tcp1

The app does not display or let them query for your birthdate. It never shows the year.

It just notes when a customer on a particular flight the FA is on has a birthday that day.

She also informed me the manifest has shown this for years.

When she brought me up in the app, it literally just showed my reservation card. Since she was not on my next flight and I wasn't checked in yet, she could get no more info about me. The information shown is very, very limited.

The phone is locked down and has a limited set of apps. It doesn't even have phone calling or text messaging functionality - those apps are removed. The email app is limited to an internal "ualfalink" (the name of the device) numbered e-mail address, oddly based at gmail.com, not united.com or even ual.com. Probably using one of the gmail corporate services.

One app is called "Customer Info". When you click on this, it has only a couple of options - the main ones being View Itinerary and Seat Map. The app has the word "PROTOTYPE" on the splash screen; it's clearly still in early development.

Seat Map is basically the manifest they've always had. They can click on a seat and see the person's name, status, and IF they have a birthday.

The "View Itinerary" is EXACTLY IDENTICAL to the same function in the customer United mobile app; the FA is simply allowed to see all itineraries for all pax on the flight.

The other apps are "Sales", which interfaces with the credit card reader, a few maintenance apps (their account settings and such), a link to the Flying Together intranet site, the stock United app, and then a limited set of off-the-shelf travel apps (Uber, hotels, etc) that the FA is allowed to use while working. They can also download the UALByPhone app for their scheduling if they subscribe to it ($10/month or $100/year. So yes, even the FAs get nickeled and dimed.)

United has their own walled-in app store installed on the phone - so no installing Candy Crush. Everything is apparently encrypted in addition to the native iPhone encryption, and the device can be disabled remotely if lost. Every part of it seems super security conscious.

Any rumors about extraneous "personal information" being disseminated to random FAs is totally exaggerated.

She did say at first she thought it showed your home city / airport - but it does not. There is no address information. It only shows HER home city / airport.

Personally, I can't see anything about this phone/app situation being anything but positive to passengers. Part of their new training is to help people out with connection info prior to landing, and that's what this information is there for.

NewportGuy

For those who think the info about connections is great, yes it is. But wouldn't it be better for UA to post ALL connecting info, say on the WiFi system or a channel of the IFE, so you can see ALL connection information, including your own? Isn't United famous for NOT holding flights for passengers, so by posting all information you can see the next available flight after the one you are about to miss. Why isn't THAT a better service to passengers?

And yes, this handheld device IS a threat to your personal information, regardless of what it shows the FA, just as how hacking your credit card by scanning you as you walk past can totally screw up your life in ways you can't imagine.

Again, show me the necessity of this additional open port into United's data.

phxrsng

A device that can be remotely wiped or a printed manifest that can be swiped or lost. Hmm. I think I'll go with the iPhone. And my job is security engineering, so I do have some idea what I'm talking about.

This forum complains to no end about the lack of personalized, customer centric service by United. Not that it's not warranted at times. Devices and apps like this are the new, and frankly best, way for that to happen. Relevant, individualized customer information in the palm of the employees hand to make them more helpful to customers. Just like high end retail outlets are trailing Apple watches that will handle CRM for high value customers as they enter the store.

This clearly helps better service be provided, and we have proof of that from someone who has just experienced it. What more do you want?

tcp1

They already do?? You can access united.com for free on the wi-fi service currently.

I don't know, whenever I'm at the gate as people are deplaning, I constantly see an agent standing there as people exit, and every third person or so asks him or her which gate his next flight is leaving out of. You think it would be better to not have this information available? It may not be a 'game changer', but how can you say it's not an added service?

Or are you just trying to find any way possible to put down United here?

You really are being unrealistic here, and I think you don't understand how data systems work.

First, "hacking your credit card" does not "screw up your life". EVERY credit card out there gives zero liability to users for unauthorized charges. Every once in a while somehow someone gets a hold of my credit card info - whether it be a jerk waiter at a bar OR from an actual data spill online. I'd say it's happened to me 6 or 7 times over the past couple decades. Do you know how many times anything more than a single phone call was involved to solve the problem? Zero.

