keylogger on third party websites."

Krause's research into TikTok and Facebook reveals that both companies are injecting code into websites from their in-app browsers but does not show whether TikTok or its parent ByteDance, or Facebook or its parent Meta are collecting the data gathered from this code. It also does not confirm if these companies use the data, send it to their servers, or share it with third parties such as advertisers.

Krause tested seven iPhone apps that use in-house browsers for his research, including TikTok, Facebook, Facebook Messenger, Instagram, Snapchat, Amazon and Robinhood. Of these apps, TikTok is the only app hw found that appears to monitor users keystrokes in the in-app browser and appears to be monitoring more activity versus the other apps.

Krause tested seven iPhone apps that use in-house browsers for his research, including TikTok, Facebook, Facebook Messenger, Instagram, Snapchat, Amazon and Robinhood. Of these apps, TikTok is the only app hw found that appears to monitor users keystrokes in the in-app browser and appears to be monitoring more activity versus the other apps.

House of Representatives Officer Raises Concern Over TikTok's Privacy Issues

On Wednesday, House of Representatives' Chief Administrative Officer Catherine Szpindor issued an advisory about TikTok, calling for members of Congress not to use the China-owned app. Fox Business reported that the memo cited information from the agency's CyberSecurity office, which called TikTok a "high risk" social media app that poses a threat to user privacy.

The memo underscored how TikTok is owned by a Chinese company called ByteDance and that "any use of this platform should be done with that in mind." The CyberSecurity office took issue with TikTok's "lack of transparency in how it protects customer data" and the many "excessive permissions" it gets from its users, as well as other "security risks" its usage poses.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics