A new analysis of the Instagram suggests that the social monitor user activity in the in-app browser on iOS. The expert Felix Krause reports that Instagram can analyze what you write, interactions and even inputs, such as entering bank details.
Instagram tracks your activities in the in-app browser on iPhone
Expert Felix Krause presented an analysis, which reveals how Instagram and Facebook use a proprietary browser on iOS instead of Safari, as do many other apps. The browser is however based on WebKit (like Safari) but it would contain a JavaScript called “Meta Pixel”used for all links shown.
According to Krause, these lines of code track users without explicit consent. They track “when you click on the ad, enabling them to monitor every interaction, such as every button and link touched, text selection, screenshots, and then any form of input. Such as passwords, addresses and credit card numbers ”.
Krause however explains that the monitoring does not prove that Instagram is actively copying this data. “Facebook really steals passwords, addresses and credit card numbers? No! I haven’t tried the kind of data that Instagram is tracking, but I want to show the kind of data they could get without you knowing. ”
Therefore, it is not a data theft, but it could be a violation of the policy of Apple App Tracking Transparency (ATT). Indeed, it would seem a way to circumvent the restrictions imposed by Apple, which ask for the consent of users before allowing the tracking by the apps. Something that Meta has complained about several times.
However, it should be emphasized that the findings of a single researcher is not enough to prove that Meta wanted to circumvent the policies. In the next few hours, other researchers will undoubtedly verify the situation and in all likelihood Meta (and perhaps even Apple) will release statements on the subject. We will keep you informed.
Leave a Reply
View Comments