Computerworld Discovers Hotel Keycard Myth Is, Indeed, A Myth
from the crack-reporting dept
Last September we were quite surprised to see a Computerworld reporter place a story on his blog warning people that hotels were putting personal info on the keycards that let you into rooms. As we pointed out, that story was an extremely well-known urban legend that had been debunked repeatedly by many sources. As such, it seemed odd that anyone would report it again without getting plenty of evidence to back it up. The reporter in question, Robert Mitchell, defended the posting in our comments, but also set out to collect as many of these keycards as he could, while discussing the issue with plenty of industry insiders so he could write an actual article on it. Shocker of all shockers, he discovered that, as everyone expected, it's just a key to your room and stores absolutely no personal data. In other words, exactly what pretty much everyone knew before -- which is why it's a bit amusing to see the Computerworld sub-head claim that it's "exploding the urban myth." Next up: Computerworld will tell us that Bill Gates really isn't paying people to send email. Meanwhile, it's still quite odd that Mitchell's original source, Peter Wallace, IT Director at AAA Reading-Berks in Wyomissing, Pennsylvania, now refuses to comment at all on his original claims that resulted in this wild goose chase. Of course, thanks to the ongoing life of this story, hotels are actively looking at alternatives, because they're sick of explaining to people that there's nothing to worry about.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
A single point of failure...
[ link to this | view in thread ]
Why would the hotels do so anyway?
Sometimes, if people were to just use their brains even a little bit, they could save themselves a lot of hassle.
[ link to this | view in thread ]
Majority of the Stupid...
If anybody is so worried about such a thing, stick the card in the same pocket as your cellphone for a minute and see what happens.
[ link to this | view in thread ]
No Subject Given
[ link to this | view in thread ]
Re: Majority of the Stupid...
[ link to this | view in thread ]
no id?
[ link to this | view in thread ]
No Subject Given
[ link to this | view in thread ]
Re: No Subject Given
I know because I personally supervise the operation that initiated this program to begin with. LaQuinta and Holiday Inn are actually data warehousing honeypots.
[ link to this | view in thread ]
Re: No Subject Given
[ link to this | view in thread ]
Re: No Subject Given
[ link to this | view in thread ]
Re: No Subject Given
*FLASH*
Nothing to see here, people. Hotel key cards just let you into your room. Have a nice day.
Seriously, though, I've worked as a hotel desk clerk, and the magnetic key cards just let you into your room. I mean really, what would be the point of (for instance) letting the room locks know what the guests' credit card number is? So the locks can do the billing?
[ link to this | view in thread ]
Re: Why would the hotels do so anyway?
[ link to this | view in thread ]
Re: Why would the hotels do so anyway?
[ link to this | view in thread ]
Re: Why would the hotels do so anyway?
[ link to this | view in thread ]
Re: Majority of the Stupid...
[ link to this | view in thread ]
Re: Majority of the Stupid...
[ link to this | view in thread ]
Re: Majority of the Stupid...
It is probably just charging it to your room number and there could be something as simple as a code in the database whether you have a card or not but I can definitely understand how this thing got started and it will proceed to keep going.
[ link to this | view in thread ]
Re: Majority of the Stupid...
People just like to get upset over crap like this. The point is that whatever info is on the card, it's only relevant to the hotel's computer door or billing system. It doesn't have your credit card number or any other generally useful info on it. Even if you could read the info on the card I doubt it would tell you anything without access to the hotel's database.
[ link to this | view in thread ]
umm, not so sure
Usually has address, sometimes soc. # - I wouldn't be suprised if the coded the hotel cards also.
[ link to this | view in thread ]
Re: umm, not so sure
I could see that perhaps once upon a time some hotel's new card software might have defaulted to include more info than necessary but the bottom line is that there is NO PROOF that hotels put any information that anyone need be concerned about, and indeed rarely if ever more than a code that lets you in your room.
Yet...like most good myths...in the face of facts and lack of proof the supporters of this won't let it die.
[ link to this | view in thread ]
Re: A single point of failure...
It's getting to the point where you can't trust much through the media. It is a real shame.
[ link to this | view in thread ]
What's on that key....
the system was incredibly smart (and yup, expensive) but allowed the guest to provide any 'standard' mag swipe card with a 2-3 track strip and we'd use that rather than issuing a key (less chance of them loosing it!)
it also allowed us to easily issue several keys for a room, use on key for multiple rooms and put some pretty smart rules in place (eg Mum and Dad could open the mini-bar with their credit card, but junior with a hotel issued key couldn't, the parents could access the rooftop pool after 8pm and junior couldn't).
we didn't have the actual values flying round the network but an encrypted hash key (quicker for checking and applying rules) and we did basic checks to ensure the same hash wasn't active for more than one guest at a time.
some guests didn't like it... so we continued to issue our own keys in those cases. some guests loved it. we found the system to be a pleasure because we got less issues with the guests losing or mis-treating the keys (and argued less about auxilliary charges because they where less likely to let the key out of sight). sadly the system was too expensive to justify rolling out outside the one flagship property... I wonder if it's still in use...
[ link to this | view in thread ]
Re: Majority of the Stupid...
[ link to this | view in thread ]
Re: umm, not so sure
[ link to this | view in thread ]
Re: Majority of the Stupid...
[ link to this | view in thread ]
You're an idiot and a coward
[ link to this | view in thread ]
re; keys having info stored on them.
so your info would be wiped off even if it were on there. Which it isn't, Am more concerned with
Geisinger that stores computer with "all " your data
on it and then loses them and said"Maybe the thief
stealing from a computer record holding storage building does not know what they got," Ha Ha, fat chance. Lots more to worry abought there.
[ link to this | view in thread ]
Hotel key cards no personal data
[ link to this | view in thread ]