This week, Tinder responded to a letter from Senator Ron Wyden of Oregon calling for the company to close security holes in its app that could lead to extortion and other privacy breaches.
Wyden, Match Group's General Counsel Jared Sine describes recent changes to the app. As of June 19, the swipe data has been padded so that all actions are the same size. Sine added that the images in the mobile app are fully encrypted as of February 6, while images on the web version of Tinder were already encrypted.
The Tinder issues were first reported in a report from a research team at Checkmarx describing the app's "intrusive vulnerabilities" and blackmail predicament: 1
"While not theft of rights and no direct financial impact is involved in this process. An attacker who targets a vulnerable user can blackmail the victim, revealing highly private information from the user's Tinder profile and actions in the app. "
In February, Wyden asked Tinder to speak The security hole is that all the data that travels between the servers and the app is encrypted and data is padded to hide it from hackers." In a statement Tinder has told TechCrunch that he has heard Senator Wyden's concerns and has recently implemented profile photo encryption to deepen his privacy practices.
"Like any technology company, we are constantly working to defend ourselves against malicious hackers and cybercriminals "Our goal is to have protocols and systems that not only meet industry best practices, but exceed them."