Findings show that the TikTok app is capable of tracking every character used by users on its web browser.
In an alarming revelation, reports of TikTok monitoring has caught users with surprise. There are millions of users across the globe, who are immensely fond of this popular app. But they are amidst sheer concern and anxiety, as it has been learned that the TikTok app is capable of tracking every character used by users on its web browser through a supplementary code.
Though the ByteDance-owned company has shrugged off the claims as malicious and baseless, the findings tell us a different story. Let’s have a walk through the unpleasant alleys of the TikTok app.
Felix Krause, a privacy researcher and former Google engineer, has found through research that the TikTok web browser comprises of built-in functionality to track users’ online habits. Krauss stated that while conducting the research on Apple’s iOS operating system, he was shocked to notice there’s a hidden keystroke tracking within the in-app browser. It’s indeed a testimonial of TikTok monitoring, which has experienced a growing buzz around it in the recent times.
To ease online browsing with tools like auto-filling of text or to ensure that users don’t land up in malware-filled websites, some apps use in-app browsers. Despite these justifications, leading social media apps like Facebook or Instagram are known to track personal data like which sites were visited, what was highlighted and which are the buttons that were pressed on a particular website.
Undoubtedly, all of these are problematic traits but Krause argues that TikTok goes to the brazen extent of using secret codes to track each and every character typed by a user on its in-app web browser.
Krause’s findings expose the extremely vulnerable side of the new-age social media. Unlike WhatsApp, which redirects you to mobile web browsers like Google Chrome or Safari, the TikTok app moves you to TikTok web browser, with the alleged character/keystrokes tracking.
Thus, a user can have serious consequences due to the TikTok monitoring, which can leak out precious information like credit card numbers and passwords. This is a common feature of many malware and other hacking tools; equipped enough to execute bank frauds within seconds.
Feedbacks from the Experts
Renowned independent software engineer and security researcher, Jane Manchun Wong has also echoed her concern regarding the grave implications of this TikTok monitoring, “Based on Krause’s findings, the way TikTok’s custom in-app browser monitors keystrokes is problematic, as the user might enter their sensitive data such as login credentials on external websites.” She also shed light on another dangerous aspect of this TikTok monitoring, the ability to extract information from the external browsing sessions of a particular user.
The Chinese app responded to Krause’s controversial reports of TikTok monitoring by terming them “incorrect and misleading.” Owned by ByteDance, the leading short-video-making app stated that the alleged feature is used for “debugging, troubleshooting and performance monitoring.” TikTok firmly said that contrary to Krause’s claims, they do not collect keystroke or text inputs through the concerned code.
TikTok is already banned in India over data theft allegations and had a close shave in the US from embracing a suspension over claims of data privacy breaches. At a time when users are voicing for a stricter data protection policy, this TikTok monitoring can cause a hue and cry, globally.