Support for Old GPRS-Era Encryption Standard Creates Security Issues on Modern Smartphones
Published on June 17, 2021
Tinder swipes are now safe again from hackers and third-party apps that were capable of intercepting images and identifying matches for users. Security researchers at Checkmarx revealed earlier this year that the lack of encryption in Tinder could allow hackers to steal personal data from users. The dating app announced on Friday that the company would be employing encryption to protect users from hackers or unauthorized apps.
Senator Ron Wyden requested Tinder to look into Checkmarx’ findings on February 14 and to implement features that would prevent third-party apps or hackers from exploiting Tinder data. The research company had reported that user swipes on the app transmitted the same amount of data depending on which direction users swiped in. It allowed third-party apps to link with the app and identify matches and rejects by exploiting the app’s code. A left swipe on tinder represented a match and required 278 bytes while a swipe to the right indicated a ‘like’ and took up 374 bytes. When matches got triggered, the app would transmit 581 bytes of data allowing third-party apps like TinderDrift to gather data on matches real time.
The dating app has now padded the swipe data, and all images are also encrypted to keep prying eyes away. The new web encryption service makes use of HTTPS to protect information transmitted to and from Tinder’s servers. With most popular social platforms already embracing encryption, it is a surprise that the popular dating app took so long to implement encryption for its mobile apps despite the website being encrypted since February 2018.
What do you think of the new encryption features for Tinder users? Let us know in the comments below. Also, to get instant tech updates, Follow TechNadu’s Facebook page, and Twitter handle.