Beware, travel apps are hungry for your data - here's how to protect your privacy

Woman lying in hammock on tropical beach and working on laptop and speaking on phone
(Image credit: Getty Images)

As you're getting ready to hit the beach or travel to the Paris Olympics, beware: travel applications are among the most data-hungry and privacy-unfriendly apps.

Cybersecurity experts at NordVPN, one of the best VPN providers on the market, have found the likes of Booking, Airbnb, and FlightRadar24 request some of the most unnecessary permissions to access your device functions. Put simply, they want to access your data even when it's unrelated to fulfilling their performance, including some of the most sensitive information like your biometrics details.

All this is bad for your privacy, especially when considering the ever-growing threat of data breaches involving big companies. Booking.com, for instance, was the target of a major phishing campaign last year. While it may be unimaginable to plan your holiday without one of these apps, there are still some actions you can take to protect your privacy when using them.

Travel apps: "Over 28% of permissions are excessive"

"Travel apps are among the most eager to request access to devices' functions that are not needed for their performance. Collected data could be used against the user's interests and lead to privacy issues that are way more serious than targeted ads," said Adrianus Warmenhoven, cybersecurity advisor at NordVPN.

According to researchers, every travel app asks for an average of 23 device permissions, including access to your travel location, photos, or videos. More than six of these permissions are unnecessary, though, as the application doesn't need such details for its functionality.

The travel category was also found to be particularly eager to access your biometrics details. This is a highly sensitive piece of information as it deals with system-critical processes - think of device unblocking, multi-factor authentication, or online payments. On average, travel apps request nine special, dangerous, and biometric permissions.

Besides travel apps, social networking, health and lifestyle, and navigation applications are some of the most unfriendly apps for data access and unnecessary permission requests. You can read the full findings of NordVPN's research here.   

How to stay safe when using travel apps

Let's face it, in today's digitalized world it would be foolish to think that we can avoid using some travel apps when we plan or go on holiday. Yet, we can still do so while protecting our privacy.

Did you know?

A virtual private network (VPN) is also a very handy tool when traveling. Besides protecting your data and devices when connecting to unsecured public Wi-Fi, a travel VPN also allows you to keep streaming all your favorite shows while traveling abroad.

As a rule of thumb, Warmenhoven recommends downloading travel apps (and any other application, for that matter) only from official stores or websites. This is because, he explains, unofficial app stores won't always have systems to check whether an app is safe before it's published and available to download. Criminals are also infamous for using insecure applications to spread malware attacks.

According to Warmenhoven, you should also take some time to familiarise yourself with the app's privacy policy before downloading it. He especially recommends checking what information the provider will record about you and share with third parties.

As we have seen, reviewing your app's data permissions is also crucial. "Users should always consider whether the app needs certain data to do its job before tapping 'Accept,' even if the app is developed by a well-known and trustworthy traveling service provider," said Warmenhoven, suggesting particular attention to permissions like camera, microphone, storage, location, and contact list.

You should avoid automatically signing in with social network accounts, too. If you do so, the app will be able to collect information from the account and vice versa.

Lastly, remember to delete apps you don't use. Why risk your privacy for an application you're not even using?

TOPICS
Chiara Castro
Senior Staff Writer

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up. She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to chiara.castro@futurenet.com