Why do frequent flyer accounts have such awkward security questions?

Dec 23, 2019

This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. Terms apply to the offers listed on this page. For an explanation of our Advertising Policy, visit this page.

What’s up with those security questions airlines ask when you log into your frequent flyer account?

You know, the ones that ask what you wanted to be when you grew up (looking at you, United); the strangest food you’ve ever eaten (I’m pretty experimental, American); or even who your date to prom was — which can be awkward if you, like me, didn’t have a date.

For the latest travel news, deals and points and miles tips please subscribe to The Points Guy daily email newsletter.

A tweet about a security question went viral last month after the user claimed a JetBlue question asked who their favorite child was. The airline even played along by tweeting back, “Say it. You know you have one.”

While JetBlue told TPG the question it actually asks is, “What is the name of your favorite childhood friend?” it still made us curious about an airline’s process for creating a security question.

And who is even responsible for dreaming up these sometimes ridiculous questions? Is there a copy editor at an airline’s headquarters writing queries designed to make millions of frequent flyers cringe, or a team of developers crafting clever ways to stump potential hackers in their tracks?

I reached out to all of the domestic airlines, and those that responded said technology teams are responsible for those strange security questions that, however personal, you’ll still never remember how you responded.

“Our security questions are suggested from our IT security business partner,” a JetBlue spokesperson said. Southwest, too, relies on a technology team to “[develop] password-protection questions that ask customers to provide unique answers that will enhance online security.” 

OK, so the questions aren’t posed by some moonlighting comedian or clandestine copy editor, as I initially thought. But though trained professionals are responsible for designing the questions, some industry security experts say the questions aren’t doing enough to safeguard accounts. One reason may be the increase in social media use.

“Criminals can use social media,” explained Charles Henderson, IBM’s global managing partner of X-Force Red. “You can find out a lot about an individual [there]. Because of that, a lot of these questions aren’t thought out.” For him, security questions such as, “What month did you meet your significant other? are poor because there are only so many answers to pick from — in this case, 12.

Regardless of whether the questions make you chuckle or wince, now is the time to mention how important it is to safeguard your frequent flyer accounts. That means thinking carefully about those security questions, and asking yourself if a hacker could easily determine your answers — or look them up on social media.

Henderson has an interesting suggestion for how travelers can really safeguard their frequent flyer accounts, but it’s something your mother told you never to do: lie.

“This is the time to lie,” said Henderson. “Don’t tell the same lie on every site … what you want to do is use a unique, non-correct answer for those security questions … something that is nonsensical, even.”

Lying — or bending the truth — can save you headache, time and points. It’s estimated that $1 billion a year is lost to crimes related to travel loyalty programs, according to the Javelin Strategy & Research firm. And hackers recognize how much information about travelers is out there — and how valuable frequent flyer miles and credit card points are.

Related: Thieves are out to sell your stolen miles for cheap

According to the 2019 IBM X-Force Threat Intelligence Index, the travel and transportation industry is the second-most attacked industry, attracting 13% of all observed attacks. That’s a huge increase since 2017, when the industry was 10th-most targeted. Since January 2018, 566 million records from the travel and transportation industry have been leaked or compromised in publicly reported breaches.

“The problem is, most consumers don’t pay nearly as much attention to their points as they do their credit card statements,” Henderson said. “And if you’re a criminal, you can use points to bankroll a black-market travel agency.”

That means your mother’s maiden name or the name of your first dog (sorry, Migo) probably aren’t the best questions to answer, unless you want your hard-earned points to end up in somebody else’s account.

Featured image courtesy of Getty Images

Delta SkyMiles® Platinum American Express Card

Earn 50,000 bonus miles and 5,000 Medallion® Qualification Miles (MQMs) after you spend $2,000 in purchases on your new card in your first three months of card membership. Plus, earn up to $100 back in statement credits for eligible purchases at U.S. restaurants with your card within the first 3 months of membership.

With Status Boost™, earn 10,000 Medallion Qualification Miles (MQMs) after you spend $25,000 in purchases on your Card in a calendar year, up to two times per year getting you closer to Medallion Status. Earn 3X Miles on Delta purchases and purchases made directly with hotels, 2X Miles at restaurants and at U.S. supermarkets and earn 1X Mile on all other eligible purchases. Terms Apply.

Apply Now
More Things to Know
  • Earn 50,000 bonus miles and 5,000 Medallion® Qualification Miles (MQMs) after you spend $2,000 in purchases on your new Card in your first 3 months.
  • Plus, earn up to $100 back in statement credits for eligible purchases at US restaurants with your card within the first 3 months of membership.
  • Accelerate your path to Medallion Status, with Status Boost®. Plus, in 2021 you can earn even more bonus Medallion® Qualification Miles (MQMs) to help you reach Medallion Status.
  • Earn 3X Miles on Delta purchases and purchases made directly with hotels.
  • Earn 2X Miles at restaurants worldwide, including takeout and delivery and at U.S. supermarkets.
  • Earn 1X Miles on all other eligible purchases.
  • Receive a Domestic Main Cabin round-trip companion certificate each year upon renewal of your Card. *Payment of the government imposed taxes and fees of no more than $75 for roundtrip domestic flights (for itineraries with up to four flight segments) is required. Baggage charges and other restrictions apply. See terms and conditions for details.
  • Enjoy your first checked bag free on Delta flights.
  • Fee Credit for Global Entry or TSA Pre✓®.
  • Enjoy an exclusive rate of $39 per person per visit to enter the Delta Sky Club® for you and up to two guests when traveling on a Delta flight.
  • No Foreign Transaction Fees.
  • $250 Annual Fee.
  • Terms Apply.
  • See Rates & Fees
Regular APR
15.74%-24.74% Variable
Annual Fee
$250
Balance Transfer Fee
N/A
Recommended Credit
Excellent/Good
Terms and restrictions apply. See rates & fees.

Editorial Disclaimer: Opinions expressed here are the author’s alone, not those of any bank, credit card issuer, airlines or hotel chain, and have not been reviewed, approved or otherwise endorsed by any of these entities.

Disclaimer: The responses below are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser’s responsibility to ensure all posts and/or questions are answered.