×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

What's On Your Hotel Keycard

CmdrTaco posted more than 8 years ago | from the get-your-paranoia-on dept.

Security 416

Lam1969 writes "From Robert Mitchell's blog on Computerworld: '... Wallace, IT director at AAA Reading-Berks in Wyomissing, Penn. has been bringing a card reader with him on business trips to see what's on the magnetic strips of his hotel room access cards. To his dismay, a surprising number have contained his name and credit card information - and in unencrypted form.' " Update: 09/20 19:10 GMT by J : Snopes, as of two months ago, says this is false.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

416 comments

Illegal? (2, Interesting)

AndreiK (908718) | more than 8 years ago | (#13604804)

You would think that actually using the reader would be illegal

And they DO erase them after you check out, don't they? It could be a precaution telling you not to lose it :P

Re:Illegal? (2, Informative)

Evil W1zard (832703) | more than 8 years ago | (#13604853)

I have to wonder if they do erase them. I mean most ppl just keep the key or toss it after they check out. And because its a simple magnetic strip the data will be resident on it unless someone physically demagnitizes it or deguasses it.

Re:Illegal? (5, Insightful)

Anonymous Coward | more than 8 years ago | (#13604858)

Now admittedly this country has gone to hell, but why in the world would you think a card reader would be illegal?

That is incredibly depressing.

For the government, and its media cronies to have you in the state of mind where you feel that you should not have access to something like a card reader is sad and pathetic.

Re:Illegal? (2, Interesting)

JadeNB (784349) | more than 8 years ago | (#13604875)

And they DO erase them after you check out, don't they?
Although this seems suspicious to me (it's hard to believe that as highly-motivated a work force as the desk personnel at a hotel won't slip up and forget from time to time), I guess it's true that the keys are then kept in a reasonably safe place until they are re-encoded for the next visitor. (Is this true? Is there a way to recover old information from a magnetic stripe even after it's been overwritten?)

You're kidding, right? (5, Insightful)

swb (14022) | more than 8 years ago | (#13605068)

I know a lot of people (including myself, until now) simply assumed the card had some magick code on it that opened the door, and once they checked out, the code stopped working, so key cards got:

1) left in the room when you walked out. There's probably a box on the cleaning carts where they get chucked. Highly insecure.

2) left in the rental car or wherever. You're done with it and presumably it has no information relevant to you.

3) idly thrown away (probably the most secure, provided its a sufficiently yucky trash can)

4) Taped to office doors or cube walls to make a "gee, I travel a lot" mosaic.

The idea that they're somehow secure because they MIGHT get stored and reused seems laughable.

Re:Illegal? (3, Interesting)

Lord Dimwit Flathead (668521) | more than 8 years ago | (#13604894)

they DO erase them after you check out, don't they?

I'd be willing to bet that most of them simply put them back on the stack behind the front desk, to be overwritten if and when they get reused. This, of course, raises another interesting question - can the information of prior users of the card be obtained with data recovery techniques? How many generations of data could one conceivably extract from a single keycard?

Re:Illegal? (3, Interesting)

servicemaster (903088) | more than 8 years ago | (#13604898)

Hotel cards aren't for your convenience, they are for the hotel's convenience. An easy way to create and distribute keys to rooms, keeping out only the most simple theives...
Easy to distribute master cards to maids, easy for them to tell how to bill you by just the card.

Think about it, if your computers went down, and all you had were your customers keycards... they want to be able to bill you no matter what.

They don't care about your security/safety, it's just the convenience for the hotels.

Re:Illegal? (1)

CheshireCatCO (185193) | more than 8 years ago | (#13604958)

If the computers are going down, why do they need the credit card information on my room key? If they can't read my credit card, how are they reading the key?

I agree that they key cards are for the hotel's convenience, but I'm not following why they need my credit card info on the key.

Re:Illegal? (1)

tehwebguy (860335) | more than 8 years ago | (#13605039)

while it's pretty retarded to keep the cc on the key (at least unencrypted, imo) i don't think you're getting what he's saying. i'm pretty sure he's saying that in case they lose their database of customer information they still have a copy they can come to they get things running again.

Re:Illegal? (1)

servicemaster (903088) | more than 8 years ago | (#13605049)

That was just a spontaneous thought I decided to include. I'll admit it'd be ridiculous for them to use the room key as a backup for charging my credit card...
but this just came to me. what about using your room key in the restaurant or bar? they may want to verify you have a credit card, or even charge it right there.
Just a thought.

