When you click a link in an app like TikTok, it often opens in an in-app browser instead of your default browser. While this may seem harmless, research suggests it could expose users to serious privacy risks.
What Did the Research Find?
Security researcher Felix Krause, using a tool called InAppBrowser, discovered surprising practices in several apps. He found that apps like TikTok, Instagram, and Facebook modify websites you visit through their in-app browsers. These modifications allow the apps to track user activity, like taps, text inputs, and even credit card information.
Among the apps analyzed, TikTok stood out. Unlike some others, it doesn’t give you the option to open links in your default browser, forcing you to use their own. More concerning, TikTok’s in-app browser can track every keystroke and tap. This means if you enter sensitive information, like payment details, TikTok could potentially access it.
What Does TikTok Say About This?
TikTok has responded to these claims, emphasizing that their tracking is not used for harmful purposes. They explained that the JavaScript code running in their browser is strictly for debugging, troubleshooting, and monitoring performance. A spokesperson stated the company does not record or use keystrokes or inputs in a malicious way.
Despite this clarification, the findings have raised eyebrows among privacy experts and users alike, who worry about the potential for misuse.
How Does TikTok Compare to Other Apps?
While other apps, such as Instagram and Facebook, also track activity in their in-app browsers, they don’t go as far as TikTok. Snapchat and Robinhood, however, serve as better examples. These apps neither modify the websites you visit nor fetch their metadata, making them safer options.
Krause also pointed out that apps can conceal their JavaScript activity. This means there could be additional monitoring happening that even his tool can’t detect.
What Can You Do to Protect Your Privacy?
If you’re worried about this kind of tracking, there are steps you can take. Avoid entering sensitive information—such as passwords or payment details—into in-app browsers. Whenever possible, open links in your default browser for a more secure experience.
While TikTok claims its practices are aimed at improving user experience, these findings highlight the need for greater transparency. For now, it’s smart to stay cautious when using in-app browsers across any platform.
In other news, From Disney+ To TikTok, World’s Worst Social Media Privacy Policies.
