Data security researchers claim Meta and TikTok can track in-app browser activity

Data security researchers claim Meta and TikTok can track in-app browser activity

Data security is a major concern in today’s day and age. New research reveals that iPhone applications for Facebook, TikTok, and Instagram can track the users’ in-app browser activity. Here’s everything you should know.

What does new data security research say?

Data security experts reveal iPhone apps for Facebook, TikTok, and Instagram are capable of tracking what users type in their browsers. Felix Krause, a researcher, and developer also claimed it is not difficult for these apps to track sensitive information like passwords or credit card information. Any link opened in the app’s browser is vulnerable to data breaches. This is because applications are capable of storing information types by users. Hence, Tiktok and Meta apps can store shipping addresses, credit card information, and other related information.

Krause explained TikTok “subscribes to every keystroke happening on third party websites rendered inside the TikTok app”. Keystroke logging or capturing is the act of covertly recording the keys typed on the keyboard. However, Instagram assesses user data by “injecting a JavaScript code into every website shown”.

TikTok and Meta apps track user activity

In the recent past, TikTok has been under fire for breaching data security concerns. Brendan Carr, the Federal Communications Commission commissioner also called on Google Play and Apple to remove it from the stores. “TikTok collects everything from search and browsing histories to keystroke patterns and biometric identifiers, including faceprints… and voiceprints,” stated Carr in an open letter. He also called it a “sophisticated surveillance tool that harvests extensive amounts of personal and sensitive data”. Car warned users that this can also be a serious threat to national security matters.

TikTok accused Krause of making false data security statements about their platform. “The researcher specifically says the JavaScript code does not mean our app is doing anything malicious and admits they have no way to know what kind of data our in-app browser collects,” stated a spokesperson.

Exit mobile version