Facebook And Instagram Track Users Even In App Browsers
Facebook and Instagram use built-in app browsers to track users, according to Engadget. Applications use their own built-in browsers to open links from social networks.
Cybersecurity researcher Felix Krause found that built-in app browsers inject JavaScript code into every site they visit, allowing Meta to track user activity on them. These are pressed buttons and links, addresses and card numbers, passwords.
When attempting to follow external links from the Facebook and Instagram applications, the respective web pages are opened in the application’s built-in browser, which is controlled by Meta, and not in the one chosen by the user. A code is added to each page opened through the built-in browser without the user’s knowledge to help track all his actions: clicking buttons and links, highlighting text, creating screenshots, as well as data that is entered into forms, including passwords, addresses and bank card numbers.
Mr. Krause identified the problem when he developed a tool that tracks any changes to the site’s code made by the browser.
The company itself did not deny such a modification of web pages, but noted that users can refuse to track their actions, and the information collected is used to work with targeted advertising: collecting data before it is displayed or analyzing behavioral factors after transitions to evaluate conversion.