TikTok’s In-App Browser Raises Privacy and Security Concerns

TikTok, the popular social media app that allows users to create and share short videos, has been accused of having a flawed in-app browser that could potentially track everything users type on third-party websites, including sensitive data such as passwords, credit card information, and addresses.

When a user clicks on a link within the TikTok app, it opens in an in-app browser rather than redirecting to the default browser on the device. This means that TikTok can inject its own code into the web pages that users visit, and monitor all user interactions, such as taps, text selections, screenshots, and form inputs.

According to security researcher and developer Felix Krause, who published his findings on his blog, TikTok’s iOS app “subscribes to every keystroke (text inputs) happening on third party websites rendered inside the TikTok app.”

TikTok’s In-App Browser Raises Privacy and Security Concerns
TikTok’s In-App Browser Raises Privacy and Security Concerns

“This can include passwords, credit card information and other sensitive user data,” he wrote.

Krause also found that TikTok’s Android app has a similar behavior, but it requires users to grant the app permission to access the device’s clipboard, which can also contain sensitive data.

Why TikTok’s In-App Browser Is Bad

TikTok’s in-app browser poses a serious threat to users’ privacy and security, as it can collect and store a lot of personal and sensitive data without users’ knowledge or consent.

TikTok claims that it does not track or store such data, and that it only uses the in-app browser to provide a better user experience and to prevent malicious links from harming users’ devices.

However, Krause argues that TikTok’s in-app browser is unnecessary and invasive, and that users should have the option to choose their preferred browser when opening links from the app.

He also warns that TikTok’s in-app browser could be exploited by hackers or malicious actors, who could use it to steal users’ data or to inject malicious code into the web pages that users visit.

How to Protect Yourself from TikTok’s In-App Browser

If you are concerned about TikTok’s in-app browser and its potential risks, there are some steps you can take to protect yourself and your data.

  • Disable TikTok’s access to your device’s clipboard. You can do this by going to your device’s settings and revoking the app’s permission to access the clipboard.
  • Avoid entering any sensitive data on web pages that open within the TikTok app. If you need to enter such data, use your device’s default browser or a trusted third-party browser instead.
  • Use a VPN to hide your IP address and encrypt your online traffic. A VPN can prevent TikTok from tracking your location and your online activity, and can also protect you from hackers and cyberattacks. A top-rated VPN like NordVPN can help you use TikTok anonymously and securely.
  • Delete TikTok from your device if you don’t trust the app or its parent company, ByteDance. TikTok has been under scrutiny for its alleged ties to the Chinese government and its possible use for espionage. In 2023, the US government banned TikTok from federal devices, citing national security concerns.

Leave a Reply

Your email address will not be published. Required fields are marked *