Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Cellphones Security Technology

Smartphone App To Be Used As Hotel Room Keys 150

An anonymous reader writes Starwood Hotels and Resorts has became the first chain to let guests unlock doors with their phones at 10 Aloft, Element and W hotels. They hope to expand the program to 140 more properties in those brands by the middle of next year. From the article: "The technology's developer says that it uses its own encrypted secure channel to ensure thieves cannot abuse the innovation. But one expert had reservations. "Nothing is 100% secure, and once this technology is in widespread use it will make a very tasty target for hackers," said Prof Alan Woodward from the University of Surrey's department of computing.
This discussion has been archived. No new comments can be posted.

Smartphone App To Be Used As Hotel Room Keys

Comments Filter:
  • by Rosyna ( 80334 ) on Monday November 03, 2014 @02:31PM (#48303495) Homepage

    With an active CPU behind it, certainly this system can be more secure than the current card system. Also means much less chance of leaving the card in the room and less money spent replacing lost cards.

    • by itzly ( 3699663 )
      Unless the cards also have an active CPU.
      • Unless the cards also have an active CPU.

        I don't know what cards with an active CPU cost in quantity, (if anyone does, please chime in) but a little googling shows that monogrammed card keys can be had for about two cents (American) apiece in quantity.

        An app is essentially the cost of NRE plus the cost of maintenance. Card keys with an active CPU is an ongoing, much more significant (I suspect...) expense. You could see that the hotels would want this.

        • Depends on the cards you speak of. The kind used in EMV chip cards (Credit/Debit mostly outside the US for now), which are also contactless, can be had for about £3 a pop, probably less in bulk.

    • by hsmith ( 818216 ) on Monday November 03, 2014 @02:35PM (#48303531)
      "can be" is the keyword there... Seeing how easily previous systems were compromised this doesn't have much promise behind it.
    • by Kielistic ( 1273232 ) on Monday November 03, 2014 @02:42PM (#48303613)

      Also means much less chance of leaving the card in the room

      But now having a dead phone after a late night of drinking/whatever just got a whole lot more annoying.

      • by mythosaz ( 572040 ) on Monday November 03, 2014 @02:55PM (#48303737)

        Unless all guests are expected to have smartphones as a requirement of occupancy, I imagine you'll get plain old room keys too.

        • by Kielistic ( 1273232 ) on Monday November 03, 2014 @03:13PM (#48303881)

          At that point it's pretty much just a novelty. If I have to carry the key-card as a backup anyway (which would be smart) I'd rather just have an RFID enabled card and wave my wallet in front of the lock. If I have the card there is no security bonus form the more programmable phone since the card has to work also.

          Although having redundancy on your person does have its benefits if you did happen to lose one or the other while out and about.

          • Leave your card, take your phone. If, by some chance, you manage to have a completely dead phone when you get back to the hotel, you just get a physical card from the front desk, or they plug in your phone for 2 minutes and you go up and get in normally.

            • I would count that as pretty annoying at ~3 or 4am while drunk or accompanied. Or even if you just want to find a bed; you don't end up with a dead phone from a short day.
              • I would count that as pretty annoying at ~3 or 4am while drunk or accompanied. Or even if you just want to find a bed; you don't end up with a dead phone from a short day.

                Meh, if you're drunk you probably accidentally dropped your phone into the pocket with your key card at some point, which scrambled the low-coercivity magstripe, so you still have to stop at the front desk to get a new key anyway. I know that sequence is MUCH more likely than having a dead phone is for me... because I do it all the time, even without drinking.

                • I call bullshit. Magstripe cards aren't easily wiped. You really have to use power to wipe them.
                  A phone ain't gonna cut it. The static electricity from your hand is more likely but under normal circumstances that isn't going to do anything either. Just put the card away when you're playing with VandeGraaf generators or Tesla coils.

                  • I call bullshit. Magstripe cards aren't easily wiped. You really have to use power to wipe them. A phone ain't gonna cut it. The static electricity from your hand is more likely but under normal circumstances that isn't going to do anything either. Just put the card away when you're playing with VandeGraaf generators or Tesla coils.

                    You can call bullshit all you want... but I've done it dozens of times. If you want to reproduce it, just drop your card key in the same pocket as your phone and leave it there for a few hours. When you get back to your room, your card key won't work.

