When we’re traveling, we may not think much of our boarding passes, but posting them to social networks like Facebook and Instagram can be a lot more trouble than it’s worth.
Those strips of paper may seem like gibberish for the average traveler, but the information printed on it stores quite a bit of information about us, once you know how to access it.
Anyone with too much times on their hands could easily use this ticket information to change your seat, rack up extra charges on your credit cards, or even cancel your ticket all together.
What your boarding pass says about you
Each boarding pass varies slightly in design, but here are some of the common bits of information you can find.
- Passenger first and last name
- Traveling from and to destinations
- Travel date
- Travel time
- Flight number
- Seat number
- Ticket number
- Reservation code
While the first few are obvious from a safety point of view, someone having access to your ticket number or reservation code could result in a bit of a nightmare. The reservation code or ticket number can easily give someone with internet access, the ability to modify or cancel your ticket and potentially rack up unwanted charges on your credit card.
Here’s a quick demo of what I mean.
I found this passenger’s boarding pass on Instagram. I have almost no idea who this person is, but with the included details, I can go on the British Airways website to find out more.
After punching in the passenger’s last name and reservation code, I got access to quite a bit of information, including their return flight date and destination, their phone number and email address. There was also the option of changing their seat.
I guess the next best option would be to put them at the back of the plane in a middle seat? As British Airways charges passengers to reserve seats in some instances (like this), it would not make sense as you’d need to put in your credit card or PayPal information. However, it does prove my point of how easy changes can be made.
Let’s try another. This time we’ll tackle someone flying with American Airlines. Again, I’m taking a random photo I found on Instagram.
With the reservation code (record locator), I was able to pull up the passenger’s itinerary, seating configuration, ticket price, frequent flyer number, email address and phone number.
Alright, this person had a crappy seat to begin with, but imagine having a window or aisle seat at the front or middle of the plane, and then suddenly ending up at the back on a jam packed flight. There was the option of buying Main Cabin Extra seats, but like above, you have to re-enter your payment information.
As a frequent AA flyer myself, depending on early you access the passenger’s information, there is the option of easily canceling the ticket. Given that people generally post ticket information on their travel date, there is still the chance of canceling the return leg (assuming it’s a round trip ticket).
Messing with a passenger’s trip is minor compared to having your identity stolen. As these tickets store information about us, anyone can easily use the information and a bit of social engineering to gain access to your frequent flyer account, draining all your hard earned miles that you may have accumulated over the months or years.
If you want to share a photo, maybe you can take a picture of the lounge or your aircraft. Better yet, you can share a photo of the ocean assuming you’ve got WiFi on board.