Re:Illegal? (3, Informative)

mintshows (716731) | more than 8 years ago | (#13605047)

Having worked at a motel before, I can attest that it is NOT policy to erase the cards after use. The cards are usually given an expiration date (usually the checkout date). The expiration date only serves as data for the card reader on the door. The key will not be erased at this date...it will only be unable to open the door.

Re:Illegal? (2, Interesting)

Cerdic (904049) | more than 8 years ago | (#13605077)

I saw an episode of 20/20 or a similar show on one of the networks some years back. They tried keeping an old key and then they had someone check into the same room they had. They found that the code wasn't changed and that the old key could be used to gain entry into the room after someone else had checked in with a supposedly new key code.

Knowing that, it's not far fetched to assume that they are sloppy about erasing data on the cards. Then again, it seems that people throw them on the ground most of the time anyway. I guess stolen credit card info would count as a harsh fine for littering ;)

What's on it ? (-1, Troll)

2.7182 (819680) | more than 8 years ago | (#13604806)

The number 666.

Re:What's on it ? (0)

Anonymous Coward | more than 8 years ago | (#13604909)

Apparently the fundamentalist Christians are moderators today.

This is why... (5, Interesting)

Shkuey (609361) | more than 8 years ago | (#13604823)

You always keep your keycards, and you always destroy them. I've yet to have an issue with a hotel wanting it back.

Re:This is why... (2, Informative)

Bensel (881718) | more than 8 years ago | (#13604880)

I've yet to have an issue with a hotel wanting it back.

That's because it's illegal (can't remember where I found this out, sorry) for the hotel to make you give it back.

Re:This is why... (5, Informative)

Bensel (881718) | more than 8 years ago | (#13605009)

Aha... here's the email I heard this from:

From the Colorado Bureau of Investigation:

"Southern California law enforcement professionals assigned to detect new threats to personal security issues, recently discovered what type of information is embedded in the credit card type hotel room keys used throughout the industry.

Although room keys differ from hotel to hotel, a key obtained from the "Double Tree" chain that was being used for a regional Identity Theft Presentation was found to contain the following the information:

a.. Customers (your) name b.. Customers partial home address c.. Hotel room number d.. Check in date and check out date e.. Customer's (your) credit card number and expiration date!

When you turn them in to the front desk your personal information is there for any employee to access by simply scanning the card in the hotel scanner. An employee can take a hand full of cards home and using a scanning device, access the information onto a laptop computer and go shopping at your expense.

Simply put, hotels do not erase the information on these cards until an employee re-issues the card to the next hotel guest. At that time, the new guest's information is electronically "overwritten" on the card and the previous guest's information is erased in the overwriting process. But until the card is rewritten for the next guest, it usually is kept in a drawer at the front desk with YOUR INFORMATION ON IT!!!!

The bottom line is: Keep the cards, take them home with you, or destroy them. NEVER leave them behind in the room or room wastebasket, and NEVER turn them in to the front desk when you check out of a room. They will not charge you for the card (it's illegal) and you'll be sure you are not leaving a lot of valuable personal information on it that could be easily lifted off with any simple scanning device card reader. For the same reason, if you arrive at the airport and discover you still have the card key in your pocket, do not toss it in an airport trash basket. Take it home and destroy it by cutting it up, especially through the electronic information strip!

Information courtesy of: Sergeant K. Jorge, Detective Sergeant, Pasadena Police Department

I don't get it (1)

mblase (200735) | more than 8 years ago | (#13605115)

You always keep your keycards, and you always destroy them.

What for? If I return it to the desk, assume there's a possibility that desk clerk can read my personal data off of it. Why wouldn't that desk clerk just read it off the computer, or copy it when I give it at check-in?

That's why I always take mine with me (1)

HitScan (180399) | more than 8 years ago | (#13604824)

Well, that, and I completely forget about it, heh. I have an inch tall pile of them at home, I've been meaning to get a card reader and take a look at some, heh.

Re:That's why I always take mine with me (0)

Anonymous Coward | more than 8 years ago | (#13604921)

Heh, that's pretty funny, heh.

Re:That's why I always take mine with me (0)

Anonymous Coward | more than 8 years ago | (#13605023)

Heh.

