Tinder’s parent company Match Group publicly announced today, in a letter to Sen. Ron Wyden (D-OR), that it is now encrypting photos sent between Tinder’s servers and its app. The changes were implemented in February, following the public disclosure of an attack that could have let hackers view people’s profile pictures and swipe actions.
Wyden wrote a letter to Tinder back in February requesting that the company encrypt photos. It had apparently already done so (the letter says they implemented the feature on February 4th), but it waited to write back to Wyden until it also adjusted a separate security feature that makes all swipe data the same size. The size of the swipe data was used by security researchers to differentiate actions from one another. That change wasn’t implemented until June 19th.
What does this mean for you, the user? Nothing really other than you can rest easy knowing that hackers shouldn’t be able to view your encrypted profile photos. I can’t imagine these photos were super sensitive, anyway, but maybe your topless pic is for Tinder users’ eyes only.