Second, you don't get "hacking". The very fact that you are purchasing an airline ticket lets the horse out of the barn on this one. An additional portal to United's back-end data systems; the EXACT SAME ones that are currently exposed on the current internet site, pose no additional security risk. A "hacker" can approach this info from the luxury of his dark basement or a Starbucks - it's sitting out there on the public internet. (I guarantee that this app uses the same back-end web services as the public site, there would be zero need to duplicate and it would be simply inefficient)

These devices are simply internet terminals; the caching of encrypted credit card data for in-flight purchases is done TODAY; the previous handhelds that FAs used were Windows CE based and operated in an identical fashion. They actually use better credential management than the public-facing site. The biggest threat to your personal data with United is called united.com, and that can be accessed from anywhere anytime. If anything the iOS platform has shown to be MORE resilient than WinCE or other custom platforms - so you're seriously making a mountain out of a molehill here.

There is zero point in trying to "hack" (man do I hate that word, it is so much more complex than people make it out to be) into an AES-256 encrypted at-rest locked down phone with isolation provided via VMWare, one of the biggest security-concerned companies out there (that's who provides the lockdown system on UAFALINK) when someone can simply pound at united.com with zero effort.

And *I* am speaking as a cloud software engineer for a certain government TLA working via a large aerospace contractor - not as a backseat IT critic. Your fears are illogical on this one.

Necessity? You keep saying this. If necessity was the only driver of everything United did, it would be called Spirit.

United may suck in a lot of ways, but I fly them over WN or Spirit or Frontier for a reason - there's a little bit of "full service" still left in them. If they can do something that pushes things back in that direction vs back towards the barebones LCC service model, hell, I'm all for it.

JVPhoto

Thank you for that post TCP1 on the both the details of the app/device and propels' "concerns". Can't say it'll end the discussion for some but I found it very informative.
My next TPACs are on NH/TG but will be interested to see if/how this is employeed on SFO-LHR later this year.

NewportGuy

As "informative" as some found it, it wasn't close to accurate. Without getting into detail, yes I do intimately understand hacking, from some of the best on the planet. They LOVE this kind of stuff. People fall all over themselves thinking how "great" it is, while opening up lots of new possibilities for hacking. Just as no one could possibly hack into a car and take control (!), this "simple device" is harmless. Truly!

THAT'S why I keep asking about the necessity. It honestly isn't necessary, but a new way for United to pretend to be serving customers while people ignore the implications. All I suggested upstream is allowing for opt-out (not that it will really help, because the device and software open lots of doors that shouldn't be open)

haddon90

actually, it was informative, and accurate.

NewportGuy

So one would believe that it isn't possible to use these devices as a door into the UA system? You'd be amazed at how little it takes to make entry into a system, including planes and cars. Yes, hackers can do it through other means, but why make it easier? What is the great benefit versus the risk? How many people would have said taking over a car's controls is IMPOSSIBLE, until it happened?

NewportGuy

Best line of the day!

No, the necessity should be weighed against risk. What is REALLY gained by F/As having access to this data? Instead put connecting info on a plane-wide system, without the personal info connected. And something as innocuous as a birthdate can be highly useful, even without the birth year.

physioprof

I think what was being explained is that already existing doors to UAs computer systems--and particularly the door provided by the united.com Web site--are much easier to break through than this new one. Thus, adding this one--although it may increase the number of doors--doesn't increase the ease of breaking in.

Think about it this way. Suppose you start with nothing but a wooden door on the front of your house, and then you later install a steel door in the back. While you have increased the number of doors by one, you haven't made it any easier for someone to get into your house. If you had started with *no* doors, and then you installed a steel door, it would be different.

Boo_Radley

Saw it over an FAs shoulder while I grabbed a drink from him back in the galley. He asked me for (and inputted) my seat number, even though (or maybe because?) I paid w/ a drink voucher. If UA starts tracking in-flight alcohol spend, they better create some status levels for us.

JVPhoto

I can see the marketing emails now...

"Betty Ford has been wondering where you are..."

NewportGuy

But why make it easier? Now you have 2 doors to secure, to monitor. What is the gain versus the risk? What is it that makes it worth the potential problems?

physioprof

I think the point is that this doesn't make it any easier to get in than it already is. If all this phone app does is access the same backend system that united.com does, then considering that united.com is still using four digit PINs as passwords, I'm having a lot of trouble getting worked up about this.

Viking547

Paranoia galore here. For those of you who are worried about 'privacy', it's surprising that you use public forums on the Internet and use credit cards to purchase anything, and that you are ok with the first 3 letters of your last name being shown on the public upgrade board.

Bottom line: if UA is putting in measures to create a better and more personalized customer experience, then so be it. The information is not a secret: the agent at the check-in counter sees your ID as does TSA; United already has your personal info and the GA's can see it, reservations agents can see it, and so now FAs can see it. Simple solution--if you don't like it, stop flying UA.