                    The reason this happens with card keys is because they have low coercivity magstripes, which makes them easy to rewrite. This is good because they get rewritten regularly. Your credit cards use high coercivity stripes and aren't nearly as vulnerable.

                    http://

                  • by GNious ( 953874 )

                    I call bullshit. Magstripe cards aren't easily wiped. You really have to use power to wipe them.

                    As a frequent traveler for the last decade, my experience is that hotel keycards will easily get messed up, even when in a wallet.

                    In one particular upscale hotel (in the Mövenpick chain), I started going via the frontdesk every day to have my card re-written - it simply "lost" the encoding during the day, as in the evening it would fail to open my door. After several days of this, just having the front-desk rewrite the card every time we got back, was the simplest solution (getting a new card didn't he

          • by quenda ( 644621 )

            It is not even novel. TFA says the purpose is to bypass check-in. Some hotels have been using credit cards for many years now to do this. Eg small hotels after hours. It can even be made more secure by a PIN in your booking confirmation.

              Once you are checked in, nfc makes more sense. Can't they just use any existing nfc chip in your phone or credit cards for ID? Why all the trouble of getting your phone out?

    • by CastrTroy ( 595695 ) on Monday November 03, 2014 @02:57PM (#48303749)
      I could be less convenient in many ways though. For one thing, this means that I have to bring my phone with me when I go to the pool or the gym. Also, I don't think that the current cards are that expensive to replace. If they were, they could just charge the client for unreturned or lost cards, same as if other things in the room go missing.
    • by SeaFox ( 739806 ) on Monday November 03, 2014 @03:19PM (#48303937)

      With an active CPU behind it, certainly this system can be more secure than the current card system.

      Which means little unless they disable the old system. Much like changing the design of currency to thwart counterfeiters is worthless unless you devalue bills with the old design. The chain of security is only as strong as its weakest link.

    • With an active CPU behind it, certainly this system can be more secure than the current card system.

      Adding an active CPU != more secure. They're exchanging a poorly secured but isolated token for a poorly secured but networked device. Sounds like a drop in security to me.

    • > With an active CPU behind it, certainly this system can be more secure than the current card system.

      That was my first thought. Such a system, for several reasons, has the potential of being significantly more secure.

      The counter-argument might be that it depends entirely on the implementation. Whether an *effective* solution is generated, or just a solution that's convenient and looks secure, is an open question. Also whether such a solution has a back door or a weakness that can be globally exploite

    • Comment removed based on user account deletion
    • The security for THEM can be more or less secure than current. I don't want their apps shuffling through my shit on my phone. The only way I would use something like this is if I was using Cyanogenmod and over-rode their apps security settings and kept it locked out of everything. I'm not even sure that is trustworthy enough for most crap though. There really needs to be a virtual phone within a phone that can keep each app sandboxed to what it thinks is an entire real phone.

    • by dAzED1 ( 33635 )

      First, your phone is amazingly insecure - unless you have one of the ones dedicated to security. The most valuable thing you have is you - the who of who you are. Trusting that identity to your phone is...spectacularly foolish. Second, most people don't have a phone that could survive a trip to the hotel pool or hot tub, whereas the throwaway cards can do just that, just fine.

      If someone breaks the card's security, the worst you're out is the stuff in your room. The more you stuff into your phone, then t

    • by jrumney ( 197329 )
      As a bonus, the app that the hotel has forced you to install to get access to your room can also be used to advertise the chain's other properties.
    • You hit on the key words of "can be". I have worked with a lot of developers over the years that think they can implement security, most of them would have trouble securing their fly correctly. I find the fact they are using their "own secure channel" implementation to be a huge warning sign.

  • by TechyImmigrant ( 175943 ) on Monday November 03, 2014 @02:36PM (#48303551) Homepage Journal

    I was at a Starwood hotel two weeks ago and I was not offered such an opportunity.

    I feel robbed.

    • I feel robbed.

      Ah, but you shouldn't. Everything is 100% safe until AFTER they start doing this, then it's a hacker's paradise of cracking open hotel rooms and ransacking the contents. (I know it's true, I saw it on SlashDot).

      • The NFC was already in the door and the card was NFC.
        All they've done is make an app that uses NFC through the same interface.

        Yes, it's a hackers paradise, but it already was one. The phone doesn't make much difference to the hackers-paradiseness of it. A decent hack would probably already be using a phone to imitate a card since it has the NFC interface and a CPU.

  • by sexconker ( 1179573 ) on Monday November 03, 2014 @02:38PM (#48303577)

    It's using it's own, encrypted, secure channel that happens to be accessible from my phone.
    So it's handled by NFC, Bluetooth, Wifi, the cell radio, the speakers, or the display, in that order of likelihood.

