Vulnerable travel mobile apps: The holiday season is fast approaching, and with it comes the busiest travel season in years. But travelers should be aware that many popular apps designed to help them manage their travel plans are failing basic privacy and security standards.
The number of travel app installations increased by more than 35% in the first half of 2021, indicating that this could be the busiest travel season since 2019.
Most of the applications we use to manage and enjoy travel fail certain fundamental privacy and security criteria, according to a study by mobile application security firm NowSecure of 118 popular travel apps and 48 prominent airline apps.
Critical flaws in some of the world’s most popular travel apps expose passwords in plaintext or personal data like passport numbers.
The company also found flaws in some of the world’s most popular travel apps, including Expedia’s Trips app which exposes itineraries containing sensitive information.
NowSecure has released its findings in a report called “Hacking Exposed: Vulnerable Mobile Apps Can Spoil Holiday Plans”. The analysis includes mobile apps available on the Apple App Store and Google Play store as of Nov.
It further includes popular mobile apps for hotels, car rentals, ground transportation, and other bookings. Mobile airlines applications are included separately.
The report includes a list of the most popular mobile travel apps that have been found to be vulnerable, along with a corresponding risk score for each app. Vulnerable travel mobile apps, It further includes an assessment of whether or not these vulnerabilities impact highly sensitive information such as credit card data and passport numbers.
According to the report, travel apps are especially vulnerable because their developers often lack security expertise and resources.
NowSecure warns that vulnerabilities in popular mobile travel apps can put travelers at risk of fraud or identity theft when using their credit cards while abroad or booking flights.
They suggested that to keep themselves safe, travelers should not share passwords in public and avoid using insecure networks when traveling abroad.