A Cybernews investigation revealed that 14 popular airline apps might have sensitive access to travellers’ devices
Researchers have tested the 14 apps for sensitive Android permissions to check whether the airline apps can access user location, camera, storage, phone state, microphone, contacts, accounts on the device, messages and calls. Airline apps that were tested were
- Air Asia
- Turkish Airlines
- American Airlines
- United Airlines
- Fly Delta
- Ryanair
- Spirit Airlines
- Southwest Airlines
- Frontier Airlines
- Alaska Airlines
- Singapore Airlines
- Philippine Airlines
- Vietnam Airlines
- Aegean Airlines
The report highlighted:
- All tested airline apps had access to an exact user location, but three airline apps didn’t mention they collect passenger locations via airline apps.
- 12 out of 14 tested apps had camera permission. However, only three airlines disclosed the collection of camera-related data.
- Eleven tested apps could read and write into device storage, and one app had permission only to read the files on the device’s storage.
- Only three airlines disclosed that they collect data related to files, claiming it is needed for app functionality, analytics, and security reasons.
- Nine airline apps had reading phone state permission.
- Researchers found that four airline apps have access to the microphone permission, but none of the airlines disclose it on Playstore.
- Airlines do not need access to user contacts, but three apps have this access
- Four airlines had yet another redundant permission to access SMS and Calls on users’ devices without disclosing it. Apps with such permission can send text messages and call on behalf of the user.
Stay Safe, review app permissions diligently and regularly
Sensitive permission misuse can lead to potentially harmful consequences for users. One of the most significant risks is privacy invasion, as apps with risky permissions can access sensitive information without proper consent. Improperly handled permissions can also compromise data security, leaving user data vulnerable to unauthorized access, identity theft, or data breaches.
Apps that misuse permissions or consume excessive resources can negatively impact device performance, leading to slowdowns, crashes, or battery drain.
It’s advised to always review permission requests before allowing access. Pay attention to permissions that seem unnecessary for the app’s intended functionality. On the Android OS, you can manage and revoke app permission on your device’s settings by navigating to “Application Manager” or “Apps.”