I boarded a plane at a small regional airport two weeks ago. And noticed some new and unusual behavior by the TSA screener at the security checkpoint.
After I walked thru the metal detector, he took a small penlike device and scanned it across the name, address and photo on my driver’s license. Slowly. Twice. Which is why I figured he was scanning. At first my reaction was that he was optically scanning the information into this “pen” and that it would be dumped into a computer later on.
Bruce Schneier is a fantastic source of information and particularly the debunking of security and security myths. From what I’ve read on Bruce’s blog, it’s possible that the TSA guy was just running an ultraviolet light across the license to look at the holograms on the license. But my eyes are pretty sensitive to UV and honestly I didn’t see any reflection. (Cool video of Bruce’s Q&A at defcon 15.)
So I’m still working the theory that he scanned an image that would later end up in a TSA computer. (See IRIS pen scanner, or look at what the New York Times reported last year.)
What would happen to that scanned information? Well, if banks and healthcare institutions are any indication, it would likely go (via USB) onto a laptop computer somewhere, later on to be stolen.
I am continuing to research this, but wonder if anyone else has run into this scanning behavior by TSA?