DMCA (5, Funny)

senducemhere (563189) | more than 8 years ago | (#13604827)

The fact that he read his own information off of the card has to be a DMCA violation - he should get a lawywer now.

Really a big deal? (5, Interesting)

DeadSea (69598) | more than 8 years ago | (#13604841)

Your credit card contains your name and credit card number on it in an unencrypted form. If your key card does as well, you should treat it like a credit card.
  1. It certainly would be nice for the hotel to tell you what they put on the card
  2. They should tell you to report your credit card as stolen if you lose your key card.
  3. They should securely erase or destroy key cards when you check out
I generally trust the hotel staff with my credit card number, and I generally acknoledge that there is info about me on the magnetic stripes in my wallet. Is this anything to get upset about?

Re:Really a big deal? (5, Interesting)

stuckinarut (891702) | more than 8 years ago | (#13604899)

You often hear about people that have had their ATM cards wiped by the magnets used to disable the security tags in stores. Many stores have 'Don't place cards here' signs to prevent this. If the hotels had 'Please place keycards here' on a similar magnet when you sign out then that would wipe them and problem solved.

Why a mag wipe out pad is a bad idea (1)

Frank T. Lofaro Jr. (142215) | more than 8 years ago | (#13605094)

And then someone accidently puts their credit card (which you often need to check out) on that pad and it then it gets wiped and then they sue, for inconvenience or embarrassment because they went to dinner and then they found out their card was erased and couldn't pay.

Re:Really a big deal? (1)

Chaotic Spyder (896445) | more than 8 years ago | (#13604931)

They should tell you to report your credit card as stolen if you lose your key card
I highly doubt that the clerk at the desk knows what is on the card other than it opens your door. I would like to check into a hotel where they keep that info on the card and see if they actually do tell me to report my credit card as stolen. I wonder if there are any legal issues with them not telling you that there are copies of that information that was declared as stolen( to them).

Re:Really a big deal? (2, Insightful)

Noksagt (69097) | more than 8 years ago | (#13605058)

If a hotel offered to copy my credit card & hand it to my kids or my coworker so they could get into the roomm I'd probably decline. Shared credit card account numbers are often unique. They should similarly have unique numbers on hotel keys.

Yeah, please make it easier to spend money... (2, Insightful)

soft_guy (534437) | more than 8 years ago | (#13604847)

What the world really needs is the ability for you to buy stuff using your hotel room key. Because it is not easy enough to spend money currently.

If these hotels are putting credit card and other personal info on the room key unencrypted, how else might they be mis-handling your personal information?

This is bad.

Re:Yeah, please make it easier to spend money... (1)

generic-man (33649) | more than 8 years ago | (#13604920)

Ever been to Disney? Their hotel room keys act as charge cards and even theme park tickets. To do the latter, you just go down to the front desk and have them charge the cost of admission for a given day. You can also set limits per card; for example, you can give your kid just enough money to buy a small souvenir at a gift shop. It's brilliant. Leave it to Disney to make it easy for you to spend money.

Re:Yeah, please make it easier to spend money... (2, Funny)

pnice (753704) | more than 8 years ago | (#13605062)

They keep a ton of information on those cards I think. I went to Disney World for my honeymoon and we were given 25 of those magical wishes. You could just take your room key to Planet Hollywood, Rain Forest Cafe or any of those places at Downtown Disney and tell them you wanted to use a magical wish for your meal. Then you could get anything on the menu as long as it was one appetizer one main course and one desert, tip was included. We ate surf and turf almost every night.

It would also work if you were supposed to get free gifts with your trip and it worked for the fast pass machines (where it kept track of the last time you used a fast pass machine anywhere in the park).

Re:Yeah, please make it easier to spend money... (2, Insightful)

TykeClone (668449) | more than 8 years ago | (#13605100)

That's not really using it as the credit card - that's just using it as a method to bill something to your room - like you can do with a meal at almost any hotel.

Snopes claims this to be false (5, Informative)

Anonymous Coward | more than 8 years ago | (#13604848)

Wrong (Re:Snopes claims this to be false) (1, Informative)

JLavezzo (161308) | more than 8 years ago | (#13604907)

Wrong. Snopes says that while it's true the information is on the card, there is no significant trend relating this to criminal activity.

Re:Wrong (Re:Snopes claims this to be false) (1)

the eric conspiracy (20178) | more than 8 years ago | (#13604933)

Right. But now that the security hole has been identified, watch out for exploits.

