Travel apps like Booking.com, MakeMyTrip and HotelTonight are actively collecting your personal data without your knowledge, an exclusive Cybernews investigation has revealed. According to the investigation, all 22 popular travel apps that were tested collect data about users’ location, and half of them, including Booking.com, do not even inform users about it. Some apps can read your text messages, access your camera and microphone, and make calls on your behalf.
Stories of Prominent HackersaResearch has found that apps such as MakeMyTrip and HotelTonight have built-in permissions that allow developers to access sensitive information on users’ devices, including location, contacts, camera, microphone and SMS messages. Many of these permissions were not listed in the Data Security section of the Google Play Store.
All applications that were tested had access to the user’s exact location, including latitude and longitude coordinates. This information can be used to track your movements and identify where you live and work. Also, some apps had access to the camera, allowing them to take photos and videos without your consent, compromising your privacy and security.
The problem is that most travel apps do not require such permissions for their core functionality. For example, access to SMS messages allows MakeMyTrip to auto-populate OTPs during transactions, but it can also be used to collect private information.
Research has shown that some apps, such as HotelTonight and Trip.com, have the ability to modify a device’s system settings, which can lead to serious security risks. For example, the Trip.com app can change the language, screen orientation, keyboard layout, and other device settings.
Cybernews advises to always review permission requests before granting access to applications. You can manage and revoke app permissions in your Android device’s settings by going to Manage apps or Apps.