Privacy Alert TikTok's InAppBrowser Tapes

Start Exploring

TikTok's InAppBrowser taps all keyboard inputs on iOS and Android, capturing users' information such as credit cards and passwords, according to security researcher
"Felix Krause."

"TikTok's InAppBrowser keystroke inputs Monitor Sensitive Credentials, Passwords, and Credit Card Info, as well as every Tap on the screen," Krause stated

He praised his technological abilities: "This is the same as putting a keylogger on third-party websites, that TikTok needs to fix"

In response, a TikTok spokeswoman admitted on Forbes: "The JavaScript code is an (SDK)," installed for debugging, troubleshooting, optimization, and optimal user experience

Krause said, "Users should have an option for switching to default Browser for links, such as Safari on the iPhone to protect themselves from malicious code"

"Whenever you open a link from any social app," Krause said, "check whether the app displayed the website on your regular browser." "Except TikTok, most applications do that"

Furthermore Krause reported on Facebook and Instagram also injected JavaScript code into their InAppBrowsers, allowing track of user behavior,

Meta representative reply, "We specifically created JavaScript Injections to honor people's App Tracking Transparency (ATT) on our platforms"

Click Here