After Google, Facebook, and Instagram, it is TikTok’s turn to evolve into a notorious spying app. A new study performed by software researcher Felix Krause shows that TikTok can monitor your activity even if you access other websites through the app.
Krause is the founder of an app testing company Fastlane, which was acquired by Google five years ago. The researcher’s findings were originally shared by Forbes.
How it Works
The study was published on Thursday and it shows that TikTok is able to insert a code into the websites you visit through a link in the app. The code modifies the websites to allow monitoring since these are opened in the in-app browser rather than Chrome or Safari.
This allows the Chinese app to monitor your keystrokes and clicks on the website. TikTok could easily use this to steal personal information like credit card numbers and passwords.
Krause commented on his findings saying:
This was an active choice the company made. This is a non-trivial engineering task and it does not happen by mistake or randomly.
Tiktok has not responded to a request to comment but confirmed to Forbes that this code does exist within TikTok’s in-app browser. However, the spokesperson also said that the app does not use the code to track people on the internet.
Like other platforms, we use an in-app browser to provide an optimal user experience, but the Javascript code in question is used only for debugging, troubleshooting and performance monitoring of that experience like checking how quickly a page loads or whether it crashes.
TikTok said that this code is part of a third-party software development kit (SDK) and it includes features that TikTok does not use.