A security researcher has leveled some serious accusations against Meta (formerly known as Facebook), Instagram, and TikTok, claiming that these platforms’ iPhone applications might be able to monitor anything users input in their in-app browsers.
The New York Post cited the researcher as saying that all of these applications claim not to violate a user’s privacy or track sensitive user data like credit card numbers, passwords and addresses entered through in-app browsers, but they are capable of doing so. The researcher is an ex-Google engineer by the name of Felix Krause.
The researcher produced a report on these applications last week in which they claimed that all of the third-party links on them posed hazards to the user.
In contrast to being sent to the user’s favorite web browser, such as Safari or Firefox, Mr. Krause claims that users who click on links in the two apps are instead directed to webpages in an “in-app browser” reportedly controlled by Facebook or Instagram.
He went on to explain that when users of Instagram click on links to products sent to them via direct messaging on their iPhones, the URLs open in the in-app browser.
If the users choose to purchase the goods, they must input their credit card information, delivery address, and other details, all of which, according to Mr. Krause, can be tracked by Instagram.
According to reports, if they purchased a product after seeing an Instagram commercial, the same thing would also allegedly take place.
The assertions made by the researcher coincide with worries expressed by a number of regulatory bodies regarding the privacy and security of TikTok, which is controlled by China.