This weekend, rugby pandemonium will sweep across the UK once again as the Six Nations rugby tournament kicks off. Over the next few weeks, England, France, Italy, Scotland and Wales all be fighting for the chance to knock defending champions Ireland off the top spot.
While some fans may have been lucky enough to get tickets to the games to cheer on their home nation, others may find themselves being turned away at the turnstiles because, unfortunately, major ticketed events are fast becoming lucrative hunting grounds for would-be criminals.
E-ticketing, on mobile devices, has today become an essential for the majority of consumers. This method of delivery is fast becoming an ‘expectation’ for customers rather than a ‘luxury’. And it’s not difficult to see why. It’s on-demand, convenient and customers carry their mobile in their in the pockets everywhere they go.
However, balancing this level of convenience with security is of paramount importance. Only once a trusted infrastructure for issuing e-tickets is in place will widespread adoption of this method amongst consumers, across industries, be achieved.
We can look at the airline industry, which has made significant investment in secure e-ticketing, to see how this is currently being achieved. Electronic boarding passes offer passengers a quick, easy solution to get from A to B and, as such, they have been quickly accepted by travellers. However, security is, of course, a primary concern in the airline industry and an altered boarding pass could bring catastrophic consequences.
By utilising digital signatures for boarding pass barcodes, their integrity and authenticity can be validated. This helps protect customers against forgery and enables validation upon check-in. Carriers use private signing keys to sign barcodes and issue associated public certificates from a public key infrastructure (PKI) for their validation. It is these private signing keys that underpin the security of the entire system. The ability to properly safeguard and manage these keys is an essential part of the puzzle, particularly when you consider that the easiest way to try to issue a non-authentic boarding pass is to compromise the carrier’s private signing key – allowing you to apply a legitimate signatures over an illegitimate pass.
Protecting private signing keys in specialised hardened devices or hardware security modules (HSMs) ensures that they are held within a protected environment, as well as allowing carriers to set specific access control policies to ensure that they are only used for their authorised purpose. As a result, would-be criminals are unable to exploit the weaknesses associated with storing keys on application servers and fraudulently assume the identity of the signing airline, or event organisers, and issue what appear to be legitimate tickets.
Secure e-ticketing needs to be at the top of the agenda for big sporting events, such as the Six Nations, if we are to prevent criminals capitalising on fandom. With more major events coming up this summer, such as the 2016 Olympics and the UEFA European Championships in France, there will be more opportunities for fraudsters to take advantage of a consumer frenzy. Organisers, then, need a secure solution to e-ticketing. Only when this is in place will fans and spectators willingly embrace e-tickets with confidence, knowing that fraudsters have been kept at bay.
How much do you know about tech in sport? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…