Zimperium Analyzes TikTok’s Security and Privacy Risks

Share this blog

Zimperium Analyzes TikTok’s Security and Privacy Risks

Several news outlets over the last few days are talking about how TikTok, the viral short video app where millions of teens post comedy skits set to music, is under fire from U.S. lawmakers.  

CNN reports US lawmakers on both sides of the aisle warn that the app could pose a national security risk, and are calling on regulators and intelligence agencies to investigate TikTok’s ties to China.

Senators Chuck Schumer and Tom Cotton want the US intelligence community to assess the national security risks of TikTok and other Chinese-owned platforms, saying in a statement Thursday that such apps could be used to spy on US citizens or become targets of foreign influence campaigns like the Russian meddling campaign to influence the 2016 US presidential election

NBC chief White House correspondent Hallie Jackson reported for TODAY that the issue at-hand surrounds the data the Chinese-based app collects and what they may do with it.

We took a look at TikTok, which was downloaded 177 million times last quarter (just behind WhatsApp which was downloaded the most), to see what the privacy and security concerns were for both Android and iOS versions. 

We calculated the scores using Zimperium’s z3A Advanced Application Analysis engine. Zimperium z3A is the leading application reputation scanning service that continually evaluates risks posed by mobile apps. 

z3A provides deep intelligence about app behavior, including content (the app code itself), intent (the app’s behavior), and context (the domains, certificates, shared code, network communications, and other data). z3A also provides privacy and security ratings, enabling enterprises to create security policies limit or remove risky apps from managed devices. 

Of note, our customers are made aware of the security and privacy risks associated with all apps – including TikTok – that their employees download onto their mobile devices, in our enterprise grade management console, zConsole. Our customers are able to create policies for their employees on usage, based on the app’s security and privacy scores. 

Specific to TikTok, the Android version has high privacy and security risks and iOS has high privacy and medium security risks. iOS rates 98/100 for privacy and 64/100 for security. Android is 79/100 for privacy and 82/100 for security. 

Over the last few months, we’ve analyzed top banking apps and top travel apps, related to security and privacy issues. Much like TikTok, some of the results are alarming. 

Avatar photo
Author: Andy Shane