Popular dating app Tinder is going through some security issues and what you share may not just stay with you anymore. Hackers who have managed to breach through the security will allow them to see through your past activities. So your swipes may not be private as you thought. Security researchers of the firm Checkmarx have said the lack of encryption protocol on the popular site is responsible for this bug.
Tinder uses the HTTPS for most of the aspects but profile photos still use the HTTP protocol which is not as secure. Photos are a major part of Tinder application so lack of security around them is little shocking. The connection used by Tinder to request and display photos is not encrypted which an attacker from the same network can trace. An attacker can also get information which includes your Tinder activities- your swipes and profile matches.
In technical terms, such attacks are also called the man-in-the-middle attack. In this case, a hacker becomes the middleman between an individual and the one he is communicating. So a hacker can even meddle with the activities since he is in the middle of the activity. It becomes a danger since a hacker can not only access the photos but even replace them with fake ones, before the other person realizes it. The hacker can also access the user’s interaction with a certain profile. This information includes details like whether the user liked, didn’t like or super liked a profile.
For this attack, the hacker should be on the same network, which is if you are using the application on a public WiFi. The Tinder application is not attacked, but the information exchanged between the users can get manipulated. This is more of a passive attack but that is still a threat to the potential users. The researchers have asked the application company to update their encryption protocols so that the application is more secure to use.