Re:Wrong (Re:Snopes claims this to be false) (1)

ifwm (687373) | more than 8 years ago | (#13605074)

Why would they want to "exploit" this. Anyone with access to the keycards would also have access to the computers the info is on.

Far easier to simply print it out than to jump through hoops with a card reader.

Re:Wrong (Re:Snopes claims this to be false) (0)

Anonymous Coward | more than 8 years ago | (#13605017)

Wrong. Snopes says that this information is not put on most cards, in most hotel chains. There may be a few hotels that did so, but it's not widespread.

Re:Wrong (Re:Snopes claims this to be false) (5, Informative)

millennial (830897) | more than 8 years ago | (#13605072)

Let's keep reading, shall we? Snopes ACTUALLY says that none of the hotel chains they contacted put sensitive information on the cards. One reader who works at a hotel said that the only thing that goes on there is the room number, the number of nights in the stay, and the number of keys issued.

Re:Snopes claims this to be false (2, Interesting)

InfiniteWisdom (530090) | more than 8 years ago | (#13604937)

All snopes claims is that this isn't a widespread phenomenon. Presumably different hotels have different policies, and it's entirely possible the the hotel mentioned here does it while others don't.

I have a card reader ... (5, Funny)

Anonymous Coward | more than 8 years ago | (#13604854)

Let's see what the card says: "Housekeeping Notes: Customer uses excessive amounts of Kleenex on overnight stays ..." HEY!!!

Take your card with you? (1)

nharmon (97591) | more than 8 years ago | (#13604862)

To be safe, the next time you check out of a hotel take your access card with you and shred it when you get home, Wallace advises.

Last summer while vacationing in Kentucky I stayed at a Holiday Inn Express, and had to turn in my cards at check out. Mind you, I don't stay in hotels very often (perhaps a dozen times in my lifetime, and 3 since graduating high school)...but do most hotels allow you to keep the access cards?

Re:Take your card with you? (1)

elBart0 (444317) | more than 8 years ago | (#13604940)

I have a pile of several hundred hotel keys, at home (I travelled a lot, for work, for a few years). And there are one or two from a HI Express in there. While every hotel 'asks' you to return the keys, I always kept them. I've never been charged, or even questioned about the card.
I always used express check out, however, so it may be different if you actually go to the front desk to check out.

Re:Take your card with you? (1)

Red Flayer (890720) | more than 8 years ago | (#13604974)

"but do most hotels allow you to keep the access cards? "

It doesn't matter. Unless you are informed ahead of time for a fee for a lost card, they won't charge you. And if they value your business, they won't give you a hard time about it.

If they don't value your business, then they'll be losing a customer...

Re:Take your card with you? (1)

binarybum (468664) | more than 8 years ago | (#13604988)

hah, I'm picturing a great holiday Inn Express commercial -- a raggady bum looking guy in a ditch with a dirty suit. Another homeless guy comes up to him and asks him if he lost it all in the market, the reply? "no, but I did stay at a holiday inn express last night" pan to some sketchy dude with a card reader sipping champagne in a bathrobe in a holiday inn suite.

  In my experience many hotels don't ask for the cards back, but some definitely do, and while they won't hassle you if you say you lost them, it does make for an awkward check out. bottom line is this stuff should not be on your room card because the cards are so disposable. Many people don't worry at all about losing these cards because the room number is not on them, and they know the front desk will hook them up with a new one in 10 secs.

Re:Take your card with you? (0)

Anonymous Coward | more than 8 years ago | (#13604989)

I end up taking them with me by accident all the time; hardly anyone asks. Usually if I *am* asked, I just tell them I left them in the room and housekeeping can get them...

Necessary data (4, Funny)

bytesmythe (58644) | more than 8 years ago | (#13604864)

I wonder how much of that data is necessary for the card to work. Perhaps you could get a magstripe writer, scan the card, and re-write only what needs to be there to get the door to open.

Sidenote:
Fun with cards -- Use a reader/writer to exchange the data on different cards. (E.g., swap your gas station card with a retail store card. It's kind of like paying for fast food with $2 bills.)

Re:Necessary data (1)

pnice (753704) | more than 8 years ago | (#13604955)

I've read something about people doing this when they use a card swipe at a restaurant to get credit card information. They swipe the card with their PDA and a card reader to get the info. After that they use old hotel room keys or whatever magnetic cards they have access to and write the data to it. Then when they want to actually use the card at a gas station (pay at the pump) or wal-mart self checkout lane they pay using a hotel key card with stolen information on it. It works pretty well I guess because the original credit card was never stolen.

