Boarding Pass Hacking 101: How To Do It and How To be Safe

Uncovering Boarding Pass Hacking Techniques: What You Need to Be Aware Of

Boarding Pass HackingAre you aware that your boarding pass contains sensitive information that can be hacked? Boarding pass hacking is a growing concern for travelers.

The barcode on your boarding pass contains personal information that can be used to compromise your identity.

In this article, we’ll explain how boarding pass hacking works, the risks involved, and how you can protect yourself.

However, it might not always be clear what the possible threats might be in a given situation or how much damage a hacker with malicious intent can do with very limited information.

BCBP (bar-coded boarding pass) is the name of the standard used by more than 200 airlines. BCBP defines the 2-Dimensional (2D) bar code printed on a boarding pass or sent to a mobile phone for electronic boarding passes.

BCBP was part of the IATA Simplifying the Business program, which issued an industry mandate for all boarding passes to be barcoded.

What is Boarding Pass Hacking?

Boarding pass hacking is the process of extracting personal information from a boarding pass’s barcode. When you check in for your flight, you are issued a boarding pass that contains a barcode that identifies you and your flight details.

This barcode can be easily scanned to access your personal information, including your full name, frequent flyer number, and flight details.

Hackers can easily access this information using readily available software and use it to steal your identity or hack into your online accounts. They can also use it to gain access to restricted areas in the airport or even board a flight under your name.

At least once a week I come across someone’s Facebook or Instagram story, sharing their excitement about their trip to a foreign country.

The photo usually includes the passport, boarding pass, and an airplane in the background. Let me explain why it is not the best idea to post such content…
Let’s take “Image 1” as our example for investigation.

Although the name, destination, gate, and other information may not be visible on the photo, we can see the barcode present on the boarding pass.

Boarding Pass Hacking

The barcode on the boarding pass contains a wealth of information that can be scanned using a smartphone or barcode reader. This information can be used to access your details, such as your travel itinerary, seat information, and more!

If we do some expert-level cropping, we get a clearer image of the barcode for further analysis.

Boarding Pass Hacking

Great! Now that we have a well-readable barcode let’s see what information we can get out of it.

With a quick google search, we can find the right tool for the job.

In our case, I will use the Free Online Barcode Reader by Inlite.

1 2vKYQS1J9OooCTQoQZZERw

There are multiple different Barcode Types but by no means do you have to be a barcode expert to figure out which one you need to use. Just by visual analysis, we can see our barcode looks like PDF417.

Time to get some information!

Boarding Pass Hacking

Nice! We were able to successfully read the barcode and extract the information.

M1ROE/BRIAN           EIA4258 LHRLASBA BA275215F012A000 11 00

Time to dive a little deeper to see what information the barcodes actually contain. For this, I will break down the previously extracted information into smaller pieces.

  • M1 — Format code ‘M’ and 1 leg on the boarding pass
  • ROE/BRIAN — Passenger’s name
  • EIA4258 — Booking Reference
  • LHRLASBA — Flying from LHR (Heathrow) to LAS (Las Vegas) on BA (British Airways)
  • BA275 — Flight Number
  • 215 — The Julian Date (August 3rd)
  • F — Frist class in our case (Y for Economy, J for Business)
  • 12A — Seat Number
  • 11 — Sequence number (11th to check in)
  • 00 — Field Size of the airplane’s specific data message. 00 means there is not any.
Are you scared yet?

In this case, the boarding pass barcode only contains the minimum data fields as required by the IATA BCBP standard. The information can be more detailed for other boarding passes, for example even containing information about the frequent flyer number. Your frequent flyer number and loyalty program information is included on the boarding pass. This information can be used by hackers to access your rewards program account and steal your miles.

The booking information and reference number combined with your first and last name are often sufficient for making changes to your itinerary. So if you want to avoid some prankster hacker canceling your flight ticket minutes before you board the plane, do not post the photo of your boarding pass on the internet. However, if you absolutely have to, make sure you obfuscate the sensitive information (including the barcode).

How to Protect Yourself

Protecting yourself from boarding pass hacking is relatively simple. Here are some tips to keep in mind:

  1. Do not post your boarding pass online. This includes social media, blogs, or any other public platform.
  2. Do not leave your boarding pass lying around. Always keep it with you, and make sure to dispose of it securely.
  3. Use a virtual boarding pass on your phone. Many airlines offer the option to use an electronic boarding pass that you can save on your phone.
  4. Shred your boarding pass after your flight. Make sure to destroy your boarding pass before throwing it away.
  5. Monitor your online accounts regularly. Keep an eye on your bank statements, credit reports, and online accounts for any suspicious activity.

Conclusion

Your boarding pass may seem like a harmless piece of paper, but it contains sensitive information that can be used against you by hackers. By following the tips outlined in this article, you can protect yourself from boarding pass hacking and ensure that your personal information stays safe. Remember, always be cautious with your personal information and think twice before sharing it with others.

Happy Hacking!

administrator

Leave a Reply

Your email address will not be published. Required fields are marked *

fb logo
recover dogecoin from a scam
recover ethereum from a scammer
hire a hacker to hack iphone
hire a hacker to hack snapchat
hire a hacker to hack a windows computer
error: Content is protected !!