TikTok’s In‑App Browser Allegedly Tracks Every Keystroke, Unveiling Hidden Surveillance

TikTok’s In‑App Browser Allegedly Tracks Every Keystroke, Unveiling Hidden Surveillance

/ Digital / By

TikTok’s In‑App Browser: The Sneaky Keylogger

So, you’re scrolling through TikTok’s endless dance clips, and what happens next might just make you feel a bit uneasy. Security whiz Felix Krause (yes, the same guy who exposed Facebook’s and Instagram’s “ever‑watchful” browsers) has cracked TikTok’s shell again. Turns out the app is quietly whispering secrets into the web pages it loads.

What’s the Gag?

  • Custom in‑app browser on iOS – TikTok runs its own little web viewer inside the app.
  • JavaScript injection – The browser slips a snippet of code into every site you visit.
  • Full‑blown keylogger – Every keystroke, every tap goes straight to TikTok’s servers.

“Subscribes to all keyboard inputs,” Krause explained. That means whether you’re typing a username, a password, or a credit card number, the ink goes straight to TikTok. And it’s not just typing—buttons, links, you name it, everything gets monitored.

The Company’s Spin

TikTok’s spokesperson shrugged it off: it’s “just for debugging, troubleshooting, and performance monitoring.” They even say the code is part of a third‑party SDK – but, no details, no names.

So, in theory, TikTok is saying “we’re not secretly taking your data.” Whether that’s true, we’ll let you decide after reading the next section.

Save Yourself from the Digital Spy

  • Open links in Safari – iOS’s native browser keeps the content pure.
  • Be aware of TikTok’s limites – Unlike many apps, TikTok doesn’t let you choose the external browser automatically.

Bottom line: if you’re wary of strangers listening to your clicks, switch to Safari whenever possible.

Krause’s Tool: Test Your Links

Good news! Krause unearthed a handy little scanner. Here’s how to use it (no coding needed):

  1. Open the app you want to scrutinize.
  2. Send the link https://InAppBrowser.com to yourself (or a buddy).
  3. Tap the link inside the app.
  4. Let the tool do its thing and read the generated report.

If you come out with red‑flag signals, it’s time to flip that slip‑driver and ditch the in‑app browser.

All In All

It’s worth noting that all social media giants – Facebook, Instagram, and now TikTok – seem to be opting into “in‑app browsers” to keep users glued on their sites. But what these browsers do behind the curtain has everyone asking: who’s around watching us type?

Feel safe? Stay sharp. Keep your links in a dedicated browser, or run a quick test with Krause’s tool. And if TikTok can’t reassure you, maybe it’s time for a little Insta‑break.