Live Science Plus
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Delivered Daily
Daily Newsletter
Sign up for the latest discoveries, groundbreaking research and fascinating breakthroughs that impact you and the wider world direct to your inbox.
Once a week
Life's Little Mysteries
Feed your curiosity with an exclusive mystery every week, solved with science and delivered direct to your inbox before it's seen anywhere else.
Once a week
How It Works
Sign up to our free science & technology newsletter for your weekly fix of fascinating articles, quick quizzes, amazing images, and more
Delivered daily
Space.com Newsletter
Breaking space news, the latest updates on rocket launches, skywatching events and more!
Once a month
Watch This Space
Sign up to our monthly entertainment newsletter to keep up with all our coverage of the latest sci-fi and space movies, tv shows, games and books.
Once a week
Night Sky This Week
Discover this week's must-see night sky events, moon phases, and stunning astrophotos. Sign up for our skywatching newsletter and explore the universe with us!
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
Barcodes on airline boarding passes can be read by readily available barcode readers and contain information used to determine which security protocols a traveler will be subject to, security researchers have discovered.
The worry is that travelers, who can print boarding passes at home up to 24 hours before their flight, could alter the barcodes to determine whether they are subjected to a conventional security check or to the less stringent, expedited-security Pre-Check procedure. That's information that could potentially give an advantage to a would-be terrorist.
Chit-chat about the security flaw has been happening in online forums since July, the Washington Post reported, but the issue only gained serious attention last week when aviation blogger John Butler said he'd discovered that the information stored on the barcode was unencrypted.
"I'm publishing this because I am seriously concerned with boarding-pass security in the United States," Butler wrote after decoding his own boarding pass with a tool available on the Web.
The Transportation Security Administration responded to a request for comment from TechNewsDaily with a boilerplate email detailing which airlines and types of passenger qualify for the Pre-Check program.
[How to Get Through Airport Security Faster]
Butler published the decoded information and pointed to a digit — either a 1 or a 3 — that he said indicated whether he would be expedited or sent through conventional security.
Not only could an individual use this knowledge of the barcode to cause harm, Butler warned, but he could also change it.
Anyone can "use a website to decode the barcode and get the flight information, put it into a text file, change the 1 to a 3, then use another website to re-encode it into a barcode," Butler warned. "Finally, using a commercial photo-editing program or any program that can edit graphics, replace the barcode in their boarding pass with the new one they created."
Publicly available information corroborates Butler's claim, the Washington Post reported.
Sen. Charles Schumer (D-N.Y.), who has been a vocal critic of the TSA's airport-screening measures, said this latest revelation was another cause for concern.
"This has the potential to be a gaping flaw in the system that would be all too easy to exploit," he told the Post. "At the very least, if someone is flagged for a random screening, that information should be encrypted."
This story was provided by TechNewsDaily, sister siter site to Live Science.
