TikTok Deep Dive: The Numbers Speak for Themselves

Our VP of Program and Product Management, Chris Gogoel takes a deep dive into the app TikTok and shares his analysis of the security and permission features of the app those like it.

We’ve gotten a lot of questions about TikTok over the last few years and decided it was time to put geopolitical questions aside and take a deep dive into the app by using our Q-MAST analysis tool. We’ll be answering questions like: What is the app doing that I cannot see? What are the security risks? How does it compare to its peers?

We leveraged our Q-Scout platform that analyzes mobile apps and began a series of tests and analysis. In this post we are sharing a summary of our findings and stay tuned more in this series where we dive into the data, our methodology, and the larger question, what else is out there?

metrics of TikTok

Permissions Analysis

  • TikTok asks for 2x more data from you than your average social media app
  • Apps made by TikTok’s creator Bytedance perform consistently above average in hoovering up your information
  • TikTok is only #3 in the most invasive apps we surveyed (I wonder who the others are …)

Security Analysis

  • TikTok has more security risks than your average social media app
  • Other apps developed by TikTok’s creator Bytedance should have more attention
  • TikTok is #6 on our list of least secure apps
  • The two apps at the top are a bit worrying though and are sitting right next to TikTok at the top of the charts

Bytedance is Everywhere

TikTok has over 1 Billion downloads in the Google Play Store alone, but the code from TikTok’s creator Bytedance is spread much wider. When surveying our database of apps in the market we found their code in just about every category of app in the market. About 40% of those apps had over 100 Million downloads each. How much of an impact does taking away 1 Billion users have when the Bytedance footprint is actually much larger?

Want to continue the discussion right now? Meet up with us in person at RSA to talk about these results, how we performed the analysis, and more topics around Mobile Security.

Make sure to sign up for our newsletter where we will share with you our upcoming webinars and the next blog in our series as we dive into the data and methodology of this analysis.

Mobile security that makes you smile.

Sign up for our newsletter, The Quokka Intel Briefing

Copyright © 2024, Quokka. All rights reserved.