Design principles
Bus Visor is built for controlled testing on devices you own. Security follows least privilege: the app requests only what it needs, uses Android runtime permissions, and does not require root access.
Transport security
- All optional network calls use HTTPS (TLS).
- No cleartext transmission of location, route, or voice data.
- This website is served over HTTPS with valid TLS certificates.
On-device security
- Saved routes and preferences remain in the Android app sandbox.
- Other apps cannot read Bus Visor's private storage without device compromise.
- GPX export is always user-initiated via the Android share sheet.
- No advertising identifiers or analytics SDKs in v1.0.0.
Mock location boundary
Simulated GPS is injected only while you actively run a simulation and only if Bus Visor is selected as the mock location app in Developer options. When playback stops, mock injection stops.
What Bus Visor does not do
- No root access or system modification.
- No hidden background location tracking.
- No accessibility services.
- No screen recording or capture.
- No keylogging or clipboard monitoring.
- No device admin or enterprise MDM hooks.
Reporting security issues
Email privacy@busvisor.com with "Security" in the subject line. We aim to acknowledge reports within a reasonable timeframe.