    The communication channel is the least of their worries, however. With only a little bit of effort, these can all be implemented more securely than magstrip cards.

    The problem is that it'll all be accessible by an internet-connected PC at the front desk, allowing a remote (or local) attacker to create a master key on their phone, no magstripe hardware needed.

    • You don't really want to deal with all the vagaries of bluetooth support across android phones. NFC isn't widespread and also broken by design (they should have just put Time of Flight distance measurement directly in the standard, oh no ... it adds a couple of cents to the ASICs, instead the penny pinchers launch a standard which will create security problems for as long as this abomination stays in use, thank you so very fucking much you fucking assholes).

      I'd put WiFi/internet, cell, speakers and display

    • And then anyone can steal my underpants.

      And guess what? No matter how secure the system is, the underpaid housekeeping and maintenance staff can still go in whenever they want.

    • And that's less secure than the current system exactly how? Right now you can do the exact same thing, all you need is a magstripe card. With the proper backend this could be far more secure than the current setup.

      Based on the video it looks like NFC, fwiw.

      • The current system means Joe Schmoe needs a mag stripe card and writing hardware. If he wants to be discreet, he needs a magstripe card from the hotel.

        With a cellphone system, you write with software and you don't have to be sneaky about using a phone that looks different from the phones of all the other guests / obtain a phone that looks the same. There's no physical trace that you've done anything.

  • by Anonymous Coward

    Then Starwood can access all our social media, track our exact location, and get access to our entire list of contacts.

    That's what I want!

  • by Cid Highwind ( 9258 ) on Monday November 03, 2014 @02:40PM (#48303603) Homepage

    An app can hardly be less secure than the current system. Knowing the target's name and room number is all it takes to "hack" most hotel locks - just ask the front desk clerk to make you a new key!

    • Which you have to sign for. There's a reason they get a specimen signature when you check in. If they issue a replacement key card without checking the signature, you then sue the ass off of them.
      • No, you can't sue them unless they give it to someone else and then in turn you suffer some type of loss.

        Most desks will ask for a photo ID. Some will call the room to make sure nobody is in it. But asking for a room key to enter a room illegally is a good way to get caught.
      • Yea no... you sign a waver when you check in. They could fill your room with wild hyenas and all that'd happen is your estate would get charged for cleaning the blood off the walls.

    • An app can hardly be less secure than the current system

      Well, playing this out - before the thieves could steal my extra underwear and toothbrush. Now the Hotel can steal all my contacts, SD card contents, location information, etc.

      Oh, yeah, I'm sure this will be "no special permissions" once it's a required app for checking in (or if not required you can avoid the $15 keying fee by using the app) ...

      Guess it depends what you're securing. Any hotel door that doesn't have an unkeyed deadbolt (only lockable

  • by uksv29 ( 167362 ) on Monday November 03, 2014 @02:43PM (#48303621) Homepage

    "I'll put my phone on charge. Oh dear the charger is in my hotel room".

    You just know how this will end.

    • People keep thinking of the disadvantages of the phone, but think of the advantages.

      No checking in.

      An email confirms your room number and you just go straight to the room.

      • No check-in access is what this is about. I recently checked into a Go Native hotel in London. This is a hybrid property that stands between a hotel and a service apartment. The rates were great. But this meant there was no-one on a night desk. Gaining access at my check in time (Midnight) was a PITA. I had to call the 24 hour number (a living human) to get an entry code for the front door (giving my reservation number as a parole). Then, at the same time, another one-off pin for a little lobby safe was gi

      • Which means the hotel fires the concierge, and there's no one to bring you a Sprite at 2 am when you're vomiting the last ounce of fluid your body held prior to getting food poisoning from the hotel restaurant earlier that night.

        Beware the Law of Unintended Consequences.

  • by Anonymous Coward

    Another nice side-effect of this is instead of having to throw my room key onto the stage, I can just throw a paper airplane with the key printed under a sexy photo.

  • Trust us ... (Score:5, Insightful)

    by gstoddart ( 321705 ) on Monday November 03, 2014 @02:49PM (#48303673) Homepage

    The technology's developer says that it uses its own encrypted secure channel to ensure thieves cannot abuse the innovation

    It's secure, trust us ... and you'll also have to trust we won't abuse the access to your phone for our own purposes.

    Yeah, sorry, no ... no interest in installing an app for something like this. Give me an old school key card.

