US air security threatened by unencrypted boarding pass barcodes

boardingpass US air security threatened by unencrypted boarding pass barcodes

Passenger aircraft in the US face a significant security threat, with revelations that boarding pass barcodes are not encrypted, potentially allowing for dangerous items to brought on board.

Passenger aircraft in the US face a significant security threat, with revelations that boarding pass barcodes are not encrypted, potentially allowing for dangerous items to brought on board.

 
The current system used in the US allows for randomly selected individuals to skip the pre-boarding security process. The randomness of this has until now acted as a good deterrent from attempting to bring unauthorised baggage, but a number of people have figured out a way to determine if you have been selected or not based on the barcodes provided.
 
Aviation blogger John Butler found that he was able to use a website to decode the barcode on his boarding pass, not only revealing the passenger name record, seat assignment, flight number, and other personal details, but whether or not they will be admitted to the plane without a vigorous security check. 
 
boardingpass US air security threatened by unencrypted boarding pass barcodes
 
In fact, the barcodes are so badly secured that a user can simply count the bolded bars at the end, with one signifying no check and three signifying a check. Many people are also finding they can use their smartphones to scan their codes and determine their security clearance.
 
This means a passenger can know in advance if they will bypass security, allowing them to potentially hide things in their shoes, coats or belts, or leave items in their bags that would normally have to be put through separately, such as laptops and toiletries. In effect, it is an open invitation to terrorists.
 
Of course, to be eligible for skipping the security stage the customer needs to be part of the PreCheck programme, which can only be joined in two ways: with a payment of $100 that is used to perform a background check, or be a randomly selected frequent flier, who gets the service for free. Regardless of how long it might take to get into the system in the first place, there is no excuse for this lax security.
 
Source: BBC
Image Credit: MTCV