When the journey begins in an app: the mobile phone has become a travel map, ticket and wallet, but also a new point of risk
Travel once began with a map, passport, printed voucher and several papers stored in the pocket of a travel bag. Today it increasingly begins by unlocking a screen. The same device contains the airline ticket, QR code for boarding, hotel booking confirmation, digital ticket for a museum, eSIM data package, transport app, navigation to the accommodation, access to email and a bank card. The convenience is enormous: less waiting, less paper, faster changes of plans and easier itinerary management. But precisely because of this, the phone is no longer just an auxiliary tool on the road, but a central travel infrastructure that needs to be protected just as seriously as a passport, wallet or insurance policy.
The digitalization of travel is not happening only in user habits, but also in the systems of airports, carriers, hotels and state authorities. In its global passenger survey for 2025, IATA highlighted the growing dependence on mobile phones and the broader acceptance of digital identity and biometrics in the passenger experience. The European Commission is developing the concept of a digital travel app and digital travel credentials, while ICAO has for years been developing standards for a digital travel credential as a secure digital companion to the physical document. This does not mean that paper disappears overnight or that the physical passport ceases to be important. It does mean, however, that an ever larger part of travel takes place through apps and online services, so a battery failure, lost password or unavailable roaming can cause very real consequences.
The mobile phone as new travel documentation
In practice, the most vulnerable moment often does not occur at the border, but a few steps before it: at the entrance to a train, in front of a hotel reception desk, at car rental or at airport security screening. If the QR code is in an app, and the app requests a new login, the traveller depends on a password, access to email, SMS confirmation or an internet connection. If the ticket is available only in the email inbox, and the email is protected by two-factor authentication that sends a code to a number with no signal, a digital convenience suddenly becomes an administrative obstacle. A similar problem arises when the booking confirmation is located in an app that does not work offline, and the accommodation address has not been saved locally.
It is especially important to understand that digital travel documentation is not just one file or one app. It is a chain of dependencies. To display a ticket, an active account may be needed; for an active account, a password; for the password, a password manager; for the password manager, biometrics or a master key; for identity confirmation, a mobile network; and for all of it together, enough battery. If only one link fails, the traveller may lose access to a service they have properly paid for. That is why digital preparation is not reduced to installing apps before departure, but to checking whether key data can be reached when there is no internet, when the screen is nearly out of battery or when the device is lost.
Offline copies are no longer a precaution for the overly worried, but basic travel hygiene
The simplest protection measure remains a local copy of key data. Boarding passes, hotel confirmations, QR codes for events, train tickets, accommodation addresses, flight numbers, insurance policies and carrier contact details should be saved so that they are available even without the internet. This can mean adding a pass to a digital wallet, saving a PDF to files on the phone, taking a screenshot, printing the most important documents or combining several methods. A screenshot is not always an ideal solution because some dynamic codes change content or require display within the official app, but it is still useful for booking numbers, addresses, departure times and contact details.
Good preparation also includes separating copies. If all documents are only in one app, the risk remains concentrated. If the most important data are in a digital wallet, a local folder with PDFs and one printed copy, a problem with the app is less dramatic. For trips with several people, it is useful for at least one other person to have copies of shared reservations, especially if the accommodation or vehicle rental is booked under one name. For business trips or trips with an extensive itinerary, it is particularly reasonable to have a short document with the travel sequence, addresses, confirmation numbers and emergency contacts, saved outside the main email inbox.
The battery has become a security issue, not just a comfort issue
When almost everything a traveller needs is in the phone, the battery becomes part of the travel documentation. An empty mobile phone can mean the inability to show a boarding pass, call the accommodation, order transport or find an address. For that reason, charging the device before departure, carrying the appropriate cable and a tested portable battery should not be treated as small details. It is equally important to know the rules for transporting batteries. The U.S. Federal Aviation Administration states that portable chargers and spare lithium batteries must not be in checked baggage, but must be with the passenger in the cabin and available to the crew if a problem occurs. TSA also states that power banks with lithium-ion batteries are carried in hand luggage, not in checked baggage.
These rules are not mere bureaucracy, but the consequence of the risk of overheating, short circuit and fire in damaged or faulty lithium batteries. The FAA advises that devices and batteries be protected from damage, accidental activation and short circuit, and that damaged, faulty or recalled batteries not be carried at all. A traveller who relies on a power bank must therefore think in two ways: they need enough energy for the journey, but the charging device must be safe, accessible and in line with carrier rules. Before a flight, it is reasonable to check the battery capacity expressed in watt-hours, the condition of the cable and the specific conditions of the airline, because individual carriers may have stricter rules than general guidelines.
Roaming, eSIM and the problem of internet access when it is needed most
Within the European Union, Iceland, Liechtenstein and Norway, the “roam like at home” rule enables the use of calls, SMS and data traffic under conditions comparable to those at home, with fair use rules and an obligation for operators to inform users about possible differences in service quality. This has made travel within that area significantly simpler, but it has not removed all risks. In border areas, the device may connect to a network outside the expected area; in airports and underground spaces the signal may be weak; and outside the European roaming regime, costs and conditions depend on the operator, country and tariff. That is why before travelling, one should not check only the price of accommodation and luggage, but also the data plan, the possibility of roaming and the method of monitoring consumption.
eSIM has further changed the travel routine because the user no longer necessarily has to buy a physical SIM card at the destination. Apple, for example, states in its instructions for international travel that eSIM can be more secure than a physical SIM card because it cannot be removed from the device if the phone is lost or stolen, and supported models can store multiple eSIM profiles. But eSIM also requires preparation: it is necessary to check whether the device supports that technology, whether the phone is locked to an operator, whether the profile can be activated before departure and whether a Wi-Fi connection is needed for activation. The worst moment for first reading eSIM instructions is arrival at the destination, especially if internet is already needed to access a reservation, transport or a city map.
