Airbnb
Airbnb is a legitimate, well-established travel platform with a large permission set appropriate to its core functionality. The app shows minor permission overreach (phone state, direct calling) and includes typical ad and analytics trackers, but these are standard for a major consumer app. Overall privacy posture is acceptable for a mainstream booking service.
How we got to 28.
5 trackers including AdMob, AppsFlyer for behavioral profiling
Name, phone, location, payment shared with hosts and partners
READ_PHONE_STATE and CALL_PHONE not core to booking
Justified by location, payments, camera for ID, NFC
Major publicly-traded company with privacy audits and GDPR compliance
GDPR-compliant with data export and deletion tools
HTTPS for all communication; no E2E for messaging but standard for booking
Updated frequently with rapid security patch deployment
Hidden inside the code.
What it asks for.
Not core to booking - likely used for fraud detection
Direct calling to hosts or support - minor overreach
Keep reading.
I scanned 47 apps on my phone. Here's what I found.
A full weekend audit of every app on a normal Android phone. 47 apps, 211 trackers, and a permission count that would ma...
What is a tracker in an app, and why should you care
Trackers are code libraries hidden inside apps that collect your data for third parties. Here is how they work, what the...
Similar risk profiles.
Scan Airbnb yourself.
Get the full report on your device - with real-time DEX analysis, permission auditing, and breach monitoring. Free, no account needed.