Booking a flight has become a simple process thanks to the Internet, and once you have flights secured you can relax, right? Well, for the most part that's true. Your seats are yours, as long as a hacker doesn't decide to stop you flying, which turns out to be very easy to do.
Karstein Nohl and Nemanja Nikodejevic from German security company Security Research Labs have revealed how poorly the travel booking systems we all rely on are protected. In fact, the three largest Global Distributed Systems (GDS) handling flight reservations for travel worldwide are open to abuse in several ways.
Amadeus, Sabre, and Travelport are the three systems that handle over 90 percent of flight reservations. According to the researchers, these systems date back to the 70s and 80s and have only been integrated with the more modern web infrastructure rather than replaced completely. What this means is, authentication on the system is very weak due to it being decades old.
Each traveler on a GDS is identified by a six digit code which is also the booking code (known as a PNR Locator). That ID is printed on boarding passes and luggage tags, meaning anyone near your luggage or who views your pass can see it and easily snap a shot of it with their smartphone.
Chief Analytics Officer Spring 2017
15% off with code MP15
Big Data and Analytics for Healthcare Philadelphia
$200 off with code DATA200
10% off with code 7WDATASMX
Data Science Congress 2017
20% off with code 7wdata_DSC2017
20% off with code AIP17-7WDATA-20