TikTok’s In-App Browser Can Monitor Keystrokes

A recent study has shown that the web browser used within China’s TikTok app may trace every keystroke made by its users, raising privacy concerns. Felix Krause, a privacy researcher, and former Google engineer conducted the study, according to The New York Times. The researchers claim that malware and other hacking tools frequently have features that allow them to gather data on what users enter on their phones when visiting external websites, which can reveal passwords and credit card details. According to academics, who were mentioned by The NYT, while major technology companies may use such trackers to test new software, it is uncommon for them to deploy a significant commercial app with the function, whether or not it is activated.

According to Krause’s research, TikTok’s custom in-app browser is problematic in the way it tracks keystrokes because users could enter sensitive information like login credentials on external websites, according to Jane Manchun Wong, an independent software engineer and security researcher who researches apps for new features. The feature was utilized for “debugging, troubleshooting, and performance monitoring,” according to TikTok, which said Krause’s report was “incorrect and deceptive.”

Contrary to what the article states, TikTok does not gather keystroke or text input data using this code. Krause, 28, claimed he couldn’t tell if keystrokes were being actively recorded or if TikTok was receiving the information. Notably, 300 current workers of TikTok and its parent company ByteDance formerly worked for Chinese state media outlets, according to public employee LinkedIn profiles examined by Forbes.

Current ByteDance directors who oversee the divisions in charge of content partnerships, public affairs, corporate social responsibility, and “media collaboration” appear to have created 23 of these accounts. The employment status of fifteen current ByteDance employees is known to be dual, including Xinhua News Agency, China Radio International, and China Central / China Global Television. (These groups were included in the list of those dubbed “foreign government functionaries” by the State Department in 2020.)

Leaders of the US Senate Intelligence Committee have also asked for a probe into possible Chinese access to data on American users of the TikTok short-video platform. Democratic Senator Mark Warner and Republican Senator Marco Rubio urged Federal Trade Commission (FTC) Chairwoman Lina Khan in a letter to look into how TikTok protects user data.TikTok, which is well-known for its brief films that quickly become viral memes, has been striving to allay worries that it poses a threat to national security. (Only the report’s headline and image may have been changed by the Business Standard team; all other material was likely created automatically from a syndicated feed.)