Hotel magnetic key cards.

Secure Home | Search | About

Lost Password?

Electronic Security in UK

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject

Author

Date

Hotel magnetic key cards.

Bogwitch

04-04-2007

Re: Hotel magnetic key cards.

Bogwitch

04-04-2007

Re: Re: Hotel magnetic key cards.

Lurch

04-05-2007

Re: Hotel magnetic key cards.

07-09-2007

Posted by Bogwitch on April 4, 2007, 11:04 am

If you were Registered and logged in, you could reply and use other advanced thread options

I was passed this today. I can find no reference on the Internet about
it, apart from repeats of this bulletin. It smacks of a hoax to me but
it is theoretically possible.

I think it would be unlikely that a hotel would NEED to keep this
information on a key card but it wouldn't suprise me if they did!

I have emailed Kent Police to check with them but I won't be holding my
breath for a response.

If any of you have any further information that could clarify this, it
would be great. If anyone has access to one of these cards and a card
reader, that would be even better! It is unlikely I will be staying at a
hotel for a little while yet....

Bogwitch

--------8<--------

Ever wonder what is on your hotel magnetic key card?
Answer:
a. Customer's name
b. Customer's partial home address
c. Hotel room number
d. Check-in date and out dates
e. Customer's credit card number and expiration date!
When you turn them in to the front desk your personal information is
there for any employee to access by simply scanning the card in the
hotel scanner. An employee can take a hand full of cards home and using
a scanning device, access the information onto a laptop computer and go
shopping at your expense.
Simply put, hotels do not erase the information on these cards until an
employee re-issues the card to the next hotel guest. At that time, the
new guest's information is electronically "overwritten" on the card and
the previous guest's information is erased in the overwriting process.
But until the card is rewritten for the next guest, it usually is kept
in a drawer at the front desk with YOUR INFORMATION ON IT!
Recommendations;
Keep the cards, take them home with you, or destroy them. NEVER leave
them behind in the room or room wastebasket, and NEVER turn them in to
the front desk when you check out of a room. They will not charge you
for the card (it's illegal - in UK) and you'll be sure you are not
leaving a lot of valuable personal information on it that could be
easily lifted off with any simple scanning device card reader.
For the same reason, if you arrive at the airport and discover you still
have the card key in your pocket, do not toss it in an airport trash
basket.
Take it home and destroy it by cutting it up, especially through the
electronic information strip! You can also use a small magnet and pass
it across the magnetic strip several times. Then try it in the door, if
it does not work it erases everything on the card.
Information courtesy of: Kent Police

--
Posted via a free Usenet account from http://www.teranews.com

Posted by Bogwitch on April 4, 2007, 11:59 am

If you were Registered and logged in, you could reply and use other advanced thread options

Bogwitch wrote:

> I was passed this today. I can find no reference on the Internet about

> it, apart from repeats of this bulletin. It smacks of a hoax to me but

> it is theoretically possible.

> I think it would be unlikely that a hotel would NEED to keep this

> information on a key card but it wouldn't suprise me if they did!

> I have emailed Kent Police to check with them but I won't be holding my

> breath for a response.

Astonishing speed from Kent Police.

According to Kent Police, this is 'inaccurate' and 'Kent police would
not circulate information in such a format.'

So, that clears that up, then.

However, they do go on to say...

"That's just a nasty rumor," says Kathy Shepard, vice president in
charge of corporate communications for Hilton Hotels Corporation. "Our
key cards are encrypted with minimal information -- the guest's name,
room number and arrival and departure dates -- and encrypted in such a
way that they can't be read by ordinary card readers."

But I think the essence of the information received is in fact, bogus.

Bogwitch.

--
Posted via a free Usenet account from http://www.teranews.com

Posted by Lurch on April 5, 2007, 6:43 pm

If you were Registered and logged in, you could reply and use other advanced thread options

On Wed, 04 Apr 2007 16:59:52 +0100, Bogwitch

>Bogwitch wrote:

>> I was passed this today. I can find no reference on the Internet about

>> it, apart from repeats of this bulletin. It smacks of a hoax to me but

>> it is theoretically possible.

>> I think it would be unlikely that a hotel would NEED to keep this

>> information on a key card but it wouldn't suprise me if they did!

>> I have emailed Kent Police to check with them but I won't be holding my

>> breath for a response.

>Astonishing speed from Kent Police.

>According to Kent Police, this is 'inaccurate' and 'Kent police would

>not circulate information in such a format.'

>So, that clears that up, then.

>However, they do go on to say...

>"That's just a nasty rumor," says Kathy Shepard, vice president in

>charge of corporate communications for Hilton Hotels Corporation. "Our

>key cards are encrypted with minimal information -- the guest's name,

>room number and arrival and departure dates -- and encrypted in such a

>way that they can't be read by ordinary card readers."

I'd be surprised if it contained any information whatsoever about the
guest, usually the guests information is on the coimputer that just
activates\deactivates the card. The card is linked to the customer in
the database on the PC only.
--
Regards,
Stuart.

Posted by DA on July 9, 2007, 1:50 am

If you were Registered and logged in, you could reply and use other advanced thread options

DA had written this in response to
http://www.secure-gear.com/uk.tech.electronic-security/3/-article-.htm :
Bogwitch wrote:

> "That's just a nasty rumor," says Kathy Shepard, vice

> president in

> charge of corporate communications for Hilton Hotels Corporation.

> "Our

> key cards are encrypted with minimal information -- the guest's name,

> room number and arrival and departure dates -- and encrypted in such a

> way that they can't be read by ordinary card readers."

Well, I don't know about encryption but those cards that I "got to the
airport and realized I forgot to drop them off" usually don't have much
beyond room number and some sort of a hash (which might even be just
MD5-ed combination of room number and last name or last date of stay).
Basically, as others pointed out here, there should be no need to keep ANY
info on the key itself - it's just an ID that can then pull up as much
data as one wants from the computer up front.

Or maybe I should start staying in Hilton ... :-)

##-----------------------------------------------##
Delivered via
http://www.secure-gear.com http://www.secure-gear.com/
The Internet Knowledge
Base for the security industry
no-spam access to your favorite newsgroup -
uk.tech.electronic-security - 548 messages and counting!
##-----------------------------------------------##

The site map in XML format XML site map