How Secure is Your Favorite App? TikTok Facing Security Review

It's one thing to sing and dance on the Internet. It's another to give up personal information.

How Secure is Your Favorite App? TikTok Facing Security Review

Grace Sailer, Writer

The uber-popular social media app TikTok is currently under national security review after information was published on January 8th, 2020 about some major holes in the app’s security features. Tik Tok is one of the world’s most downloaded apps with over 1 billion users, most of them being teens, children, and young adults. The app for short 3 to 60-second, meme, dance, and music videos was found to have multiple vulnerabilities that would “have allowed hackers to manipulate user data and reveal personal information” according to an article from the New York Times

These security holes were uncovered by Israeli company Check Point, a cybersecurity company that assists in scanning apps for errors that may leave their users at risk for hacking and viruses. Their research concluded that hackers of the app would be able to, “Get a hold of TikTok accounts and manipulate their content, delete videos, upload unauthorized videos, make private ‘hidden’ videos public, reveal personal information saved on the account such as private email addresses.” 

Legally, Check Point was obligated to notify TikTok (and their parent company ByteDance) of the issues before publicizing their findings. TikTok claims to have “learned about the conclusions of Check Point’s research on Nov. 20 and said it had fixed all of the vulnerabilities by Dec. 15.” According to a statement from Luke Deshotels, a member of TikTok’s security team, “Before public disclosure, CheckPoint agreed that all reported issues were patched in the latest version of our app, We hope that this successful resolution will encourage future collaboration with security researchers.”

The concerns raised by Check Point’s research isn’t the only reason the American population may have concerns with the app’s security. Today’s version of TikTok was born when Beijing-based company ByteDance acquired the American company, which had over 60 million users at the time of the acquisition. ByteDance then merged with their own similar app, TikTok, and now the app has over 750 million downloads from the past 12 months alone. 

The American government, which has been battling over cyber dominance with China for the past decade, raised concerns over whether or not the Chinese-owned company has been sending and storing user data on servers regulated by the Chinese government, which poses a national security risk. 

Contrary to these beliefs, however, a spokesman for ByteDance said that the company has hired “a consulting firm in Colorado called Special Counsel to analyze TikTok’s app to understand where it sent user data.” According to Douglas Brush, head of the analysis by Special Counsel, “Data about TikTok users, including their videos, names, dates of birth and other information, was stored exclusively on computer servers in Virginia and Singapore … in the analysis from July to October, which included interviews with TikTok employees and a review of the app’s underlying computer code, his team found no way TikTok could send data to China during those months.”. 

Several branches of the U.S. military have banned officials from downloading the app on government-owned devices, including the Navy and the Army. According to the New York Times, “China blocks many foreign companies from openly existing online in the country, but Chinese companies that have developed cutting-edge technologies are growing more popular around the world. Many lawmakers and Trump administration officials see the trend as a threat to American national security and the economy, and they have set up numerous barriers to stop Chinese firms from acquiring American data and technology.” These barriers include putting major tech companies like Huawei on a “blacklist” which prevents their purchasing of American products, in order to protect national security and in light of certain human rights concerns. 

More of the government’s concerns were drawn from rumors that the Chinese government was ordering the company to censor posts about the Hong Kong protests, however, an ex-moderator for the app denied these claims, saying that they were told to moderate all political posts as an attempt to keep the app more fun, and to uphold their title as “the last sunny corner on the internet”. According to the anonymous moderator, “the policy was to allow such political posts to remain on users’ profile pages but to prevent them from being shared more widely in TikTok’s main video feed. … while moderators were told to censor racy videos, such as those featuring scantily clad women, in Muslim countries, he never received specific instructions to censor content related to China.”

Overall, TikTok is aggressively working to modify its policies in order to make the app safer for current and future users, especially its younger audiences. According to the November 1st, 2019 New York Times article , “TikTok announced last month that it was working with the law firm K&L Gates on its moderation policies, and it joined a nonprofit organization focused on children’s online safety. In February, ByteDance agreed to pay a $5.7 million fine to the Federal Trade Commission to settle accusations that illegally collected information on users under 13.”

To ensure that you don’t fall victim to any of the dangers of the World Wide Web:

  1. Make sure to regularly change your passwords, most experts recommend every three months or so.
  2. Don’t share personal information with anyone.
  3. Be sure to look out for a report any suspicious accounts or activity while browsing.