In-App Browser Vulnerability That Tracks Your Every Activity
A study discovered that the TikTok iOS app would open all links in the in-app browser and record all your interactions. TikTok can track anything you type; recording this information can include passwords, credit card information, addresses, etc. Besides TikTok, you should also be aware of other popular apps with in-app browsers. So how to avoid using an in-app browser that can track your activities?
According to research conducted by software engineer Felix Crause, TikTok can record or track every tap on your screen while using the in-app browser. In addition, TikTok also records your typing (including passwords) and the links you click on.
On his website, Kraus says that his tests show that when a user opens a web page in the TikTok app, the in-app browser injects a code that tracks (subscribes) all keyboard inputs and screen taps. Kraus states, "We don't know what TikTok uses the subscription for, but from a technical perspective, this is equivalent to installing a keylogger on a third-party website.".
AN IN-APP BROWSER MAY RECORD YOUR ACTIVITY
The good news is that TikTok doesn't collect such information. The bad news is that even if you trust ByteDance Ltd. (TikTok's parent company), other popular apps from various companies also have in-app browsers that can track your entire activity on web pages. In his research, Krause noted that Amazon, Facebook, Messenger, Instagram, Robinhood, and Snapchat also have in-app browsers. However, TikTok was the only app found not to offer users the option to switch from in-app browsing to default or external browsers when accessing third-party web pages.
HOW TO AVOID USING THE IN-APP BROWSER
The primary advice is not to enter sensitive information when accessing the in-app browser. If you accidentally click on an in-app link or ad, you can immediately close the automatically opened in-app browser. If you want to visit links safely, follow the tips below:
- Open links in a safe browser: Most apps allow you to switch to the built-in browser if you open a webpage using the in-app browser. Switching to the built-in browser may vary from app to app; usually, there is a Three Dots or Settings button. Tap the button to open the Settings menu, then select the option to "Open in Browser." If you can't find the Triple Dot or Settings menu option, copy the URL link in the in-app browser and open it in your device's built-in browser.
- Use the web version of a service: Almost all social media platforms have a web version. You can use the service's web version without worrying about accidentally handing over personal information.
Want to know more information, please visit our website at:
Don't forget to follow our other social media
Instagram : hdnmetatech
Linkedin : https://www.linkedin.com/company/herdina-metatech-sinergi-corp
Facebook : Herdina Metatech Sinergi Corp