TikTok browser can track users' keystrokes: Report
Aug 21, 2022
Washington [US], August 21 : Amid concerns over data privacy, latest research has revealed that the web browser used within China's TikTok app can track every keystroke made by its users.
The research was done by Felix Krause, a privacy researcher and former Google engineer, The New York Times reported.
According to the researchers, collecting information on what people type on their phones while visiting outside websites, which can reveal credit card numbers and passwords, is often a feature of malware and other hacking tools.
While major technology companies might use such trackers as they test new software, it is not common for them to release a major commercial app with the feature, whether or not it is enabled, researchers said as quoted by The NYT.
"Based on Krause's findings, the way TikTok's custom in-app browser monitors keystrokes is problematic, as the user might enter their sensitive data such as login credentials on external websites," said Jane Manchun Wong, an independent software engineer and security researcher who studies apps for new features.
However, TikTok in the statement said that said that Krause's report was "incorrect and misleading" and that the feature was used for "debugging, troubleshooting and performance monitoring."
"Contrary to the report's claims, we do not collect keystroke or text inputs through this code," TikTok said.
Krause, 28, said he was unable to ascertain whether keystrokes were actively being tracked, and whether that data was being sent to TikTok.
Notably, according to public employee LinkedIn profiles reviewed by Forbes, three hundred current employees at TikTok and its parent company ByteDance previously worked for Chinese state media publications.
Twenty-three of these profiles appear to have been created by current ByteDance directors, who manage departments overseeing content partnerships, public affairs, corporate social responsibility and "media cooperation."
Fifteen indicate that current ByteDance employees are also concurrently employed by Chinese state media entities, including Xinhua News Agency, China Radio International and China Central / China Global Television. (These organizations were among those designated by the State Department as "foreign government functionaries" in 2020.)
Meanwhile, leaders of the US Senate Intelligence Committee have called for an investigation into whether Chinese officials were getting access to data about American users of the short-video platform TikTok.
In a letter to Federal Trade Commission (FTC) chairwoman Lina Khan, Democrat Senator Mark Warner and Republican Senator Marco Rubio had urged her to scrutinize how well TikTok safeguards private data.
TikTok, which is highly popular for its short and viral meme-making videos, has been working to rebut concerns that it is a national security risk.