Boarding Passes Pose Serious Security Risks for Frequent Fliers

  • 1
    Share

When was the last time you took a flight to someplace and back and then carelessly threw your boarding pass into the bin without even thinking twice? Well if you regularly follow this habit, then you will be concerned to know that every boarding pass contains a barcode that holds a lot of personal information about you and your trip. So if a hacker gets his hands on that boarding pass somehow, he can easily use that information to gain your personal details and subsequently misuse them.

What is a barcoded boarding pass?

A Bar-Coded Boarding Pass (BCBP) is the standard for printing and scanning customer boarding passes, and it is commonly used by more than 200 airline operators around the world. The 2-D barcode can be printed on paper or can be sent to a smartphone, which is then scanned by the airport authorities to validate customers before they board a flight. Since 2010, all boarding passes have been required to be barcoded by law.

So what information does a barcoded boarding pass contain?

According to security researchers around the world, the barcode on a boarding pass definitely contains all the information that is handwritten on the pass itself. In addition to that, it also contains the customer’s frequent flier number and the record key for the flight that the customer took.

How can this information be hacked or misused?

While taken in isolation, this information cannot pose much danger to an individual. But if an experience hacker or malicious person gets his hands on this data, he can easily use it to hack into the account of the flier and then subsequently gain access into other personal accounts as well. A well-versed hacker just needs one entry point and can then cause maximum damage in a chain reaction. Through the details on the barcode, the attackers ultimately can get access to the fliers:

  • Name
  • Phone number
  • Email address
  • Frequent flier number
  • Information about all future flights from that account
  • Linked access to email accounts
  • Linked access to card details or financial accounts
  • Ability to perform social engineering with the information available

So while the information that can be gained from a boarding pass and barcode is not that dangerous at first glance, it can be misused by an experienced hacker and malicious party to cause further damage and get access to other accounts. So the best way to dispose the boarding pass after flying is to either shred it, burn it or at least tear the barcode section into small pieces so that they cannot be pasted together. You can read more about this here and here.

Some other common tips for travelers and frequent fliers are as below:

  • When your smartphone is on a roaming network, data usage can increase drastically. So keep your roaming data off and only use apps and services on Wi-Fi.
  • If you are connecting to a free Wi-Fi network, don’t make any financial transactions or login to personal accounts. Use the network only for browsing.
  • Additionally, you can also use the VPN feature of your phone to encrypt the data on it while connected to such networks.
  • Make sure your phone has a screen lock enabled, in case someone else gets their hands on it.
  • Enable anti-theft features in case you lose your phone while traveling. You can use Google features, your phone’s in-built features or the features of security software for this purpose.
  • Use cloud storage services to save your pictures and memories in case you lose your phone without notice.
  • Keep email alerts and SMS notifications switched on for your credit/debit cards.
  • Lastly, inform your bank that you are traveling so that they can also keep an eye on your account information and notify you in case of any discrepancies.
Rahul Thadani

Rahul Thadani


32 Comments

Your email address will not be published.

CAPTCHA Image

  1. Avatar kallol mazumdarJanuary 22, 2016 at 8:04 PM

    nice thank you

    Reply
  2. THANKS, I WAS REALLY DON’T AWARE BOARDING PASS HAS THAT MUCH INFORMATION AND CAN BE ACCESSIBLE BY HACKERS.

    Reply
  3. Avatar APURVA DESAIJanuary 22, 2016 at 8:39 PM

    This was very useful information provided all the frequent flyers needs to know it

    Reply
  4. Avatar MADHURM HEDAMBAJanuary 23, 2016 at 12:31 PM

    I HAVE QH INTERNET SECURITY 2013 5 USER 3 YEARS…..
    REGULARLY UPDATE & REGULARLY SCAN..NO VIRUS PROBLEM…ALWAYS SYSTEM SECURE…..
    IT IS OK….BUT RECENTLY MY MANY IMAGES DAMAGE….. WHY I DON’T KNOW…
    01 SOME HAVE HALF DAMAGE IMAGES….
    02 SOME HAVE (0) ZERO DATA….
    03 SOME HAVE NO FILE FORMAT RECOGNIZE….
    04 SOME HAVE ONLY THUMBNAIL… NO ANY IMAGE SEE….
    I AM UPSET DUE TO. PLZ FIND OUT SOLUTION OF THIS PROBLEM….
    I AM PHOTOGRAPHER….MY DATA LOST
    NOW I AM WAITING FOR YOUR GOOD RESPONSE & REAPLLY…
    WHICH I WILL BE SENDING THIS IMAGES FOR STUDY….

    Reply
    • Hi,

      The damage on the images has a lot to do with where the images are coming from, how are they being transferred and how they have been clicked. We cannot comment on the reason for this without knowing several details about the same. Kindly contact our technical support team, and they will gladly assist you with this issue. You can reach them here – https://www.quickheal.co.in/submitticket.

      Regards.

      Reply
  5. Avatar NAVIN KACHHAPJanuary 23, 2016 at 12:36 PM

    PERFECT

    Reply
  6. nice antivirus

    Reply
  7. Really very informational Quick Heal go ahead and let us know about these things happening around the world

    Reply
  8. Avatar Shweta BaviskarJanuary 25, 2016 at 12:08 PM

    Very useful information.
    Thank you.

    Reply
  9. Avatar Shweta BaviskarJanuary 25, 2016 at 12:10 PM

    Very useful information.
    Thank you

    Reply
  10. Nice article. Thanks

    Reply
  11. Avatar PRANATOSH MAITIJanuary 26, 2016 at 8:52 AM

    Very usefull.send more latest version..

    Reply
  12. Nice super ……..your giving much and more information about
    Security for a everyone that is fantastic I love this app

    Reply
  13. perfect

    Reply
  14. Thanks for very useful piece of information, now I will be alert.
    Thanks once again
    Sharf

    Reply
  15. Avatar sanjeev yadavJanuary 26, 2016 at 5:43 PM

    nice

    Reply
  16. Hi
    Really very informational Quick Heal go ahead and let us know about these things happening around the world

    Reply
  17. Avatar Sandeep GhodakeJanuary 26, 2016 at 6:36 PM

    Vital information provided.Thanks.

    Reply
  18. QUICKHEAL package for 3 yrs has been purchased on 02 Jan 2016 for Rs 1598. But my computer was not update till date. pl check and info to me. my mob no is 7798783296.

    Reply
  19. QH is not updating

    Reply
  20. Avatar Vivek JivaniJanuary 27, 2016 at 3:42 PM

    thank u
    for this information

    Reply
  21. Avatar subhash chandraJanuary 27, 2016 at 8:12 PM

    i ha.ve use last 2009 .it is very good scanner for everying

    Reply
  22. Avatar Sairaj SakpalJanuary 28, 2016 at 6:26 PM

    Its really good , but i am not able to update quickheal internet security , whenever i try yo update its go till applying update than it took too long time and then it shows the update definition file is corrupt and aborting the update process. plz help me for it

    Reply
  23. Nice

    Reply
  24. Avatar Sunil NanavareJanuary 30, 2016 at 11:02 AM

    Nice

    Reply
  25. Avatar H. K. DHOLAKIAFebruary 1, 2016 at 7:18 PM

    Very useful information indeed.

    Reply
  26. Avatar Chirag PatilFebruary 5, 2016 at 1:44 PM

    Quick heal is the best antivirus for my own experiance … Thank you…

    Reply
  27. Very nice beautiful apps
    I’m using Samsung galaxy s5 SM-G900H mobile phone my best mobile phone Samsung galaxy s5

    Reply