TECH NEWS – Although Apple’s App Tracking Transparency (ATT) feature can be enabled on Apple devices, Meta has made it possible to “stick to us” regardless.

Despite Apple’s security efforts, Meta has implemented tracking even if we turn on ATT. Felix Krause has discovered that instead of using a third-party browser for third-party apps, Meta uses its custom solution, so that instead of using Apple’s Safari to load web pages within Facebook and Instagram’s app, Mark Zuckerberg’s two products use a browser based on WebKit, so that they can inject the Meta Pixel JavaScript code into each link and web page.

“The Instagram app injects their tracking code into every website shown, including when clicking on ads, enabling them to monitor all user interactions, like every button & link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses, and credit card numbers,” Krause wrote. Meta has said that it monitors everything inside its built-in browsers, but Krause’s revelation is cause for concern:

“Can Instagram/Facebook read everything I do online? No! Instagram can only read and watch your online activities when you open a link or ad from within their apps. Does Facebook steal my passwords, address and credit card numbers? No! I didn’t prove the exact data Instagram is tracking but wanted to showcase the kind of data they could get without you knowing. As shown in the past, if a company can get access to data free, without asking the user for permission, they will track it.”

In doing so, Meta openly violates Apple’s ATT: tracking can only be allowed if the user agrees. It remains to be seen how the tech company will take action against Meta’s trickery. It could turn into a huge mess.

Source: WCCFTech