News
Blogs
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
IT Careers
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Industry
This Week in Print
Print Subscriptions


Ads by TechWords

See your link here


Robert L. Mitchell's picture
Robert L. Mitchell

Reality Check

More posts | Read bio

January 13, 2006 - 12:31 P.M.

What's not on your hotel card key

4 comments

It's only fitting that readers of this blog have an early look at Monday's feature story about whether hotel card keys contain any personal information, since it was your comments that prompted me to try to find answers.

Is there really any personally identifiable information on that magnetic stripe on your hotel card key? As the headline implies in It's Just the Key to Your Room, it is unlikely that anyone will find any personal data stored on a hotel card key, other than possibly your name, even when those card keys are used to make charges at resorts. I came to this conclusion after talking with experts about how card key systems are designed to work, reviewing possible scenarios where personal data might have been encoded on cards, and  testing 100 cards gathered at random from a wide variety of lodging establishments in the U.S.

What prompted all this? Last September in this space I posted remarks made by an IT director who said he had found personal data on hotel card keys at three properties where he stayed. This included his name, address and credit card number. The posting stirred up much controversy and generated many postings from readers, but few answers came of it. While many people had opinions or anecdotes about what was on the magnetic stripes on card keys, and the lodging industry had ready answers as to why this was impossible, no one had gone out and actually read an assortment of cards to see if any readable data was on them. Readers challenged me to go out and find some  answers, so I asked the Computerworld staff for help gathering cards to test. I also asked industry experts to explain exactly how card key systems work, what data normally resides on the cards and how card lock systems exchange data with other information systems in a hotel. You'll find answers in the story.

Over the course of a month our reporters and editors sent card keys from all of the hotels where they stayed. For some strange reason most editors and reporters preferred not to stay in economy lodgings, so I found myself checking into properties such as Motel 6 and EconoLodge.  That lead to some memorable experiences. I received cards from vacation resorts, as well as both mid-range and high-end hotels, and tested all of them. I read cards myself using a standard off-the-shelf card reader and then sent them to Terry Benson, Engineering Group Leader at  MagTek, a maker of card readers, for additional analysis. 

So could our IT director really have found credit card information on his hotel card keys? It's possible. There is a scenario that could explain his experience, as the story lays out. But it's nothing I would worry about.

Related News

What People Are Saying

Add new comment

That said, it's worth noting

Submitted by Radeon on January 16, 2006 - 9:22 A.M.

That said, it's worth noting that law enforcement officials still warn that lost or stolen hotel keys can be put to ill use by identity thieves in another way — namely, re-encoding them with stolen personal information and using them to mimic ATM or credit cards for unauthorized purchases and withdrawals. Prudence therefore dictates returning key cards to the hotel registration desk upon checking out or destroying them to prevent their falling into the wrong hands.

Report this comment

Someone should tell those

Submitted by lanshark on January 16, 2006 - 5:46 P.M.

Someone should tell those retailers who have displays full of blank cards (used as gift cards when properly initialized) that they are aiding and abetting crime by providing free cards (no cost if you don't initialize) for criminals to use in their nefarious schemes.

Report this comment

I agree to Matt. I don't

Submitted by Gamer on January 15, 2006 - 7:44 A.M.

I agree to Matt. I don't think that it used to be a secret what resides on the hotel cards. Why to create myth from the thing that is NOT a myth?

Report this comment

"...no one had gone out and

Submitted by Matt on January 14, 2006 - 6:50 A.M.

"...no one had gone out and actually read an assortment of cards to see if any readable data was on them."

Surprisingly, that's probably because everybody already knew there was nothing on them, and thought it a rather pointless excercise.

And why is the article sub-titled with "to explode an urban myth" when the only reason this article was ever thought of was because people already knew it was an urban myth, this article was researched to try and prove it wasn't, only to find out that it was?

Report this comment

Related Posts

Latest threat vector: Our mobile devices
iPhone 3Gs jailbreak jeopardy: Apple pwns Dev-Team's 24kpwn
Apple shovelware problems again (iPhone Configuration Utility 2.1)
The weirdest iPhone dating app, or the most useful?

Today's Top Stories

Droid launch draws tech-savvy crowd
AMD graphics chip shortage hits PC vendors
Intel readies 2.3GHz, 3.5GHz WiMax support with Kilmer Peak
First iPhone worm spreads Rick Astley wallpaper
Mozilla fixes Firefox crash bug
Update fixes iPhone sync problem with Windows 7 for some
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.