Passenger Name Records (PNR) are used to store reservations with links to a traveler's name, travel dates, itinerary, ticket details, phone and email contacts, travel agent, credit card numbers, seat number and baggage information. The six-digit codes act as pincodes for locating travel records, albeit with vital differences that make them highly insecure compared with even the simple usernames and passwords that consumers use to access email or websites, the researchers said. The world's three major global distribution systems (GDS) - Amadeus, Sabre and Travelport - manage a majority of travel reservations but face growing competition from airlines and corporate travel and online booking sites. "While the rest of the Internet is debating which second and third factors to use, GDSs do not offer a first authentication factor," researchers at Berlin-based Security Research Labs said in a statement. Get the full story at Reuters