How your Boarding Passes Can Pose Serious Security Risks to your Privacy

Share and earn Cybytes
Facebook Twitter LinkedIn Email

After a flight, we often find ourselves with a now useless boarding pass in our pocket, and naturally throw it out the first chance we get. Unfortunately, we have some bad news for those of you that follow this habit. Those boarding passes you quickly toss out in the airport trash can contains a barcode that holds a lot of personal information about you and your trip. Someone who is well versed in hacking would be able to use that information to gain your personal details and potentially misuse them.

What is a barcoded boarding pass?

A Bar-Coded Boarding Pass (BCBP) is the standard for printing and scanning customer boarding passes, and it is commonly used by more than 200 airline operators around the world. The 2-D barcode can be printed on paper or can be sent to a smartphone, which is then scanned by the airport authorities to validate customers before they board a flight. As of 2010, all boarding passes have been required to be barcoded by law, ironically for additional security.

What information does a barcoded boarding pass contain?

The barcode on a boarding pass not only contains the information that is written on the pass itself; it also contains the customer’s frequent flier number and the record key for the flight that the customer took.

How is acquiring this information potentially harmful?

When this information is analyzed as small bits and pieces, it does not pose much of a risk. However, should an experienced hacker get their hands on such data, he can subsequently use it to hack into the account of the flier and gain access into other personal accounts as well. Any hacker that knows what they are doing simply needs one entry point to maximum damage in a chain reaction. With the information taken from the barcode, a hacker can ultimately get access to the individuals:

  • Name
  • Phone number
  • Email address
  • Frequent flier number
  • Information about all future flights from that account
  • Linked access to email accounts
  • Linked access to card details or financial accounts
  • Ability to perform social engineering with the information available

While the information that can be gained from a boarding pass and barcode is seemingly not dangerous at first glance, it can be misused by an experienced hacker looking to get access to other accounts. The safest way to dispose of a boarding pass (after flying) is to either shred it or at the very least tear the barcode section into small pieces so that they cannot be pieced back together.

The post How your Boarding Passes Can Pose Serious Security Risks to your Privacy appeared first on Cybersponse.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About CyberSponse, Inc.
CyberSponse Incorporated, a global leader in cyber security automation & orchestration, helps accelerate an organization’s processes, security operations teams and incident responders. The CyberSponse platform enables organizations to seamlessly integrate, automate and playbook their security tool stack, enabling better, faster and more effective security operations. With a global presence, offering an enterprise platform, Cybersponse enables organizations to secure their security operations teams and environments.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?