A security researcher suggests TikTok’s in-app browser behaves like a ‘keylogger’ for its ability to track keystrokes and more.
Tapping on a link in the TikTok app doesn’t open that page on your phone’s browser. Instead, TikTok uses an in-app browser that is capable of monitoring users activity on any website accessed using the in-app browser. This level of tracking would make it possible for TikTok to capture credit card information, passwords, SSNs, or any other sensitive information a person may enter.
When you open any link in the TikTok iOS app, it’s opened inside the in-app browser. While browsing, TikTok tracks all keyboard inputs and every tap on the screen – like which buttons and links are clicked. After news of the report circulated this weekend, a TikTok spokesperson reached out to Forbes to offer a comment. This report confirms that the keylogger feature exists but refutes that TikTok is using or collecting the data.
Meanwhile, the U.S. House of Representatives’ Chief Administrative Officer has issued a cyber advisory on TikTok, labeling it ‘high-risk’ with personal information accessed from within China. “We do not recommend the download or use of this application due to these security and privacy concerns,” the statement reads.