[Politech] Actual facts about how hotel keycards work, from K.Anderson [priv]

From: Declan McCullagh (declan@private)
Date: Fri Oct 31 2003 - 13:21:05 PST

  • Next message: Declan McCullagh: "[Politech] Bill Purdy, back in action, sued by Planned Parenthood [fs]"

    From: "Keith Anderson" <keith@private>
    To: "'Declan McCullagh'" <declan@private>
    Subject: RE: [Politech] John Gilmore's proposal: Test hotel card keys for 
    personal info [priv]
    Date: Fri, 31 Oct 2003 11:01:14 -0700
    Organization: Anderson Research / BackFence Network
    My company, under contract and nondisclosure, designed and implemented the
    software behind many card-key security systems, including systems now used
    by three major hotel chains.  In every case, by design requirement, the
    cards are encoded at check-in with a very large, randomly generated code
    that is associated on the main database with the guest record and the
    room(s) to which they are assigned.  No information about the customer is
    placed on the card.  The code on the card is only a component of the
    information needed to open the door, and cannot be used to obtain customer
    information even by the top-level employees.  At checkout, the code is
    abandoned and becomes obsolete.  Each code may be used only for one guest
    stay throughout the entire chain of hotels, and that code can never be used
    again to open any door in any location.
     >From a design standpoint, there is no reason to encode personal data on a
    card like this.  Such data is useless to the purpose of the card-- the card
    is simply a key that expires once the guest has checked out.  All of the
    systems with which we have associated keep personal guest information in the
    database.  This gives the hotel chain the benefit of not worrying about the
    card when it's not under their control.  They never have to pay to re-key a
    door, they don't worry if the guest forgets to return his or her key, and
    cards cost pennies to replace.
    There might be a few security systems out there that put personal
    information on cards, but we have not run across one in the last 15 years,
    and we've seen a lot of card-key security systems of all kinds.  I think
    whoever was quoted in the previous message claiming that "name, room number
    and length of stay" are found on the card are speaking of a very unique (and
    frankly low-end) system, but more likely they are ignorantly guessing what
    is really stored on the card.
    People should be more concerned about how hotels protect, share and use the
    guest data they accumulate.  In the systems we've worked on, guest-service
    employees are only allowed access to basic guest data if their job requires
    such access, but there are undoubtedly systems out there that allow any
    employee access to any former guest's data, and this is not a problem
    limited to hotels.
    Keith Anderson
    Anderson Research
    Politech mailing list
    Archived at http://www.politechbot.com/
    Moderated by Declan McCullagh (http://www.mccullagh.org/)

    This archive was generated by hypermail 2b30 : Fri Oct 31 2003 - 13:33:59 PST