Published on : Feb 15, 2018
Ron Wyden, Oregon Senator, seems to be nervous about Tinder. This Valentine’s Day, he may not be swiping on the social search mobile app. However, with a new letter sent to parent company Match Group, LLC CEO Gregory Blatt, it might interest him again. In the letter, the Senator has asked the online dating app to immediately secure itself to provide protection for its customers’ private data by resolving some security issues.
A security report deeming disturbing vulnerabilities in the app had surfaced in January. Citing the research, the letter demands a security loophole to be fixed. With an attack over unsecured Wi-Fi, the Tinder experience of a user could be almost entirely viewed by would-be attackers.
Attackers could Take Control over Profile Images and Use them for Malicious Content
Wyden writes that Tinder could easily improve the privacy of its users through encryption of all data transmitted between the app and its servers. He also adds that the app could thwart snooping by padding sensitive information.
Checkmarx, a security firm, has prepared a report that describes two major vulnerabilities of Tinder. It explains that an attacker could monitor every move of a user on the app because of the vulnerabilities found in iOS and Android versions, provided both of them are using the same network. The attacker could also control profile pictures seen by the user and swap them for malicious and inappropriate content such as rogue advertising.
According to the report, while stolen credentials could be unlikely, the vulnerability could be a recipe for blackmail. The Senator ends the letter asking Tinder to right swipe on user privacy and security.