The tool can be found on InAppBrowser.com. All you have to do is open the app you want to check out and share the InAppBrowser.com URL somewhere in it, such as sending the link to a friend or posting it in a comment . From there, you can tap the link and get a report from the website about the scripts running in the background.
Don’t be intimidated if you’re unfamiliar with the technical jargon, as the tool’s developer, Felix Krause, provides FAQs that explain exactly what you’re seeing. In response to questions about how best to protect yourself, Krause says, “Whenever you open a link from any app, see if the app offers a way to open the website currently displayed in your browser by During this analysis, every app besides TikTok offered a way to do this.
TikTok responded to the site in a statement, provided earlier to Motherboard and now on Twitter, saying, “The report’s findings on TikTok are incorrect and misleading. Contrary to its claims, we do not collect typing or text input through this code, which is only used for debugging, troubleshooting, and performance monitoring.
Krause is a security researcher and former Google employee who earlier this month shared a detailed report on how browsers in apps like Facebook, Instagram and TikTok can pose a privacy risk to Google users. iOS.
In response to Krause’s earlier report, Meta justified the use of these custom tracking scripts by claiming that users already consent to apps like Facebook and Instagram tracking their data. Meta also claims that the data collected is only used for targeted advertising or unspecified “measurement purposes”.
“We intentionally developed this code to honor the [Ask to track] choice on our platforms,” a spokesperson for Meta said. “The code allows us to aggregate user data before using it for targeted advertising or measurement purposes.”
They added: “For purchases made through the in-app browser, we ask for user consent to save payment information for autofill purposes.”
Krause has also made the tool open source, saying, “InAppBrowser.com is designed so that anyone can see for themselves what apps are doing in their built-in browsers. I decided to open the code used for this analysis, you can check it on GitHub. This allows the community to update and improve this script over time. You can find out more on its website.
Updated August 19, 3:34 p.m. ET: Added TikTok’s answer.