Originally Posted by
jackthewelshman
The easiest and cheapest of resolutions is for the staff to properly check eligibility, by insisting to see your boarding pass, whether it is paper or an app, and not just allowing a full screen photo of a QR code which could have come from anywhere. Correct me if I'm wrong, the QR code is only valid if it is shown within the airline's app, full digital boarding pass (e.g. Passport on iOS) or if the person can reasonably explain that it is genuine.
still won't work...
at least for android (and jailbroken iOS), it's very easy to mock/inject data into an app
The long term solution I guess is for those airlines that have more generalised checking of boarding cards, is to update the reading technology and software they use to drill down and only validate genuine flight tickets for +/− 24 hours the time of attempted entry. I however no nothing about what process they use for validation, I am a tech geek but in a different field!
in IT... you never trust client side data (on the phone), always verify it from your (trusted) server
unless you're delta and your server is down
