Presented at
LocoMocoSec 2018,
April 5, 2018, 3:50 p.m.
(40 minutes)
Everything you’ve been thinking is true, and it’s way more interesting than you thought. That’s because the highwaymen of today no longer hide in the shady corners of the Internet — they occupy major airlines and extort unsuspecting travellers (you!) by blocking competitive seats. They swoop in with millions of automated attacks that constantly reserve the most affordable seats on popular flights and force people to purchase more expensive airfares. This monopolizes the supply of tickets, while driving their demand to an astronomical profit. These attacks use payment redirections, like PayPal, and reserve seats indefinitely without ever needing to finalize the transaction. In a matter of seconds, every affordable fare can be tied up, preventing legitimate paying customers from being able to see, and book, these seats. And while all of this may sound extraordinary, it’s anything but uncommon in the ticketing industry – where rampant automation is big business for criminals and ticketers alike. This talk will cover a live demonstration of how bots exploit airline ticket sales and distribution; why ticketers knowingly offload their risk to criminals at your expense; what abuse cases already exist in other industries using the same methods; and a discussion on the future of human verification in the automation age.
Presenters:
-
Kevin Gosschalk
- FunCaptcha
Kevin Gosschalk is the CEO and Co-Founder of FunCaptcha, where he leads a team of people focused on telling computers and humans apart on the Internet. He gained early recognition for his work with the Institute of Health and Biomedical Innovation (QUT) as part of the LANDMark (Longitudinal Assessment of Novel Ophthalmic Diabetic Markers) study, where he developed an innovative mapping technique to detect early signs of diabetes using noninvasive methods. Before FunCaptcha, Kevin worked on gaming hardware for the intellectually disabled at the Endeavour Foundation and built a unique device incorporating Microsoft’s Kinnect Camera technology. The project attracted $500,000 in funding and was transformed into the marketready product, Edu Touch Magic Carpet, which was licensed to Eduss Education Ltd in 2013. Noted for his involvement in interactive development and machine vision, Kevin then turned his expertise to CAPTCHA — often regarded as the Internet’s impossible problem. Today, FunCaptcha has transformed the irritating chore of comprehension into an SLA-guaranteed visual activity that stops automation for brands like Electronic Arts, Kik, and StubHub. Kevin holds a bachelor’s degree in Games and Interactive Entertainment from Queensland University of Technology, Australia.
Links: