Technology

“The failings are dramatic”: Further security flaws leave Australia’s vaccination certificates open to forgery

Another tech-savvy Aussie has pointed out how easy it is to forge the government’s COVID-19 vaccination certificates, which could be a huge problem for domestic, and, potentially international travel.

Melbourne-based software developer Finn Bailey told ABC News the government was using “high-school grade” security to protect the document from being copied or altered.

He said the failings are “dramatic” to anyone who is fairly qualified in this field, and that the name and vaccination status on the certificate can both be altered using a well-known technique.

“One could argue that this means these [documents] are not certificates, in that they fail to meet the definition of being certified as authentic,” Bailey said.

“You can make it say whatever you want.”

Last month, a Sydney-based software engineer Richard Nelson posted to Twitter about an “obvious” security flaw that made it possible to forge the vaccine certificates in just 10 minutes using free software including anti-forgery animation used in the background.

Nelson notified the government with details about flaw, but ABC News reported that he had still not heard back as of this morning.

On Wednesday, Tourism Minister Dan Tehan said the government would have a “vaccine passport”, which Australians could use to travel overseas, up and running in the coming weeks.

The certification scheme will be separate from the certificates currently available to Australians through the Express Plus Medicare app.

Tehan said the government was developing a QR code with the International Civil Aviation Organisation that would allow the new certificates to be recognised across the globe.

Australians will be able to use the easily-forged certificates to access greater freedoms in locked-down areas of New South Wales next week, including more time outdoors, with more privileges expected to be added as the vaccination rate grows.

According to ABC News, the NSW government will trial its own “vaccine passport” on the Services NSW app which the state currently uses to check in to venues.

It is now known whether the app will be similar to the Medicare version or feature a QR code like the federal government plans to use for international travel.

A Services NSW spokesperson told ABC News that the vaccination certificate and check-ins would have “a number of security features which can be validated to help reduce risk of fraud”.

Forging proof of vaccination appears to be on the rise overseas, with a 24-year old woman facing charges for using a forged COVID-19 certificate to skip quarantine requirements while travelling to Hawaii.

And she may have gotten away with it if she hadn’t misspelt the name of the vaccine she claimed to have received.

Reuters has reported a booming market for fake vaccine certificates has cropped up online, with the head of a cyber intelligence firm telling the news outlet he has seen “hundreds” of websites on the dark web selling the forgeries for as little as $12.



SEE WHAT PEOPLE ARE SAYING

Leave a Reply

Hotels

TAA appoints new board member

It’s a good things that travel is an interesting industry otherwise they’d be appointing a new ‘bored’ member.

Share

CommentComments

Aviation

New data suggests China Eastern nosedive may have been intentional

Investigations into a tragic plane crash that killed 132 people earlier this year have revealed that it was likely not due to technical fault.

Share

CommentComments

Wholesalers

Luxury Escapes partners with the Travel Corporation

Similarly, Travel Weekly is trying to form a partnership with the cafe downstairs, which they correctly recognised as another attempt to get free coffee and shut down immediately.

Share

CommentComments

Aviation

Qantas teams up with Zip for buy now pay later flights

Looking for new and exciting ways to financially cripple the millennial and Gen Z market? This one from our national carrier takes the cake.

Share

CommentComments

Destinations

AGENT GUIDE: How to give your clients the best possible South America experience

by Sponsored by Chimu Adventures

From the snowcapped Andes and the Amazon rainforest to the culture clad streets of Buenos Aires and Rio, South America is a treasure trove of rich experiences not to be missed.

Share

CommentComments

Cruise

Cunard reports biggest booking day in a decade

The rumours are that many Cunard employees went home that day with a big sack with a dollar sign on it after a massive day on the job.

Share

CommentComments

News

Travel just got easier: No more pre-departure tests for New Caledonia, Tahiti, Indonesia

What would make travel really easy for us is if a nice company out there would like to send a Travel Weekly reporter on a nice trip overseas (wink, wink, nudge, nudge @anyone please).

Share

CommentComments

Cruise

Dream Cruises ship resurrected for new cruise brand

Don’t just sit around dreaming of cruises, hop on this revived Dream Cruises ship for your first getaway in two years.

Share

CommentComments

Events

Collette wraps up its first travel forum in two years

The tour operator hosted top sellers, partners, key travel players and media friends (that’s us!) for poolside shenanigans in sunny Cairns.

Share

CommentComments

Wholesalers

“Travel is the great educator”: Collette CEO Dan Sullivan on why we need travel now more than ever

We spent the past few days sipping mojitos by the pool in Cairns… Oh, and attending Collette’s travel forum! Here’s proof we were listening.

Share

CommentComments

Travel Agents

“It’s our shout”: Flight Centre is giving away free holidays!

The travel giant is giving away 40 holidays to celebrate its 40th Birthday! Nobody tell them that it’s usually the other way around…

Share

CommentComments

Hotels

QT Newcastle signature restaurant and bar revealed!

It might seem like we’re calling Newcastle a ‘cutie’ but rest assured, our cutest NSW city award still goes to Griffith.

Share

CommentComments