The iPhone users testing out the beta version iOS 14 OS found that TikTok is recording what they are typing on their phones clip board, which could range from non-sensitive information to passwords or even sensitive emails.
The Chinese-origin TikTok is not the only app that could be exploiting this vulnerability, but it is the most high-profile of all apps caught spying on users in this way. The article adds that TikTok had said it would stop the “invasive practice” in April, but is still continuing to do so.
The iOS OS is designed such that any app is able to record all text and images that were copy-pasted via the clipboard function. There would be no warning or notice to the user that a particular app is recording information the user was copying via the clipboard function.
Since the clipboard function is also used by Apple users to copy-paste information a third party app like TikTok if active on an iPhone, it can “read anything and everything you copy on another device: Passwords, work documents, sensitive emails, financial information”.
The Tik Tok spying function came to light as the Apples new Beta version of IOS 14 sets an alert to the user whenever an app copies what the user has pasted on the clipboard.