In-App Browsers Aren’t Secure
When you browse the internet on your computer, the large display gives you flexibility in ways you might not think about. Case in point: When you click a link on your computer, your main internet browser opens it in a new window or tab every time. Smartphones are a different story. It’s not that they aren’t capable machines (in some
When you browse the internet on your computer, the large display gives you flexibility in ways you might not think about. Case in point: When you click a link on your computer, your main internet browser opens it in a new window or tab every time.
Smartphones are a different story. It’s not that they aren’t capable machines (in some cases, your smartphone might be faster than your PC), the smaller screen real estate doesn’t offer the same multitasking potential. While split-screen exists on larger Android devices, most of us use one, full-screen app at a time. That means, when we click on a link in an app, we need to leave the app entirely if we want it to open in our preferred browser app.
Leaving the app isn’t ideal: For one, if your phone doesn’t have a lot of RAM, you run the risk of losing your place in the app if the OS needs to purge it from memory. It’s frustrating to return to the app in question, only to need to scroll endlessly looking for where you left off. If the app you’re leaving has a status, like Slack, you’ll appear idle or away if you’re gone too long, even though you’re looking at a link from the app itself.
In-app browsers appear to solve this issue: When you tap a link, the in-app browser appears in an overlay over the app. You can check out the link as you would in your main browser app, but you never have to leave the app the link came from: When you’re done with the link, you simply close out of the in-app browser, and return to what you were doing in the original app. Seamless, right?
Not so fast. In-app browsers might be convenient, but they aren’t secure. When you typically open a link on your iPhone, for example, it opens in Safari, where Apple has a series of protections in place to prevent tracking as much as possible. However, when the link is opened in an in-app browser, that link is generated by the app developer, not Safari. As such, apps like Facebook and TikTok are able to access a lot of data: They use something called JavaScript injection to monitor everything you do on a site, including all taps, ad-clicks, screenshots, even password inputs. A security researcher even claims TikTok monitors your keystrokes when using in-app browser, something the social media platform vehemently denies.
The safer bet is to use your smartphone’s built-in browser for viewing links, even if that means leaving an app to do so. Dive into the settings for yours app to see if they give you the option to use your default browser, rather than their in-app browser option. If an app doesn’t offer this as a setting, and forces you to use an in-app browser, it might not be worth your security to use it.
Share This