Passwords and access to email can decide whether a reservation will be available
A large part of travel services is tied to email. That is where booking confirmations, schedule changes, instructions for self check-in to an apartment, invoices, links for online check-in and one-time codes arrive. If access to email is possible only on one device, and that device is lost or locked, the traveller may find themselves in an awkward situation even when all documents are formally in order. National cybersecurity centres, including the British NCSC, emphasize in their guidelines the importance of properly securing devices and accounts, and travel is a circumstance in which that recommendation becomes very concrete.
A password manager, strong master password, updated recovery data and two-factor authentication can greatly increase security, but only if they are set up so that the user can access the account in an emergency situation as well. Before travelling, one should check whether recovery codes are saved, whether the alternative email address is still active and whether the account can be verified without relying exclusively on a single SIM number. It is especially dangerous to save passwords in an ordinary unprotected note or to carry photos of documents without any device protection. Travel usually means more public networks, more app logins and more situations in which the device is used in a hurry, so basic security discipline is more important than in the everyday routine.
Public Wi-Fi networks, apps and the boundary between convenience and exposure
Free Wi-Fi in hotels, cafés, airports and transport is often seen as salvation when mobile internet does not work or is expensive. Still, public networks should be used cautiously. They can be slow, unstable, falsely presented or insufficiently protected. Not every public network is dangerous, but it is not reasonable to perform sensitive actions on it without thinking, such as managing banking, changing passwords or sending copies of documents. If a public network is necessary, it is better to use the official network of the institution, avoid unknown networks with generic names and watch whether the page requests entry of data that are not needed for connection.
Travel apps should also be viewed critically. Official apps of airlines, hotels, carriers and public institutions are useful because they often send notifications about changes, delays and boarding gates. But before travelling they should be updated, login should be checked and key data should be saved outside them. Downloading apps at the last minute, through unknown links or on a public network increases the risk of error. The safest approach is simple: install only what is needed, use official app stores, avoid sharing more data than the service requires and do not assume that the app will work when it is needed most.
Digital identities and biometrics speed up travel, but require trust
The broader trend in air traffic is moving toward digital travel credentials and checks that can be done earlier, before arrival at the border or airport checkpoint. ICAO describes a digital travel credential as a secure and globally interoperable digital addition or replacement for a physical machine-readable travel document, intended to support easier travel. The European Commission states that the future EU digital travel app should enable the creation of a digital travel document by scanning the physical document, with authenticity verification and comparison of the user’s face with the photograph in the document. According to the Commission, the use of such an app should be voluntary, and physical documents could still be used for border checks.
These systems promise faster procedures, less manual data entry and less waiting, but their success depends on trust. Travellers must know who processes the data, how long they are stored, whether consent can be withdrawn and what happens when the technology fails. In documents on the digital travel app, the European Commission highlights encryption, consent rules and the application of the European data protection framework. This is important because travel is not only about practical notifications and QR codes, but also about very sensitive data: identity, biometrics, movement, documents and contacts. Digitalization therefore cannot be convincing only because it is faster; it must be reliable and understandable.
Plan B should be simple, tested and available without panic
The best plan for digital travel is not complicated. Before departure, one should check that apps are open, passwords are available, recovery codes are saved, eSIM or roaming is activated, and key documents are available without the internet. There should be room in the bag for a charger, an appropriate cable, a power bank in accordance with transport rules and at least a minimal printed copy of the most important data. Documents containing personal data should not be left unprotected, but complete reliance on one locked screen is equally problematic. The balance lies in protecting the most sensitive data while making it possible to find the most necessary information even when the network, app or battery fails.
For many travellers, the most useful thing is a short pre-departure checklist: boarding pass saved outside the app, accommodation address available offline, map of the area downloaded in advance, access to email checked, roaming conditions clear, charger and cable in hand luggage, power bank available in the cabin, and emergency contact saved both in the phone and outside it. Such a list does not remove all risks, but it reduces the likelihood that the trip will turn into a series of improvisations. Digital convenience is best when it remains invisible; as soon as it becomes the only path to a ticket, bed, transport or money, a backup option needs to be added to it.
The travel of the future will not be paperless, but will come with more responsibility
Digital systems will continue to take over an ever larger part of travel because they are faster, more flexible and cheaper to process. Airlines, airports, hotels and public institutions have a strong interest in reducing manual checks and accelerating the flow of people. For travellers, this can mean less waiting and better control over the travel plan, but also greater personal responsibility for the device that carries almost everything. The mobile phone is already a ticket, key, wallet, translator, navigator and archive of confirmations. Precisely for that reason, it should be viewed on the road as part of the documentation: charged, protected, prepared to work offline and supported by a simple backup solution.
Sources:- IATA – results of the global passenger survey for 2025 on the growing role of mobile phones, digital identity and biometrics in air traffic (link)- European Commission – “Roam like at home” roaming rules in the European Union, Iceland, Liechtenstein and Norway (link)- European Commission – questions and answers on the EU digital travel app and digital travel credentials (link)- ICAO – guidelines on digital travel credentials and the concept of a digital companion to the physical travel document (link)- FAA – rules and safety recommendations for lithium batteries, portable chargers and electronic devices in air traffic (link)- TSA – guidelines on power banks and the ban on carrying portable chargers with lithium-ion batteries in checked baggage (link)- Apple Support – instructions on using eSIM on international trips and the security advantages of eSIM profiles (link)- National Cyber Security Centre – guidelines for device security, configuration and protection of mobile and other computing devices (link)
Find accommodation nearby
Creation time: 3 hours ago