Go Back  FlyerTalk Forums > Travel&Dining > Travel Safety/Security > Checkpoints and Borders Policy Debate
Reload this Page >

Another case of boarding pass/ID mismatch not being caught

Another case of boarding pass/ID mismatch not being caught

Old Nov 28, 11, 8:21 pm
  #16  
 
Join Date: Apr 2011
Location: Northern VA
Posts: 1,005
Originally Posted by saulblum View Post
I tend to glance more at the flight number and gate than I do my name. I assume my name will be correct.

Yes, the scanners would catch the mismatch. And I'm sure the scanner manufacturers are salivating after hearing of this and are knocking at Pistole's door.
Seeing as the airline's own scanners missed this, the TSA ones would miss it as well.
The TSA guy missed the match between boarding pass and ID.
A scanner would not remedy this (unless the TDC was replaced by a machine, which is possible).
Pesky Monkey is offline  
Old Nov 28, 11, 8:27 pm
  #17  
Original Poster
 
Join Date: Jun 2006
Location: Boston
Posts: 821
Originally Posted by Pesky Monkey View Post
A scanner would not remedy this (unless the TDC was replaced by a machine, which is possible).
http://www.flyertalk.com/forum/check...ses-fraud.html

$3.2 million for a pilot program to solve a non-existent problem.
saulblum is offline  
Old Nov 28, 11, 8:35 pm
  #18  
 
Join Date: Apr 2011
Location: Northern VA
Posts: 1,005
Originally Posted by saulblum View Post
http://www.flyertalk.com/forum/check...ses-fraud.html

$3.2 million for a pilot program to solve a non-existent problem.
It would only validate the the boarding pass was real, not that it matched the ID. That would probably cost another $6.4 million.
Pesky Monkey is offline  
Old Nov 28, 11, 8:37 pm
  #19  
Original Poster
 
Join Date: Jun 2006
Location: Boston
Posts: 821
Originally Posted by Pesky Monkey View Post
It would only validate the the boarding pass was real, not that it matched the ID. That would probably cost another $6.4 million.
Exactly. It is the TSA way to spend millions for a technological solution that could be accomplished by a $50,000/year TDC, to solve a problem that doesn't need solving in the first place.
saulblum is offline  
Old Nov 28, 11, 8:41 pm
  #20  
 
Join Date: Apr 2011
Location: Northern VA
Posts: 1,005
Originally Posted by saulblum View Post
Exactly. It is the TSA way to spend millions for a technological solution that could be accomplished by a $50,000/year TDC, to solve a problem that doesn't need solving in the first place.
Good point. I wouldn't take that job but I know some Poly Sci majors that would!
Pesky Monkey is offline  
Old Nov 28, 11, 10:16 pm
  #21  
 
Join Date: Jun 2005
Location: Land of ORD
Programs: AA Plat UA Premier
Posts: 8,619
Originally Posted by Pesky Monkey View Post
It would only validate the the boarding pass was real, not that it matched the ID. That would probably cost another $6.4 million.
Actually it validates that the boarding pass is correct at the TDC. That technology already exists at a lot of the larger airports. Notice that your name on the ticket pops up on the BP checker.

I once got an upgrade after I had checked in. and before I got to the airport I was told by the TDC that my BP had "expired". He let me pass anyway.
SirFlysALot is offline  
Old Nov 28, 11, 10:25 pm
  #22  
In Memoriam
 
Join Date: Feb 2000
Location: Easton, CT, USA
Programs: ua prem exec, Former hilton diamond
Posts: 31,801
Originally Posted by Pesky Monkey View Post
It would only validate the the boarding pass was real, not that it matched the ID. That would probably cost another $6.4 million.
The new scanners will scan the ID to make sure it's valid, scan the boarding pass to make sure it's not been tampered with and is valid, and compare the two documents to make sure the names match.

From news reports on the scanners

“It will scan your ID to make sure it’s okay and then it will scan your boarding pass and compare the information,” said the TSA’s Mike McCarthy.


And from the TSA

In response to these vulnerabilities, the TSA is integrating its Credential Authentication Technology (CAT) with its Boarding Pass Scanning System (BPSS) technology. The goal of CAT/BPSS is to ensure that identity credentials and boarding passes presented at the checkpoint have not been tampered with or fraudulently produced. In addition the CAT/BPSS supports TSA efforts to ensure that the information on the boarding pass matches that of the identity credential.

...

CAT/BPSS compares the biographic information captured from the identity credential with the biographic information captured from the boarding pass to determine if the information is identical. This comparison will assist TSA by ensuring that both documents belong to the bearer.


It would have noticed the ID was different from the name on the boarding pass.

