Home » News » In-App Browsers From TikTok & Instagram Can Track Your Personal Information

In-App Browsers From TikTok & Instagram Can Track Your Personal Information

fb twitter pinterest linkedin
In-App Browsers From TikTok & Instagram Can Track Your Personal Information-GadgetAny
In-App Browsers

An in-app browser on iOS can track the user when loaded. A new tool shows how TikTok and Meta’s apps like Instagram can potentially use JavaScript to view its users’ sensitive data, like passwords, addresses, credit card information, etc., without his/her consent.

InAppBrowser.com includes this tool. You have to open the app you want to check and share its InAppBrowser.com URL. For instance, you can directly message its link to your friend or post a comment. Tapping the link, you can get a report on the scripts running on the app background from the website.

TikTok & Instagram


Tool’s developer, Felix Krause, offers a few FAQs explaining unfamiliar tech jargon, helping us know exactly what we are seeing. He describes the best ways to protect your privacy by saying, “Whenever you open a link from any app, see if the app offers a way to open the currently shown website in your default browser. During this analysis, every app besides TikTok offered a way to do this.”

The security researcher and former Google employee Krause revealed a detailed report earlier this month on how in-app browsers like Facebook, Instagram, and TikTok, pose privacy risks for iOS users.

TikTok & FB & insta


In-app browsers that appear on a URL tap within the app are based on Safari’s WebKit on iOS. Developers can use them to run their personal JavaScript code, providing them access to track your activity. This would be done without your approval or consent from the third-party websites you visit.

The JavaScript code on the websites added by apps lets them monitor user interactions with the app. The information shows the button or link you tap, keyboard feeds, screenshots taken, etc., depending on the app and data collected.

Meta responded to Krause’s report, justifying their user tracking policies, that apps like Facebook and Instagram already have their users; consent for tracking their data. Also, Meta explains that it collects user data for target advertisements or unspecified “measurement purposes.”

FB & insta


As told by a Meta spokesperson, “We intentionally developed this code to honor people’s choices on our platforms. The code allows us to aggregate user data before using it for targeted advertising or measurement purposes.” Further, “For purchases made through the in-app browser, we seek user consent to save payment information for the purposes of autofill.”

Krause stated, “InAppBrowser.com is designed for everybody to verify for themselves what apps are doing inside their in-app browsers. I have decided to open source the code used for this analysis, you can check it out on GitHub. This allows the community to update and improve this script over time.”

Prelo Con

By Prelo Con

Following my passion by reviewing latest tech. Just love it.

Leave a Reply

Related news