At least that's what I've heard.

Re:Necessary data (1)

pnice (753704) | more than 8 years ago | (#13605112)

I read that snopes link that someone posted. Maybe I read it there. The have a writeup about it.

Re:Necessary data (1)

Rob the Bold (788862) | more than 8 years ago | (#13604992)

Somewhat lower tech than a card writer: get a strong permanent magnet and mess with the magstripe until it no longer unlocks the door. But why they'd encode this info on a keycard excapes me. It definitely makes my bogus detector tingle.

Re:Necessary data (2, Funny)

AeroIllini (726211) | more than 8 years ago | (#13605005)

Fun with cards -- Use a reader/writer to exchange the data on different cards. (E.g., swap your gas station card with a retail store card. It's kind of like paying for fast food with $2 bills.)

An interesting social experiment: rewrite your old, expired credit card with the mag information from the new card, and see how many cashiers notice. Better yet, use a card that expired years ago (this experiment will take a little longer to do). Usually, if the authorization goes through on the cash register, the cashiers don't care. Most places don't even check signatures anymore.

Re:Necessary data (1)

Otter (3800) | more than 8 years ago | (#13605028)

Perhaps you could get a magstripe writer, scan the card, and re-write only what needs to be there to get the door to open.

Oh, that should get your honeymoon off to a rousing start! "Hmmm, padding with zeros didn't work, maybe random data will. Honey, could you go outside and try this one?"

Re:Necessary data (2, Interesting)

Fishstick (150821) | more than 8 years ago | (#13605114)

Sounds like a good premise for a MythBusters episode.

They had one a while back where the myth was that credit cards could be 'erased' by things like refrigerator magnets and magnetic money clips.

They got a reader/writer, hooked it up to a laptop, programmed a bunch of blank cards and then tested various magnetic sources to see what it took to make the card to lose its information and/or become unreadable/unusable. Not surprisingly, it took a fairly strong field to mess things up.

I could see Jamie and Adam checking into hotels and then taking the key cards back to the shop to see how hard it is to crack (though they should get Kari to pose as the hotel guest or something).

Remember the security indoors too. (1)

The-Bus (138060) | more than 8 years ago | (#13604868)

Remember to keep valuables in the in-room safe. Lest your buddy's dawn wanderings around Atlantic City lead him and a cheap hooker back to your shared room. Cash in your wallet could prove valuable for any sort of "service upgrades" and I didn't have to lose my keycard to be $60 poorer.

Re:Remember the security indoors too. (1, Funny)

Anonymous Coward | more than 8 years ago | (#13605027)

Dammit Bob, I told you - it was an accident!!

hoax? (-1)

Anonymous Coward | more than 8 years ago | (#13604870)

A great many web sites say this is a hoax

Big deal. (-1)

Anonymous Coward | more than 8 years ago | (#13604872)

Looks like a new application for my BULK TAPE ERASER.

Keycards (1)

heho (837859) | more than 8 years ago | (#13604882)

My college residence uses keycards for their dorm doors.. I have about 30 sitting in my closet.. wonder if I should return them or destory them

Why do they need that? (2, Interesting)

VisceralLogic (911294) | more than 8 years ago | (#13604883)

Why do they even have that information on the card in the first place? The card is just to open your door, isn't it? It seems all it should need is some password that the door lock will recognize. It's not like the door charges your credit card, after all.

Information On Card (5, Insightful)

Daveznet (789744) | more than 8 years ago | (#13604887)

Why would the Hotel need to put straight Credit Card information onto the card? This doesnt make any sense. Why wouldnt they just use some sort of key to tie your swipe card to your account on their system. This way if you DO lose your card and it isn't cancelled in time someone who decides to use it can only use it within the Hotel where it can then easily be tracked.

Walt Disney World (1, Redundant)

CoffeeJedi (90936) | more than 8 years ago | (#13604890)

The Walt Disney World resort in Florida has a rather all-encompassing keycard system. Not only is it your hotel room key, but its also your pass into the theme parks as well. In the parks, you can use it to get Fast-Pass tickets, and the system keeps track to prevent you from having more than one at a time. At the stores and resturants you can charge any purchases to it and they will show up on your bill at checkout. They can even ship the gifts straight to your hotel room by pulling that info off the card as well.

