Popular dating app Tinder seems to be having some serious security issues. Checkmarx, a security firm, has pointed that Tinder's decision to not use HTTPS, which they ideally should, is exposing the preferences of users and the functioning of the app. The app uses encrypt communications between the user's browser and sever, and thus, the information remains confidential. But unfortunately, the photos which a user uploads are not encrypted and an invasion is very much possible. If the hacker happens to be in the same Wi-Fi zone, they can also post images or content as well. This issue is present on the Android as well as iOS app and seems to be indeed dangerous.
According to a report by CNNTech, a Tinder spokesperson has said that that the company is aware of the missing encryption and that the images on the app are publicly available to anyone using Tinder. They also claimed that the desktop version already encrypts images and it is now the app which they are working towards.
A manager from Checkmarx reportedly said that the discovery had been reported to Tinder in November 2017 and that the flaw should be fixed to prevent potential spying. He added that the issue had been reported to Tinder in November 2017 and that they need to work towards it before it causes any major damage.
