In-App Browsers From TikTok & Instagram Can Track Your Personal Information

August 19, 2022 By Prelo Con

(Image Credit Google)

An in-app browser on iOS can track the user when loaded. A new tool shows how TikTok and Meta’s apps like Instagram can potentially use JavaScript to view its users’ sensitive data, like passwords, addresses, credit card information, etc., without his/her consent. InAppBrowser.com includes this tool. You have to open the app you want to check and share its InAppBrowser.com URL. For instance, you can directly message its link to your friend or post a comment. Tapping the link, you can get a report on the scripts running on the app background from the website. TikTok & Instagram

Tool’s developer, Felix Krause, offers a few FAQs explaining unfamiliar tech jargon, helping us know exactly what we are seeing. He describes the best ways to protect your privacy by saying, “Whenever you open a link from any app, see if the app offers a way to open the currently shown website in your default browser. During this analysis, every app besides TikTok offered a way to do this.” The security researcher and former Google employee Krause revealed a detailed report earlier this month on how in-app browsers like Facebook, Instagram, and TikTok, pose privacy risks for iOS users. TikTok & FB & insta

In-app browsers that appear on a URL tap within the app are based on Safari’s WebKit on iOS. Developers can use them to run their personal JavaScript code, providing them access to track your activity. This would be done without your approval or consent from the third-party websites you visit. The JavaScript code on the websites added by apps lets them monitor user interactions with the app. The information shows the button or link you tap, keyboard feeds, screenshots taken, etc., depending on the app and data collected. Meta responded to Krause’s report, justifying their user tracking policies, that apps like Facebook and Instagram already have their users; consent for tracking their data. Also, Meta explains that it collects user data for target advertisements or unspecified “measurement purposes.” FB & insta

As told by a Meta spokesperson, “We intentionally developed this code to honor people’s choices on our platforms. The code allows us to aggregate user data before using it for targeted advertising or measurement purposes.” Further, “For purchases made through the in-app browser, we seek user consent to save payment information for the purposes of autofill.” Krause stated, “InAppBrowser.com is designed for everybody to verify for themselves what apps are doing inside their in-app browsers. I have decided to open source the code used for this analysis, you can check it out on GitHub. This allows the community to update and improve this script over time.”

By Prelo Con

Following my passion by reviewing latest tech. Just love it.

In-App Browsers From TikTok & Instagram Can Track Your Personal Information

Walmart's GenAI Search Engine: Challenging Google's Dominance in Retail Search

Introducing the MSI Claw Handheld: Your Ultimate Gaming Companion

Uber Increases In-App Ads, Prompting Mixed Reactions from Customers

Apple's iOS 18: A Leap into the AI Era

Google's Regular Pixel 8 Won't Get Gemini Nano AI

MacBook Air M3 Makes Amends for M2's Storage Blunder

Samsung Unveils the Galaxy M15 5G

Elon Musk's xAI to Open-Source Chatbot Grok

Contra: Operation Galuga - A Modern Run-and-Gun Classic

Musk Confirms X's TV App Arrives This Week

Walmart's GenAI Search Engine: Challenging Google's Dominance in Retail Search

Uber Increases In-App Ads, Prompting Mixed Reactions from Customers

Apple's iOS 18: A Leap into the AI Era

Google's Regular Pixel 8 Won't Get Gemini Nano AI

Elon Musk's xAI to Open-Source Chatbot Grok

Instagram Surpasses TikTok in App Downloads