TikTok lagging behind rivals like Facebook in security

A new study shows TikTok trailing behind rival platforms in terms of security while Facebook and YouTube lead the way.

Researchers ranked the five biggest social media platforms, namely, Facebook, Twitter (now X), Instagram, TikTok, and YouTube across six key security parameters.

TikTok, the Chinese-owned short-video network, trailed others in most aspects, scoring an underwhelming 2.5 on an overall scale from 0 to 5, where 0 means no security controls and 5 means full security controls.

In comparison, Meta’s Facebook scored 3.74, and Google-owned YouTube came in second at 3.15. Twitter, now owned by Elon Musk, scored 2.95, while Instagram, another platform from Meta’s portfolio, was just behind with 2.78.

The study was published by Cerby, a cybersecurity firm that says political leaders and businesses should only use platforms that scored at least 2.6 – leaving TikTok as the only outlier – or face increased security risks, especially during elections.

"Our report underscores a marginal security improvement across platforms, yet the lack of enterprise-grade authentication and authorization remains alarming. These are not just technical gaps but potential conduits for account takeovers and misinformation campaigns,” said Cerby Chief Trust Officer Matt Chiodi.

“As voters head to the polls today, the urgency for a collaborative effort among political leaders, enterprises, and social media platforms to fortify the security infrastructure has never been clearer,” Chiodi said.

The study assessed the social networks based on factors including 2FA methods, enterprise-grade authentication and authorization, and role-based access control. Privacy, enterprise-ready security, and account usage profiling were the three other categories.

Twitter was found to have significantly improved its 2FA by supporting the phishing-resistant FIDO2 standard, bringing it on par with Facebook and YouTube in the category, where all three scored a perfect 5.

The enterprise-grade authentication and authorizations saw no improvement from last year, highlighting a “glaring” security gap, the report said.

According to researchers, the average score across all platforms slightly improved from 2.54 in 2022 to 3.02 this year, marking an 18.9% enhancement. An average increase of 25% in privacy controls is particularly notable and was primarily driven by improvements that Facebook made in the area.