cheryl
Administrator
Staff member
Top Travel Apps Fail The Privacy And Security Test - Forbes
The results of a newly published study of some of the world's most popular travel apps, on both Android and iOS platforms, make for grim reading if you like your privacy and security as much as you do an excellent money-saving travel deal. Researchers from mobile security solutions provider Zimperium tested 30 "best deal" travel applications, covering flights, hotels, car rental and the like, to better understand how they manage users' privacy and security risk. The apps, chosen based on Google Play download counts and number of positive iOS reviews, failed miserably. How miserably exactly? The research reveals that 100% of the iOS apps failed to receive a passing privacy or security grade. The Android apps tested did better, with only 45% failing to pass the privacy tests, but 97% still failed on security.
Which travel apps are putting users at risk?
The names of the travel apps themselves have not been released; instead the app providers have been anonymized and were assigned a pseudonym and number by the researchers. I asked J.T. Keating, vice-president of product strategy at Zimperium, why the travel apps tested had not been named, which would enable users to uninstall them. "Under the principle of responsible disclosure," Keating says, "Zimperium would like to provide app providers with the ability to fix the security and privacy risks before disclosing them publicly." Keating says that if the apps were identified along with the specific risks found, then it would "enable hackers to quickly attack or leverage the app to compromise devices or steal data." What Keating did tell me, however, is that the 30 apps were chosen based upon the number of downloads and positive reviews and are of the "find the lowest price, best deals for flights, hotels, etc. variety." Apps from individual airlines, hotels, car rental firms were not tested. The total number of downloads for Android apps alone, as Google Play reveals these statistics whereas the Apple App Store doesn't, was 478 million.
The results of a newly published study of some of the world's most popular travel apps, on both Android and iOS platforms, make for grim reading if you like your privacy and security as much as you do an excellent money-saving travel deal. Researchers from mobile security solutions provider Zimperium tested 30 "best deal" travel applications, covering flights, hotels, car rental and the like, to better understand how they manage users' privacy and security risk. The apps, chosen based on Google Play download counts and number of positive iOS reviews, failed miserably. How miserably exactly? The research reveals that 100% of the iOS apps failed to receive a passing privacy or security grade. The Android apps tested did better, with only 45% failing to pass the privacy tests, but 97% still failed on security.
Which travel apps are putting users at risk?
The names of the travel apps themselves have not been released; instead the app providers have been anonymized and were assigned a pseudonym and number by the researchers. I asked J.T. Keating, vice-president of product strategy at Zimperium, why the travel apps tested had not been named, which would enable users to uninstall them. "Under the principle of responsible disclosure," Keating says, "Zimperium would like to provide app providers with the ability to fix the security and privacy risks before disclosing them publicly." Keating says that if the apps were identified along with the specific risks found, then it would "enable hackers to quickly attack or leverage the app to compromise devices or steal data." What Keating did tell me, however, is that the 30 apps were chosen based upon the number of downloads and positive reviews and are of the "find the lowest price, best deals for flights, hotels, etc. variety." Apps from individual airlines, hotels, car rental firms were not tested. The total number of downloads for Android apps alone, as Google Play reveals these statistics whereas the Apple App Store doesn't, was 478 million.