Last edited by cordelli; Nov 28, 11 at 10:31 pm
cordelli is offline  
Old Nov 28, 11, 10:40 pm
  #23  
 
Join Date: May 2010
Location: FLL - Nice and Warm
Programs: TSA Disparager Gold
Posts: 1,025
Originally Posted by cordelli View Post
.....It would have noticed the ID was different from the name on the boarding pass.
Maybe I'm thick - This improves security how?
Wimpie is offline  
Old Nov 28, 11, 11:00 pm
  #24  
Original Poster
 
Join Date: Jun 2006
Location: Boston
Posts: 821
Originally Posted by Wimpie View Post
Maybe I'm thick - This improves security how?
It improves the financial security of the scanners' manufacturers.
saulblum is offline  
Old Nov 29, 11, 10:08 am
  #25  
 
Join Date: Jul 2003
Location: Salish Sea
Programs: DL,AC,HH,PC
Posts: 8,977
Originally Posted by Pesky Monkey View Post
Good point. I wouldn't take that job but I know some Poly Sci majors that would!
On reading this latest breach (shock, horror!), it did occur to me that maybe some TDCs are smart enough to realize this whole thing is a charade and nothing remotely to do with security.

The old adage says that if something is worth doing it's worth doing well. The corollary is that if something is useless there's no point putting any effort into it. Highlighting or underlining the name on the BP to prove that the TDC did in fact look at it might support the notion that some don't treat the process with the seriousness the TSA wants.

Good for them.
Wally Bird is offline  
Old Nov 29, 11, 5:53 pm
  #26  
 
Join Date: Oct 2008
Location: SFO
Programs: United 1P, Hertz Gold #1 5*, Avis First, HH Gold, Marriott Silver
Posts: 87
One simple question

Please excuse my naivety to the situation...
Why would boarding pass / ID mismatch be a security issue? For the airline, I understand that it is a revenue protection measure; but security???
Jupiter's Ally is offline  
Old Nov 29, 11, 6:03 pm
  #27  
 
Join Date: Nov 2008
Posts: 3,657
Originally Posted by Jupiter's Ally View Post
Please excuse my naivety to the situation...
Why would boarding pass / ID mismatch be a security issue? For the airline, I understand that it is a revenue protection measure; but security???
Here is the argument, from TSA's perspective.

TSA has two lists: the "no-fly" list of people who are not allowed to fly aboard commercial aircraft, and a "selectee" list of people who are only allowed to fly aboard commercial aircraft with additional screening performed at the checkpoint.

Instead of checking passengers against such lists at the checkpoint, TSA has pushed this activity back onto the airlines. When a passenger checks in for a flight and attempts to print a boarding pass (be it at home or at the airport), the airline relays the passenger's identifying information to The Powers That Be, who check the information against the master lists. If the name is not on the lists, the passenger can print the boarding pass. If the name is on the lists, the passenger is directed to airline personnel at the airport for further assistance.

So, when a passenger arrives at a checkpoint, how is TSA to know that the passenger is not on the no-fly list? In principle, the answer is "because the passenger has a boarding pass and a matching ID" --- because the existence of the boarding pass is sufficient evidence that the passenger is not on the no-fly list. This assumes, however, that the boarding pass and matching ID presented are both valid, and both match the passenger presenting them.

So, that's TSA's argument. I will leave the poking of holes in that argument as an exercise for the reader.
jkhuggins is offline  
Old Nov 29, 11, 8:09 pm
  #28  
In Memoriam
 
Join Date: Feb 2000
Location: Easton, CT, USA
Programs: ua prem exec, Former hilton diamond
Posts: 31,801
From one of the DHS documents about the scanners

Which of course totally goes against all the times they say it's no problem since they screen everybody.

Notwithstanding, certain security vulnerabilities associated with boarding passes are well-known. For example, in fall 2006 a doctoral student at Indiana University created a website that enabled individuals to create fake boarding passes. This website garnered significant media attention, as it demonstrated how a known terrorist on the Watch or No-Fly List could use a fake boarding pass to gain access to the sterile area of the airport. Once inside the sterile area, the terrorist could use a real boarding pass acquired under an alias to board the plane or otherwise disrupt the sterile area.

In response to these vulnerabilities, the TSA is integrating its Credential Authentication Technology (CAT) with its Boarding Pass Scanning System (BPSS) technology. The goal of CAT/BPSS is to ensure that identity credentials and boarding passes presented at the checkpoint have not been tampered with or fraudulently produced. In addition the CAT/BPSS supports TSA efforts to ensure that the information on the boarding pass matches that of the identity credential.


So even though they need to spend the insane amount of money to verify the ID's and boarding passes, every time something like this happens, they blow it off as no biggie, saying

“Passengers are subject to a robust security system that employs multiple layers, including thorough screening of every passenger at the checkpoint, the presence of behavior detection officers, federal air marshals, armed pilots and a vigilant public, as well as many others, both seen and unseen,” the statement says.

“The system is designed so if one layer of security does not meet our standards, there are many others in place to ensure the safety of the traveling public,” according to the statement.
cordelli is offline  

Thread Tools
Search this Thread
Search Engine: