TikTok Can Track Every Tap You Make On Other Sites Via iOS App, New Research Claims

New research claims that TikTok can monitor every tap a user makes, including sensitive information.

According to a new study by software engineer Felix Krause, TikTok can monitor every tap of your screen while you surf in its iOS app, including sensitive information such as typed passwords and clicked links.

On Thursday, Krause published a paper looking at the JavaScript code social media platforms inject into external websites to track user activity.

RUSSIA-INTERNET-TIKTOK
This picture taken in Moscow on November 11, 2021 shows the Chinese social networking service TikTok's logo on a tablet screen. KIRILL KUDRYAVTSEV/AFP via Getty Images

Tracking Every Tap

The TikTok iOS app can track all keystrokes, text inputs, and screen taps, which may include private information like passwords and credit card numbers, according to Krause's findings using his security tool, InAppBrowser.com.

However, Krause emphasized that an app is not necessarily acting maliciously just because it injects JavaScript into external websites.

"There is no way for us to know the full details on what kind of data each in-app browser collects, or how - or if - the data is being transferred or used," he added.

But keystroke data collection, according to Priyadarsi Nanda of the University of Technology Sydney's School of Electrical and Data Engineering, closely matches the actions of keyloggers, a category of malware.

A TikTok spokesperson denied the study's claims to The Guardian Australia, saying that its conclusions about the short-form video app are "incorrect and misleading."

"The researcher specifically says the JavaScript code does not mean our app is doing anything malicious and admits they have no way to know what kind of data our in-app browser collects," the spokesperson said in a statement.

Contrary to what the report indicates, TikTok denies recording keystrokes or text inputs using. The spokesperson that such code is only employed for performance monitoring, debugging, and troubleshooting.

Krause also evaluated the iOS apps for Instagram, Facebook, Facebook Messenger, Amazon, Snapchat, and Robinhood beside from TikTok.

Only TikTok was discovered not to give users the ability to visit third-party websites using an external browser instead of using the app's built-in browser.

According to Krause's research, Instagram may also monitor screen touches, especially when users click on an image.

TikTok's National Interest?

According to Uri Gal, a professor of business information systems at the University of Sydney, apps like Facebook and Instagram are primarily driven by commercial and financial interests, whereas TikTok has a national security component that is not explicitly evident in other apps.

Due to TikTok's parent company ByteDance's alleged connections to the Chinese Communist party, TikTok presents a "different kind of risk," according to Gal.

He claimed that the surveillance features might be employed to "collect as much information as possible for industrial espionage purposes" and shape public opinion.

But in the past, ByteDance has refuted claims that it is affiliated with the Chinese government and labeled the allegations "misinformation."

This article is owned by Tech Times

Written by Joaquin Victor Tacla

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags:TikTokIOS
Join the Discussion
Real Time Analytics