Read Time:2 Minute, 15 Second
New research has revealed some data that popular apps may gather and track while using in-app browsers. Felix Krause, a software engineer and security researcher, has evaluated what code is added to a website when opened through an app to collect user behaviour.
TikTok is the only app out of the seven analysed that can track every keyboard input without allowing users to automatically open links in a different browser such as Safari or Chrome.
TikTok’s embedded Java Script code allows the company to monitor not only all keystrokes but also every tap and text input on the screen. This includes potentially sensitive information like passwords and credit card numbers.
“Installing a keylogger is a huge issue… according to TikTok, it’s disabled at the moment,” Mr Krause said.
“The concern is that they have the infrastructure and procedures to monitor these keystrokes, which is already a major issue. The existence of this system poses a massive threat to the safety of every user.”
The researcher, based in Vienna, is the founder of Fastlane. Google acquired this testing platform for Android and iOS apps five years ago. He’s been researching the potential hazards of in-app browsers for years, but the advent of massive technology firms has driven him to examine the source code behind each platform.
On Thursday, after creating the security tool InAppBrowser.com, he released a report on his findings on what apps can track when people use their in-app browsers.
It may detect what TikTok, Instagram, and Meta are capable of tracking, but it cannot inform us what data each app collects, transfers, or utilises.
Chris Marsden, a lecturer at Monash University and an expert in artificial intelligence and technology law, said, “we should all be concerned about cyber security.” Still, everyday users were left confused by it.
“Today, particularly with the release of iOS 11.2 and the devastating security hole it includes, any iPhone user should be more concerned about downloading an Apple iOS update to patch a critical flaw,” Marsden continued.
The current state of affairs with smartphone user data is such that the real question becomes whether or not you should have a phone.
Mr Marsden stated that the global responsibility, by default, falls to Google and Apple to check whether apps are obeying any regulations. “Police can request that giant companies take down apps from the store.”
While there is no doubt that in-app browsers can pose a security risk, it’s important to remember that these apps are also incredibly convenient. It’s up to each individual to decide whether the benefits outweigh the risks. Informed users are always the best line of defence against any potential threats.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
