Hotel Apps Found Collecting User Data Without Proper Disclosure

  • Home
  • More Info
  • Hotel Apps Found Collecting User Data Without Proper Disclosure

Hotel Apps Found Collecting User Data Without Proper Disclosure

More Info 0 Comments

Research conducted by Cybernews reveals that many travel and hotel apps access and collect user data, including location, camera, and messages, often without proper disclosure. The study, carried out by a team in Lithuania, examined 22 popular apps available on the Google Play Store. The research compared the data collection practices claimed on the Play Store with the actual permissions requested by the apps.

Apps Under Review

The apps analyzed include:
– Booking.com
– MakeMyTrip
– HotelTonight
– Tripadvisor
– Vrbo
– Expedia
– Hotels.com
– KAYAK
– Momondo
– Priceline
– Hotwire
– Hostelworld
– Hopper
– Marriott Bonvoy
– Radisson Hotels
– Trip.com
– Trivago
– Hilton Honors
– Agoda
– Jetcost
– Sindibad
– Travelstart

Key Findings

1. Location Data: All 22 apps can access the user’s precise location, including latitude and longitude coordinates. However, many apps, such as Booking.com, Hopper, KAYAK, Hilton Honors, and Radisson Hotels, do not disclose this data collection on the Play Store.

2. Camera Access: Fourteen apps have permission to use the device’s camera for taking photos, recording videos, and conducting video calls. Apps like Marriott Bonvoy, Radisson Hotels, and Agoda do not disclose this access.

3. Microphone and Audio: Apps like Trip.com, Hotwire, and MakeMyTrip can access the device’s microphone and record audio. Trip.com discloses this on the Play Store, but Hotwire and MakeMyTrip do not.

4. SMS and Contact Data: MakeMyTrip can read SMS messages, including sender, receiver, and date information. MakeMyTrip, Hilton Honors, and Hopper can access contact lists, but Hilton Honors and Hopper fail to disclose this.

5. Phone State: Several apps, including Booking.com, Expedia, Hilton Honors, Hotels.com, Hotwire, and Trip.com, can read phone state, extracting user identifiers such as IMEI, IMSI, phone number, device serial number, and SIM card unique identifier.

Expert Advice

Cybernews security researcher Mantas Kasiliauskis advises users to be cautious when granting app permissions. He emphasizes that a well-designed app should only request essential permissions. Apps asking for sensitive permissions related to system files and configuration could indicate malicious intent or poor code design.

Conclusion

The Cybernews study highlights significant privacy concerns with popular travel and hotel apps, urging users to carefully review app permissions to protect their personal data.

Share this post

Author

FALLZ HOTELS™ is a unique and exclusive online environment designed specifically for the private sale of hotels. With a strong focus on integrity and confidentiality, FALLZ HOTELS™ provides a trusted platform for verified hotel sellers and buyers, as well as dedicated subscribers who are actively looking to either sell or buy hotels. Our services are available across North America (with a global reach), connecting sellers and buyers in the region.

Leave a Reply

Your email address will not be published. Required fields are marked *