The privacy of short videos app users TikTok may be threatened. According to a security specialist, the TikTok watches users through an internal feature of the app, which allows you to view activities even on third-party websites outside the platform.
Read more: Application usage time among Brazilians exceeds 5 hours; TikTok leads
see more
How to get your CNH for free in 2023?
After hacker attacks, Microsoft releases free tools for…
The social network TikTok, one of the darlings of the moment, has an internal feature that allows you to monitor all activity of iPhone users with the app installed. Passwords and credit card details are also monitored by the platform.
According to experts, the application's internal browser is responsible for allowing the company to watch user activity, including what is typed, even when they are redirected to others websites.
For this reason, TikTok is able to gain access to sensitive user data, such as credit card numbers and passwords. This information, discovered by cybersecurity researcher Felix Krause, compromises the tech giant, Apple.
According to the researcher, Apple should be responsible for ensuring the safety of users of their devices. This is because, according to Felix, TikTok monitors any key pressed by the user, even when he clicks on a link and is redirected to another site.
Krause explains that Apple should make it mandatory to use the Safari browser to visit external websites. However, the company only recommends it. Thus, there is a loophole for TikTok to use the browser itself outside the app.
Felix, however, comments that the fact that TikTok has this system in its source code does not mean that the company uses and/or collects the stored sensitive data.
In response to the publication made by Felix Krause, TikTok denies collecting data from users of the social network. Michael Beckerman, the platform's policy executive, told CNN that TikTok does not record what users type.
A TikTok spokesperson also rejects the conclusions made by Krause, although he apparently confirmed the existence of the source code. The statement maintains that the app does not collect text input from users, nor what keys are pressed on smartphones.