    Other than saying "ZOMG, teh smart phone opens teh hotel door" ... I really don't see the point. And I really don't see why we'd trust them.

  • Doesnt matter (Score:5, Interesting)

    by Charliemopps ( 1157495 ) on Monday November 03, 2014 @02:50PM (#48303685)

    It doesn't matter. The current card security system is as about as insecure as it could possibly get and still have a door in the frame.

    After an incident at a hotel a few years ago where our door lock failed and ruined our stay... and a subsequent discussion with their maintenance man about how the card systems work I had a suspicion and tried my card on the room across the hall. Low and behold my card would work on any room in the building. Since then I've made a habit of testing my card on random, seemingly vacant rooms at other hotels. To my surprise I've had it actually work several times.

    Now I deadbolt it when I'm in the room, and don't leaving anything valuable in there at all. I even keep my suitcase in the trunk when I leave if I have my car there. The hotel I had my honeymoon in didn't have a deadbolt or chain. Sure enough, the morning after our wedding cleanign tried to come in. Lucky for me I'm super paranoid so she just ended up slamming the door into the mini-fridge I'd slid in front of the door the previous night. Before I even had my pants on she was down there with their security manager trying to force the door open. I yelled "Go talk to the front desk before you break into my room morons" before forcing the door shut with my foot and holding it. They weren't happy. I now carry a wedge shaped piece of oak with me to any hotel.

  • Comment removed based on user account deletion
    • by Ksevio ( 865461 ) on Monday November 03, 2014 @02:56PM (#48303745) Homepage
      You sound insane
    • Until you're gone for the day at... whatever it is you went there for... and they take said handgun, use it for a crime and then put it back. A hotel room is the absolute last place I'd leave mine.

    • by Maow ( 620678 )

      This is why I travel with a handgun.

      You ought to try travelling to a civilized country sometime.

      On the other hand, most of them probably don't want you, so never mind.

      • Comment removed based on user account deletion
        • by Maow ( 620678 )

          "Civilized country" . . . by which you mean somewhere in the "Old World", I assume? Or perhaps you meant the Third World? I always get those two confused.

          Wrong on both counts.

          No, thanks. I'd rather stay here in the "New World". You remember us - we're the guys who bailed y'all out something like seventy years ago when you were busy doing the genocide thing?

          Actually, while "we" (us New Worlders) were bailing out the "Old World", "you" were sitting on your asses watching the whole thing unfold for half the first instance and until the fight came to you in the second instance.

          It sure woulda been nice if the locals had been able to oppose governments that did things like that - but being "civilized" apparently means that would be a no-no, doesn't it?

          Yeah, and how's your armament helping you oppose the gubmint these days? Doesn't seem to have been working out for y'all, whether y'all includes American-borne slaves, anti-Vietnam protesters, civil forfeiture victims, Ferguson protesters with .50 cal rifles pointed at

  • by Overzeetop ( 214511 ) on Monday November 03, 2014 @02:53PM (#48303719) Journal

    This is the potential future of convenience. With NFC and actual secure chips, you should be able to use your phone for ID verification, boarding passes, purchases, hotel rentals, rental car "keys", and everything else you need.

    Properly implemented, it would have as much or more security than just about every other common form used for any of the areas above. Of course, we all know they're going to fumble the security part, so hopefully it won't be any worse that what we already have.

  • by TheBrez ( 1748 ) <brez@brezworks.com> on Monday November 03, 2014 @02:54PM (#48303723) Homepage
    I was at a hotel chain about 10 years ago that was using magstripe cards for room entry. Checked in, walked up to my room, swiped my card, and got no green light. Tried it again, no light. Just out of curiosity, I tried the handle and the door opened. Called down to the front desk to let them know my card wasn't working right, and they sent a maintenance guy up to fix it. The fix, a torx screwdriver and 4 AA batteries. When the batteries went dead, the door defaulted to open. With insecurity by default, what's to stop someone from walking up to a door with a small power screwdriver, pulling a battery, and walking into your room in about the same time as it takes you to swipe a card and get in?
    • by internerdj ( 1319281 ) on Monday November 03, 2014 @03:14PM (#48303891)
      I work in a building secured with magnetic doors. The reasoning behind default open is that if an emergency happens and the power system fails there is a higher liability for the doors to fail closed and rescuers be unable to reach victims than for the doors to fail open and someone break in.
    • With insecurity by default, what's to stop someone from walking up to a door with a small power screwdriver, pulling a battery, and walking into your room in about the same time as it takes you to swipe a card and get in?

