Researchers exploit vulnerability in SBB app for free train rides
Published: Wednesday, May 15th 2024, 10:20
العودة إلى البث المباشر
Researchers at ETH Zurich have tricked the SBB's Easyride function in an experiment and used it to travel by train for free. However, this vulnerability has now been rectified, the university announced on Tuesday.
The computer security researchers manipulated the location data of a smartphone for the test, as explained by the Swiss Federal Institute of Technology in Zurich (ETH Zurich).
The researchers said that such manipulation requires specialist knowledge. However, it is knowledge that computer science students already have at Bachelor level.
With the Easyride function, train passengers can check in via the SBB app when they have boarded a train and check out again when they have alighted. The app then determines the route traveled based on the smartphone's location data and books the appropriate ticket retrospectively.
"Location data can be manipulated"
The researchers tested the smartphone they had prepared on several train journeys from Zurich to the capital of a neighboring canton. The fraud was not noticed during the ticket inspections on the train, nor were the fraudulent users contacted by SBB afterwards, as the ETH wrote. Instead, SBB calculated the costs of the faked small-scale movements for which no public transport was used.
"The fundamental fact is that the location data of a smartphone can be manipulated and cannot be trusted," the researcher Michele Marazzi, who was involved in the tests, was quoted as saying in the press release.
Vulnerability fixed
Incidentally, the researchers also carried a valid ticket with them during the tests, as they emphasized. Using the Easyride function with manipulated location data is a punishable offense.
The ETH researchers informed SBB about the vulnerability in the Easyride function. According to SBB, such manipulations are now detected retrospectively and reported. For security reasons, SBB is not disclosing exactly how the checks are carried out, as ETH Zurich wrote.
©كيستون/إسدا
Arabic 
English 
German 
French 
Spanish