Frequent travelers were thrilled when the Transportation Security Administration rolled out its PreCheck Expedited Screening, which allowed them to leave shoes, belts on and other items on as they already have been pre-screened as safe travelers. Earlier this month a vulnerability was revealed with the new expedited screening though.
On Oct. 19, John Butler on his blog Puckinflight started his post saying ” I am seriously concerned with boarding pass security in the United States.” He explained the flaw he found was in the barcode of his PreCheck passenger and flight information ID, which is printed on boarding passes. Using a website, he was able to decode this barcode and reveal that he was eligible for PreCheck for that flight, as well as other detailed info — all of which was unencrypted. To Butler, this means “terrorists or really anyone” could manipulate their own barcode, allowing them to go through PreCheck, and use a PhotoShop-like program to alter their ticket. He also said this flaw allows people to change their names as well.
“So if they have a fake ID they can use this method to make a valid boarding pass that matches their fake ID,” Butler wrote. “The really scary part is this will get past both the TSA document checker, because the scanners the TSA use are just barcode decoders, they don’t check against the real time information.”
As Butler goes on to explain, not every passenger who has opted-in for PreCheck will get to go through the fast track every time. Whether or not they will be randomly selected for the PreCheck line is embedded in this barcode. Given that the barcode can be manipulated, Butler writes that the “randomness” of the program is invalidated because the person could in theory change their ticket to read eligible for PreCheck every time.
Security Analyst with the American Civil Liberties Union, Chris Soghoian, seconded this sentiment with USA Today:
“If people can verify their PreCheck status at home 24 hours before the flight, the randomness is gone. [...] The randomness needs to occur the moment you are in line, when it’s too late to swap bags with your colleague or it’s too late to throw something in the trash.”
So, there are two problems here. First, is the that data on the barcode is not encrypted. This allows people to alter information on the front of the boarding pass. Second, is the more serious issue of the Pre-Check information not only out there but where it is also possible to edit the Pre-Check status and place it back on the boarding pass. However, there is a solution.
Not to be the bearer of bad news without a solution, Butler provided two easy fixes: encrypt the barcode information, and/or require TSA make sure the barcode match that which is on file with the airline.
Butler said he contacted the United Airlines, although he believes the flaw would work with other airlines as well, and TSA about the vulnerability. He also wrote that he did not try to see if a tampered with barcode would make it past security.
“Actually creating a fake boarding pass even for this blog is a legally grey area and morally black one,” Butler wrote.
All passengers, even those passed through PreCheck, still go through a metal detector or body scanner. USA Today reported TSA saying in a statement that it ”does not comment on specifics of the screening process, which contain measures both seen and unseen.”
“We continue to explore and implement additional mitigation measures to prevent the manipulation of boarding passes and are working with the airlines to enhance existing security systems, programs and methods to prevent illegal tampering,” TSA said in its statement, according to USA Today.
- Internal DHS Report: ‘Vulnerabilities’ Identified in TSA Body Scanner Screening Process
- ‘A New Era of Reform’: TSA Tentatively Allows Private Screeners in Orlando
- Guess What: New Tech Could Mean TSA Isn’t Done With You Until You Get on the Plane
(H/T: Daily Mail)