Your phone is your most exposed device when you travel. Border agents in many countries have legal authority to demand device access. Public WiFi at airports, hotels, and cafes is a primary way for others to intercept your traffic. The habits that protect you at home are even more critical on the road.
Before You Travel
- Update your device — install all OS and app updates before departure; old software has known vulnerabilities
- Back up your data — ensure you have a current backup before crossing any border
- Enable Full Disk Encryption — iOS encrypts by default when you have a passcode; Android: Settings → Security → Encryption
- Enable Find My Device — allows remote wipe if your device is lost or seized
- Consider a travel device — a secondary phone with minimal data is ideal for international travel
- Remove sensitive apps — if crossing a sensitive border, consider removing apps that could expose contacts or communications (Signal, encrypted email)
- Enable a strong passcode — turn off biometric unlock before border crossing. In some jurisdictions, you cannot be legally compelled to provide a password — but you can be compelled to provide a fingerprint.
WiFi Safety While Traveling
- Avoid public WiFi entirely for sensitive activities (banking, email, social media)
- Use a VPN if you must use public WiFi — encrypts your traffic on the network. See the VPN section of this guide.
- Turn off WiFi auto-connect — prevents your phone from automatically joining known or spoofed networks
- Use mobile data (your carrier’s network) rather than unknown WiFi when possible
- Disable WiFi and Bluetooth when not actively using them — reduces exposure to passive scanning
Precautionary Tips
- Disable Bluetooth when not in use — it can be used for passive location tracking
- Cover your camera and microphone when not in use if you have specific concerns
- Use HTTPS only — verify the lock icon in your browser for any sensitive browsing
- Log out of accounts on your device before border crossing if you have concerns about access
- Know your rights — understand the laws of both your home country and destination regarding device search at borders
- Do not charge your phone at public USB charging stations — “juice jacking” attacks can install malware or steal data through USB ports. Carry your own charger and use AC outlets.
⚠ WARNING: USB CHARGING STATIONS AT AIRPORTS AND HOTELS CAN TRANSFER DATA AND INSTALL MALWARE. Use your own charger plugged into an AC outlet. Never use a cable you didn’t bring yourself.
- Enable two-factor authentication on all accounts before you travel — recovering access while abroad is significantly harder
- Disable lock screen notifications — sensitive information can appear on screen without unlocking
- Review app permissions before travel — disable location for apps that don’t need it while you’re on the road
- Screenshot important information (hotel addresses, confirmation numbers) before travel — reduces the need to access accounts in insecure locations
At Border Crossings
- You have the right to remain silent about your device’s contents in most jurisdictions — know the specific laws before you travel
- Border agents may request your device; understand your country’s laws before departure
- Power down your device before entering a border inspection area — a powered-off device is harder to access than a locked one
- iCloud/Google Photo sync: Consider turning off automatic sync to prevent border agents from using your device to access your cloud data
- If your device is seized: change all passwords on your accounts as soon as you have secure access to a trusted device
Before your next trip: update your device, back it up, enable a strong alphanumeric passcode, and turn off biometric unlock for the border crossing. Those four steps take fifteen minutes and cover the most serious travel risks.