Security experts have raised new concerns about TikTok’s browser.
The in-app browser on iOS and Android reportedly allows the company to monitor all inputs and taps – including every time you type on your keyboard. Security researcher Felix Krause shared the news in a recent article, but TikTok has since denied that the code is being used maliciously.
Krause said of the news: “From a technical perspective, this is the equivalent of installing a keylogger on third-party websites, but added, “just because an app injects JavaScript into external websites doesn’t mean the app is doing anything malicious.”
A spokesperson for TikTok has since hit back, telling Forbes magazine that the code was used only for debugging and troubleshooting to offer users the “optimal” experience on the platform. “We use an in-app browser to provide an optimal user experience, but the Javascript code in question is used only for debugging, troubleshooting and performance monitoring of that experience — like checking how quickly a page loads or whether it crashes,” the company said.
Krause suggests that users should avoid using TikTok as a browser and instead switch to a default web browser such as Safari on iOS and Chrome on Android.
Other social networks that insert Javascript code into external websites are Facebook and Instagram, but a Meta spokesperson said that they “intentionally developed this code to honor people’s App Tracking Transparency (ATT) choices.”
Are you surprised to hear this news? Let us know your thoughts and check back soon for the latest.
