News
Blogs
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
IT Careers
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Industry
This Week in Print
Print Subscriptions


Ads by TechWords

See your link here


Robert L. Mitchell's picture
Robert L. Mitchell

Reality Check

More posts | Read bio

November 8, 2005 - 10:07 A.M.

Hotel swipe-card keys: An endangered species?

5 comments

According to a story in today's New York Times by travel columnist Chrisopher Elliot, the magnetic card keys used by hotels may be on the way out. In  The Embattled Hotel Swipe-Card Hotel Key, Elliot says that rumors about personal data being stored on the magnetic stripes on the back of hotel card keys persist and that  "the hotel business is quietly looking for alternatives to make sure the fears don't spread."  Technologies under consideration include fingerprint readers, smart cards and proximity cards.

Elliott also cites my blog entry in which a source cited three instances when personal data was stored on his hotel card keys (see Swipe here to steal ID, and the follow up entries Bring your swiper and Hotel reader facts and fiction).

In his story, Elliott quotes me as saying "But what is the truth? We intend to find out."  Readers might wonder what I meant by that.

While I am sure that most major hotel chains that directly own their own properties  would never be so sloppy as to allow customer data to be encoded on hotel card keys, it is also possible to envision some situations where hotel card keys might contain personal data. The only way to find out for sure is to examine real cards. With the help of the Computerworld staff I am currently gathering hotel key cards, logging them and scanning them for data. I am also passing those cards by an expert who will also do a second scan to see if indeed any data resides on them. When I have enough data to say something substantive I'll post it here.

Note: For the purposes of this experiment I cannot accept cards from parties outside of Computerworld.

What People Are Saying

Add new comment

Are those rumors started by

Submitted by Borge Christophersen on November 16, 2005 - 10:10 P.M.

Are those rumors started by someone out to hurt the hotels or the lock system manufacturer ore are they equipt with an oweractive imanigination and a total lack commen sens.

Report this comment

We provide the ideal

Submitted by Paul Frenette on November 16, 2005 - 2:16 P.M.

We provide the ideal solution to this that allows complete secrecy of guest data and yet allows high security for hotel doors and access control. My company deploys iButton technology that bridges the need for privacy of information and yet allows access if/when required. Magstripe is on the way out, too easy to lose, corrupt, read and write.

Report this comment

Surely everything is already

Submitted by Jim S. on November 16, 2005 - 2:09 P.M.

Surely everything is already covered here:
http://www.snopes.com/crime/warnings/hotelkey.asp

Report this comment

JMAC makes a good point.

Submitted by Robert L. Mitchell on November 10, 2005 - 11:57 A.M.

JMAC makes a good point. Ideally the identifier on the card key's magnetic stripe is an abstract one that is meaningless unless it can be associated with data in the back-end systems. A fingerprint reader is much more personal. I would invite JMAC or anyone in the hotel industry who wants to talk about these issues to drop me an e-mail.

Report this comment

I have worked in the hotel

Submitted by JMac on November 9, 2005 - 8:58 A.M.

I have worked in the hotel industry for a long time and have spent the past decade in the IT department for a small national chain. I can't imagine the purpose of having any personal guest data on the card key. Although some chains I guess, could include a guests fequent stay number for some purpose. The only data we pass to any of our cards is the information needed for the lock to know the key is valid for a given room along with at what date and time it should prevent it's use. At a few properties a data bit to indicate parking is validated.

As to alternatives. We here in the USA enjoy our freedom and as a part of that, many demand complete privacy. Any lock system that would be ultimatly secure would need to use private information. Retna, finger print, or possibly DNA down the road. That would then mean that a hotel company would have acess to far more information on it's guests than the demographics and credit card numbers we have now.

So what of the guest that wants to protect their privacy and to do so pays by cash now. Carry an extra finger with them???

Report this comment

Related Posts

iPhone 3Gs jailbreak jeopardy: Apple pwns Dev-Team's 24kpwn
How reliable is YOUR wireless network?
Think you own your Kindle books?
Analyst advises caution over Windows 7 demand estimate

Today's Top Stories

Microsoft confirms IE6, IE7 zero-day bug
iPhone worm steals online bank codes, builds botnet
HP sees PC sales jump in China
Update: HP reports solid Q4 on services growth
PC market crash averted, says Gartner
Jolicloud eyes Chrome OS's thunder
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.