      Wild guess: A small power screwdriver?

    • Exactly... try your card in other doors while you're at it. I've been in multiple hotels where ANY card from the same hotel would open ANY door. The only real security they had was that the patrons thought the doors were locked so they didn't bother trying!

      • by twokay ( 979515 )
        If the replies to this story are anything to to go by, there are a log of people on slashdot that spend their holidays trying to break into hotel rooms with badly configured electronic lock systems. Next time someone walks into my hotel room unannounced ill know where to come looking...
  • by Chocolate Teapot ( 639869 ) on Monday November 03, 2014 @02:54PM (#48303733) Homepage Journal
    With my first mobile phone, I could beat down the door on a bank vault. Hotel doors wouldn't stand a chance.
  • Better than a card, as you don't have to swipe - the door just opens when you get within 2 feet.

    Yes, it isn't as secure, but this is a hotel where all the maids and the front desk have keys anyway.

    The real trick to security is not to maximize it, but instead to give the appropriate level of security for the situation.

  • by j2.718ff ( 2441884 ) on Monday November 03, 2014 @03:01PM (#48303781)

    Can someone in the room next to mine wirelessly hack my door?

    Any good locksmith will tell you that the best a lock can do is increase the amount of time it takes someone to break in -- it can't prevent the break in. But a person attempting to pick a lock in a hallway is a lot more conspicuous than a transmitter hidden next door.

    • Unless you are trying to not leave any traces a sheet-rock knife could cut a new door between hotel rooms and in just a few seconds. Some doors are sturdier but most doors are really easy to kick open just like in the movies. Windows are easy to break also. Most door locks are more of a suggestion than an actual security feature.

  • I have to wonder what other data from your smartphone that hotel key app is collecting and sending on to "the cloud"...
  • by YrWrstNtmr ( 564987 ) on Monday November 03, 2014 @03:06PM (#48303811)
    I don't have a smartphone, by choice.

    Seriously, though. Doing everything with that easily lost/stolen/dead battery phone just sounds like a bad idea to me. Monoculture, anyone?
  • by Kardos ( 1348077 ) on Monday November 03, 2014 @03:13PM (#48303875)

    Hotel door app requires access to contacts, shared files, camera, microphone, GPS, SMS, internet, dropbox, google drive, online banking, ....

    • Don't worry. Any attempt to electronically violate you as you try to enter your hotel room will certainly be thwarted by your tinfoil hat.
  • The current system is sufficient to purpose, but few people know how it works. Here is how: The lock stores a list of 10,000 keycodes in random order. The front desk has the same list. At installation (or reset) the lock will open for any of the first couple of codes on the list. Once a code is used, any code earlier on the list is no longer valid but the next few become valid. This way the front desk can issue a new code that will be accepted, without communicating with the lock itself. My own view is th
  • Phone's dead. And the charger's in the room.

  • How will this be implemented? Even in this day and age, I suspect there can be customers who do not have smartphones with bluetooth. (For instance, some people feel more comfortable carrying "dumb" phones that are less hackable and less prone to data breeches if stolen, because they don't have usable data on them.)

    Having a card key as a backup to bluetooth would be ok for a pilot program, but over the long term it seems like such a dual system would not be significantly more secure than a card key only sy

    • by Kardos ( 1348077 )

      > So, how to accomodate non-smartphone users? Different floors with bluetooth vs card key? Just don't go to that hotel?

      They could have a box of 'loaner phones' that they hand out...

      • > So, how to accomodate non-smartphone users? Different floors with bluetooth vs card key? Just don't go to that hotel?

        They could have a box of 'loaner phones' that they hand out...

        That's interesting. They could even create a custom device that did the lock/unlock only, (someone else mentioned a "card key with a CPU") but I suspect that would be more expensive (at least on the short term) than just handing out burner phones (in management-speak "leveraging existing technology") that are barely equal to the task, and then doing a factory reset on them when returned. (And charging an outrageous delayed charge on your amex bill if they're not.)

  • And I'm sure it will work well.

    Right up until your battery dies as you're walking back to your room late at night.

  • In a just universe, whenever some knob uttered a platitude like that, they'd be struck by lightning or a meteor or turned into a pillar of salt.

    yes, I definitely would prefer a potentially secure wireless protocol over an obviously insecure physical key. this is a no-brainer! even better: make it a public, *STANDARD* secure wireless protocol, preferably exactly the same one I use to authorize NFC payments from my phone.

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...