The DeepSeek iOS app is facing new scrutiny after a mobile security review said it transmits some sensitive data without encryption and routes information through infrastructure tied to ByteDance, the Chinese company that owns TikTok.
The issue matters because DeepSeek moved quickly from relative obscurity to major visibility. A little over two weeks before the report, the China-based company released an open source AI chatbot with simulated reasoning capabilities described as largely on par with those from OpenAI. Within days, its iPhone app reached the top of the App Store’s Free Apps category, ahead of ChatGPT.
What NowSecure says it found
NowSecure reported that the DeepSeek iOS app sends sensitive data over channels that are not encrypted. That means the information could be readable to someone able to observe the network traffic. The source also says more advanced attackers could alter the data while it is moving between the app and its destination.
Apple encourages iPhone and iPad developers to use App Transport Security, or ATS, to help prevent apps from sending data over insecure HTTP channels. According to NowSecure, that protection is globally disabled in the DeepSeek app. The source does not say why DeepSeek configured the app that way.
The unencrypted data transmission described in the source happens during initial app registration. The data sent entirely in the clear includes:
- organization id
- the version of the software development kit used to create the app
- user OS version
- language selected in the configuration
Andrew Hoog, NowSecure co-founder, told Ars that the app is “not equipped or willing to provide basic security protections of your data and identity.” He also said the audit was not complete, leaving questions unanswered, but that the known findings were concerning enough for NowSecure to disclose them without delay.
Why ByteDance infrastructure raises the stakes
The report says some data is sent to DeepSeek over infrastructure provided by Volcengine, a cloud platform developed by ByteDance. Some of the information is encrypted with transport layer security, but the source explains that once decrypted on ByteDance-controlled servers, it could be cross-referenced with user data collected elsewhere.
The article also notes that the IP address contacted by the app geo-locates to the US and is owned by US-based telecom Level 3 Communications. At the same time, DeepSeek’s privacy policy says the company “store[s] the data we collect in secure servers located in the People’s Republic of China.”
That privacy policy also says DeepSeek may access, preserve, and share information with law enforcement agencies, public authorities, copyright holders, or other third parties when it has a good faith belief that doing so is necessary to “comply with applicable law, legal process or government requests, as consistent with internationally recognised standards.”
NowSecure recommended that organizations remove the DeepSeek iOS mobile app from managed and BYOD environments. Its listed reasons included privacy issues from insecure data transmission, vulnerability issues from hardcoded keys, data sharing with third parties such as ByteDance, and data analysis and storage in China. Hoog also said the Android app is even less secure than the iOS version and should be removed too.
The encryption concerns go beyond transport
NowSecure’s audit also found that the app uses 3DES, also known as triple DES. The source says NIST deprecated the symmetric encryption scheme after research in 2016 showed it could be broken in practical attacks to decrypt web and VPN traffic.
The bigger concern described in the article is not just the use of 3DES. It is that the symmetric keys are hardcoded into the app, identical for every iOS user, and stored on the device. NowSecure said it still did not know the exact purpose of the app’s 3DES encryption functions, but the hardcoded key pattern is presented as a major security failure.
Thomas Reed, staff product manager for Mac endpoint detection and response at Huntress and an expert in iOS security, said he found the findings concerning. He wrote that “ATS being disabled is generally a bad idea,” because it lets an app use insecure protocols such as HTTP. He added that there is “no good reason for this in this day and age.”
HD Moore, founder and CEO of runZero, framed the issue differently. He said he was less focused on ByteDance or other Chinese companies having access to data, but called the unencrypted HTTP endpoints “inexcusable.” In his view, those endpoints expose information to anyone in the network path, not only to the vendor and its partners.
A fast rise followed by wider scrutiny
The DeepSeek iOS app findings arrive alongside other reported safety and privacy concerns. The source points first to the company’s privacy policy, including its statements about data storage and possible information sharing.
Another concern came from researchers at Cisco and the University of Pennsylvania. Their report found that DeepSeek R1, the simulated reasoning model, had a 100 percent attack failure rate against 50 malicious prompts designed to generate toxic content.
Security firm Wiz also reported finding a publicly accessible, fully controllable database belonging to DeepSeek. According to Wiz, it contained more than 1 million instances of “chat history, backend data, and sensitive information, including log streams, API secrets, and operational details.” The source says an open web interface allowed full database control and privilege escalation, with internal API endpoints and keys available through the interface and common URL parameters.
The political response is also escalating. On Thursday, US lawmakers began pushing to ban DeepSeek from all government devices, citing national security concerns that the Chinese Communist Party may have built a backdoor into the service to access Americans’ sensitive private data. If passed, DeepSeek could be banned within 60 days.
Representatives for DeepSeek and Apple did not respond to an email seeking comment. Until the unanswered technical questions are resolved, the central issue remains simple: an AI app that quickly became popular is being examined not only for what it can do, but for how it handles user and device data.