A study discovered that the TikTok iOS app would open all links in the in-app browser and record all your interactions. TikTok can track anything you type; recording this information can include passwords, credit card information, addresses, etc. Besides TikTok, you should also be aware of other popular apps with in-app browsers. So how to avoid using an in-app browser that can track your activities?

According to research conducted by software engineer Felix Crause, TikTok can record or track every tap on your screen while using the in-app browser. In addition, TikTok also records your typing (including passwords) and the links you click on.

On his website, Kraus says that his tests show that when a user opens a web page in the TikTok app, the in-app browser injects a code that tracks (subscribes) all keyboard inputs and screen taps. Kraus states, "We don't know what TikTok uses the subscription for, but from a technical perspective, this is equivalent to installing a keylogger on a third-party website.".

A TikTok spokesperson acknowledged that the app injects Javascript code into websites but insisted that "contrary to the report's claims, we (TikTok) do not collect keystrokes or text input through this code; It uses for debugging specifically, troubleshooting, and performance monitoring.".

AN IN-APP BROWSER MAY RECORD YOUR ACTIVITY  

We do not know the full details of the specific data that TikTok's in-app browser collects or how TikTok uses that data. Krause's research suggests that JavaScript commands executed by TikTok's in-app browser theoretically be used to collect information such as credit card numbers, passwords, and various other sensitive data.

The good news is that TikTok doesn't collect such information. The bad news is that even if you trust ByteDance Ltd. (TikTok's parent company), other popular apps from various companies also have in-app browsers that can track your entire activity on web pages. In his research, Krause noted that Amazon, Facebook, Messenger, Instagram, Robinhood, and Snapchat also have in-app browsers. However, TikTok was the only app found not to offer users the option to switch from in-app browsing to default or external browsers when accessing third-party web pages.

IN-APP BROWSER  

App developers commonly use in-app browsers to get around tracking prevention. If a user opens an ad or links in an app, it will be extended through the in-app browser by default. In his study, Krause used Instagram as an example. Instagram injects JavaScript tracking code into every site you open within the app. According to its Privacy Policy, Instagram knows what you tap on in the app, what images you view, how long you spend on a page, and other similar information. This data is used to create a portrait of you (the user) so that the information can be used to determine what kind of ads you see on Instagram or other Meta properties.

HOW TO AVOID USING THE IN-APP BROWSER  

The primary advice is not to enter sensitive information when accessing the in-app browser. If you accidentally click on an in-app link or ad, you can immediately close the automatically opened in-app browser. If you want to visit links safely, follow the tips below:  

1. Open links in a safe browser: Most apps allow you to switch to the built-in browser if you open a webpage using the in-app browser. Switching to the built-in browser may vary from app to app; usually, there is a Three Dots or Settings button. Tap the button to open the Settings menu, then select the option to "Open in Browser." If you can't find the Triple Dot or Settings menu option, copy the URL link in the in-app browser and open it in your device's built-in browser.  
2. Use the web version of a service: Almost all social media platforms have a web version. You can use the service's web version without worrying about accidentally handing over personal information.

Reference:
https://www.pcmag.com/opinions/psa-stop-using-in-app-browsers-now
https://www.theguardian.com/technology/2022/aug/24/tiktok-can-track-users-every-tap-as-they-visit-other-sites-through-ios-app-new-research-shows
https://www.notebookcheck.net/TikTok-is-monitoring-all-keyboard-inputs-and-taps-on-iOS.641707.0.html

Want to know more information, please visit our website at:
https://hdnmetatech.com/
https://agus-hermanto.com/

Don't forget to follow our other social media
Instagram : hdnmetatech
Linkedin  : https://www.linkedin.com/company/herdina-metatech-sinergi-corp
Facebook : Herdina Metatech Sinergi Corp