Travel Safety Apps, Privacy, and App Security: Commentary on Zimperium
Recently, we read with great interest the Zimperium study on the privacy and security vulnerabilities of travel security apps, here. Ironically, travel security apps for both iOS and Android seem to play fast and loose with user security. That’s not a good thing. Fortunately, we believe that FoneTrac is largely immune from these problems for a number of reasons. First, FoneTrac “user driven,” meaning that the app receives no location or user data unless initiated by the user as in a check in / panic alert. In this way, users are in control and aware of the data that is being shared. Transparency is built in to the app. Second, users are fully participant in the app – meaning that they know and agree what sharing is going on. Third, all captured data is held on Microsoft’s Azure cloud platform and subject to that platform’s stringent security measures.
Details on FoneTrac’s Privacy / Security Features
The FoneTrac app and back-end support systems operate in a secure Microsoft Azure cloud environment. For privacy and technical reasons, we do not monitor traveler locations continuously.Therefore, unlike systems that utilize “virtual boundaries” to determine when these have been breached, consistent feedback from users suggests that FoneTrac should be user-driven and that location monitoring should not be continuous.Thus, if a user were to check-in at point “A” and then change location and check-in again at point”B”, IMG will see the exact location at both points on our world map, but we will not know how the individual traveled between the two points (unlike the information displayed on the user’s smartphone). An exception is when a user presses the “Panic Alert” button. This triggers continuous monitoring until the alert is canceled or the app/phone is shutdown.
Persons interested in a demo of the app should reach out.