The Beijing Winter Olympics app that all Games attendees must use contains security weaknesses that leave users exposed to data breaches, analysts say.
The My2022 app will be used by athletes, audience members and media for daily Covid monitoring.
The app will also offer voice chats, file transfers and Olympic news.
But cybersecurity group Citizen Lab says the app fails to provide encryption on many of its files. China has dismissed the concerns.
Questions about the app come amid a rise in warnings about visitors’ tech security ahead of the Games, which begin on 4 February.
People attending the Beijing Olympics should bring burner phones and create email accounts for their time in China, cyber security firm Internet 2.0 said on Tuesday.
Several countries have also reportedly told athletes to leave their main devices at home.
All visitors to the Games are required to download the app 14 days prior to their departure for China, and use it to record daily their Covid status.
For foreign visitors they also need to upload sensitive information already submitted to the Chinese government like passport details and travel and medical histories.
In a report on Tuesday, Chinese state media outlet Global Times dismissed concerns about the app, saying “all personal information will be encrypted to ensure privacy”.
It compared the app to one that had been used at the Tokyo Games.