TikTok, a well-known platform for short videos, refuted allegations that its in-app browser was used to “scrape” passwords, credentials, and other sensitive information from its users.Developer Felix Krause claimed that a code in TikTok’s iOS app enabled the corporation to track “all keystrokes, including passwords, and all touches.
“The engineer learned about privacy and security issues from his prior work with Twitter and Google.The developer said on Twitter and in a blog post that clicking a link within the TikTok iPhone app launches an in-app browser.
Due to some JavaScript code incorporated into the app, including those on third party websites in TikTok itself, he said that the application “injects tracking code” that is capable of monitoring all text inputs, including “passwords, and all taps.”