Brendan Hughes

Some of you know more about this than me - but this (long) article is terrifying. All from a discarded boarding pass stub.

"We logged on to the BA website, bought a ticket in Broer's name and then, using the frequent flyer number on his boarding pass stub, without typing in a password, were given full access to all his personal details - including his passport number, the date it expired, his nationality (he is Dutch, living in the UK) and his date of birth. The system even allowed us to change the information.

Using this information and surfing publicly available databases, we were able - within 15 minutes - to find out where Broer lived, who lived there with him, where he worked, which universities he had attended and even how much his house was worth when he bought it two years ago."

http://www.guardian.co.uk/idcards/st...766266,00.html

Freak

I noticed recently that BA had fixed this flaw!
I did notice it a few months back when booking a flight.....on the booking pages you put in a frequent flier number (i have a BA card too) and it inputs your details on screen without the need for a password.... unlike logging in to your account which requires a password!

I do however have all 30 ish boarding pass stubs from the last 12 months here with me-I dont bin them! I also give the bare minimum required for the advanced passenger information when flying to the US. Never had any problem whatsoever

Scary stuff

OllyK

The trouble is, the government see ID cards as infallible and as the definitive reference. If anything is wrong on the details they hold about you, it's your fault, even if they keyed the information in correctly.

If somebody manages to clone your ID card and hack the DB to update the biometrics, you'll have a hell of a job proving who you are as the ID database won't agree with you and the information in it "can't be wrong" anyway.

The gains to be had by criminal gangs for finding ways round the system are huge and so expect it to happen, probably before it actually goes live.

SJ_Skyline

Or you get a disgruntled employee who has access to the data. This happened recently with HSBC in India IIRC.

scoobynutta555

Id imagine itll be a bit like cloning cars is now. Simply put someone elses plates on your car from a similar car and drive around with impunity. With the ID cards, have a clone card and do a lot more serious criminal acts and youd have perfect id disguise.

Instead of getting a nip through the post for going through a red light in a town youve never been to, you could be on a murder rap for someone youve never met before. The potential for fraud with ID cards must be limitless.

Leslie

I am inclined to say that our personal security is of no consequence as far as the authorities are concerned. They just want to be able to access all our private information whenever they feel like it.

Les

Freak

Someone I know got sent a new biometric passport last month.

Tiny chip inside the back page with a tiny transmitter loop/ariel type thing in it. Doesnt take a genius to see it will be very easily cloneable/hackable.

Markus

Boss and I have had many a chat about someone cloning your passport/ID card/whatever or the data being incorrectly input/changed be it by accident or mallicously.

Anyone who travels to the US knows how totally and utterly **** they are about security these days. If your record had been flagged then how the hell do you explain to the humorless droid that is the immigration officer that a mistake has been made? Worst case is that you're bumped back to the UK, where, hopefully, they will let you in, but you probably won't be able to get back into the US any time soon.

If I recall correctly the HSBC incident was as Rich says, as disgruntled employee selling customer account information.

Jonathan Davies

Apply for a new passport now and you'll have a period of exemption from getting a biosnooper version.

Leslie - I agree with you completely.

Flatcapdriver

But this is the crux of the whole problem. The US has borders as porous as the UK, so if an individual wants to get into the country he simply bypasses any border security and enters of his own free will. In which case, any proof of identity is irrelevant.

Brendan Hughes

According to our embassy - now now. Not after (I think) 29 May - then you have to get a radioactive one. And they cost twice the price.

Desperately trying to apply for my daughter's one now, she doesn't need to pay an extra fifty quid to go to the US.

Brendan Hughes

Dave -