The Tinder App is Missing This Important Security Measure
As per a security firm, the Tinder app is lacking a basic security measure. In the absence of this measure, one can see your potential match and also find out whether you swipe left or right.
Checkmarx is the name of the security firm that found this flaw. The researchers at the firm say that the issue arises from Tinder’s decision to avoid the use of HTTPS to encrypt the photos on its app (both iOS and Android).
HTTPS is quite an imperative security protocol used by billions of apps and websites. On utilizing it, the apps and websites ensure that the communication between the browser of the user and the web server is encrypted. Further, this encryption protects the information from hackers or those who set their prying eyes on your digital presence.
Now, as the photos are not encrypted, it’s possible for hackers or, in fact, anyone on the same Wi-Fi network to monitor the behaviour of a user on Tinder. Apart from mere monitoring, one can even add images or other content into the feed of the app.
The researchers added that though there is no breach of the password, it is quite risky to use the app using the Wi-Fi of restaurants, cafes or work. On knowing the user behaviour, one can use the same to blackmail someone. The researchers also showed that it’s quite easy for a hacker to see the user activity on the Tinder app. To further strengthen their stand, they created an app called ‘Tinder Drift’ and demonstrated a potential spying scenario.
Tinder says that the desktop and mobile web version of the app do not have the encryption issue and they are working to fix the same for their app.