TikTok, like many other similar platforms, has a kind of internal browser that allows direct access to those websites that the creators link in their videos or in their profile. It is an option whose main objective is, a priori, to improve the browsing experience and retain Internet users within the app; Otherwise, the web behind that link would open in an external browser. But it seems that the app developed by ByteDance takes advantage of this feature for more than just maximizing the experience. According to an investigationTikTok inserts code into your browser that allows virtually any user movement to be tracked.
Felix Krause, a researcher, assures that TikTok is capable of collecting practically any movement that the user makes on that open web from the app’s internal browser. To do this, they insert modified Javascript code that allows them to even know which sections of the website the user clicks on. “While you interact with the website, TikTok subscribes to all keyboard input (including passwords, credit card info, etc.) and every touch on the screen, like which buttons and links you click,” he says.
Krause cannot guarantee that TikTok uses all of this data collected through its internal browser, and through the insertion of Javascript code, for malicious purposes. It also ensures that other platforms such as Facebook or Instagram, which also use internal browsers to display links, also track user content.
TikTok ensures that the trail is not used for malicious purposes
A TikTok spokesperson has acknowledged Forbes that the platform inserts Javascript code in those websites opened through its internal browser. Ensure, however, that it is only used to improve the user experience. “Like other platforms, we use a browser within the app to provide an optimal user experience, but the Javascript in question is used only for debugging, troubleshooting, and performance monitoring of that experience, such as checking the speed with which a page loads or if it crashes”, mentions the company to the aforementioned medium.
In any case, there is a way to prevent TikTok — as well as other platforms — from tracking users by inserting Javascript code. Is about open the link via an external browser. For example, Safari, Chrome, or the default on the device the user is using. Felix Krause ensures that all those apps that have internal browsers allow the link to be opened in an external app.