An authorized website that will sell tickets to the 2010 Vancouver Winter Olympics is not as secure as it claims in fending off software aimed at jumping the queue and snapping up tickets, a computer expert said Wednesday.

Allan Caine, a PhD student in computer science at the University of Waterloo, says online ticketing companies should better protect their clients.
(CBC)

The 1.6 million tickets for the Winter Games don't go on sale until October but Allan Caine said he has cracked a key security feature on ticket.com, a company that handled tickets for the Games in Atlanta and Salt Lake City in the U.S.

Caine, a PhD student in computer science at the University of Waterloo in Ontario, told CBC News he found a weak link on the site that can be fooled by software designed to assist purchasing tickets online by posing as a human being.

Various software programs can read "captchas," which are visual puzzles seen on websites as a security feature to make sure a person and not a computer program is buying tickets, Caine said.

The captcha is key to keeping hackers from jumping ahead of human buyers in the ticket line, he said.

"What we are testing is whether our [software] is able to determine what is the solution to that particular picture," Caine said. "All I'm going to do is, I'm just going to hit the 'enter' key and then I'm not going to touch the keyboard after this."

A 'captcha' is a visual puzzle seen on websites and a security feature to make sure a person and not a computer program is entering information during online ticket sales.
(CBC)

"The captcha server has said, 'admit the client' and we're already in — faster than I can actually describe to you."

When ticket.com learned that he could solve their captchas, a company lawyer sent him a letter demanding he keep his research quiet, Caine said.

Michael Martinez, a spokesman for ticket.com, said the captcha is just one way the company keeps hackers out.

When asked if Caine would be able to use his software to obtain tickets via ticket.com, Martinez said he has "no idea."

"Our site is secure," Martinez said.

Caine is questioning the protection the company is providing for its clients.

"I'm not going to tell them how to do their own business but … Are they really taking this seriously? Do they care about their clients?"

Mario Livich, a spokesman for ShowTime Tickets in Vancouver, says the job of ticket reselling agencies is to connect buyer and seller, not to judge how tickets are obtained.
(CBC)

The Vancouver Organizing Committee for the 2010 Olympic and Paralympic Winter Games admits it's concerned about security of ticket sales and said it is working with ticket.com to develop a new system they hope will be fair.

Mario Livich, a spokesman for ShowTime Tickets, a ticket reselling agent in Vancouver, doesn't deny software is being used by people who buy tickets and then resell them at higher prices.

Livich said there's a whole underground network of people vying to snap tickets online.

"I know they certainly fill our orders when we say we'd like to get X amount of tickets to this event. They'll get the job done … Sometimes they won't but they're pretty good at it," he said.

"I'm not here to judge what's right or wrong. Our job is to connect the buyer and seller. When somebody comes and sells us a ticket, we don't ask them, 'How did you get that ticket?'"

Livich said the way event tickets are resold is not necessarily fair but "our market economy is not about fair."