I'd love to see what kind of data is on one of those.

Re:Walt Disney World (1)

outlineblue (472351) | more than 8 years ago | (#13604922)

according to TFA, walt disney has "garbage" on their key cards, just pointers to your info in their billing system.

Re:Walt Disney World (1)

CoffeeJedi (90936) | more than 8 years ago | (#13604995)

article was slashdotted before i could get to it

it makes more sense that that card would only have your unique ID on it. the system would just edit your entry in the database showing what park you're in and whether or not you have a FastPass at the moment

Re:Walt Disney World (0, Troll)

conJunk (779958) | more than 8 years ago | (#13604971)

for the next version they'll include rfid as well as sensors in your head, so all you have to do is look at something long enough, and zap! it's purchased and turns up in your hotel room, nicely wrapped, just after dinner.

RTFA (0)

Anonymous Coward | more than 8 years ago | (#13605004)

It mentions in the article that the info on a Disney resort's card is garbled.

Re:Walt Disney World (1)

BlueOtto (519047) | more than 8 years ago | (#13605012)

I'd love to see what kind of data is on one of those.

It could just be a single number stored on those cards... linked to their massive visitor database linked every where at Disney.

Re:Walt Disney World (1)

CoffeeJedi (90936) | more than 8 years ago | (#13605067)

yeah, you're right.

i suppose what i'd like to see is the actual database that keeps track of the whole shebang, perhaps graphically represented like Roller Coaster Tycoon as each guest moves from place to place (provided that they buy stuff with it of course)

What's the problem ? (1, Insightful)

Anonymous Coward | more than 8 years ago | (#13604895)

The CC# is on you CC magstripe too, worse even, it's _written_ on your CreditCard.

My goodness !

Re:What's the problem ? (2, Insightful)

Spy der Mann (805235) | more than 8 years ago | (#13604946)

Yes, but you carry your creditcard with you, if you lose it you usally report it stolen. But what will happen if your hotel keycard gets lost?

So what? (0)

Anonymous Coward | more than 8 years ago | (#13604910)

Your name and credit card are ludicrously easy to get anyway - snooping them off a hotel keycard is one of the harder way I can think of to steal them.

I call BS... (5, Informative)

Julius X (14690) | more than 8 years ago | (#13604913)

I've worked in a number of hotels for the past seven years- and all of them used electronic key systems, either the card type, or an electronic microchip key.

In EVERY case, the key system is a seperate box not tied into the main computer, and only contains your room number, and length of your stay. The device is ONLY a key coder - it does not tie-in to the main network or the hotel's database in any way.

This story is spreading FUD, do we really need more of that going around?

Re:I call BS... (1)

iambarry (134796) | more than 8 years ago | (#13605061)

I don't see how this story could be BS. It posted on the internet. Thats gotta make it true.

Stop using common sense. Use your imagination a bit more. I heard that in addition to CC numbers, some hotels added SSNs and full credit reports to the mag strips. Some chains where even taking customers pictures from cameras behind the mirrors in the guest's bathrooms, and adding those to their cards.

--Barry

Re:I call BS... (1)

MaceyHW (832021) | more than 8 years ago | (#13605065)

At the risk of being naively logical, what possible purpose would putting CC information on a keycard serve for the hotel? they already have your CC information on file tied to your name and room number.

Re:I call BS... But the room number is bad enough! (1)

fizzup (788545) | more than 8 years ago | (#13605086)

If the key has your room number and length of stay, then my lost & found room key plus a $39 magnetic stripe card reader equals a stolen laptop, right?

bought a $39 card reader at a local retail store.. (1, Interesting)

randomErr (172078) | more than 8 years ago | (#13604916)

I want one, where can I order it from?

$1.50 card reader (5, Informative)

Anonymous Coward | more than 8 years ago | (#13605051)

you can get one from all electronics corp for 1.50 yes one dollar and FIF-tee cents all electronics reader [allelectronics.com] then use stripesnoop (.sf.net) and you can figureout how to hook them up to a gameport/whatever on their forum check their forum [sourceforge.net]

Paranoia? (2, Interesting)

-Grover (105474) | more than 8 years ago | (#13604928)

Maybe I'm just a skeptic, but I'd really enjoy to see some sort of facts, or even a sentence or two about what sorts of places he actually tested, and what % of them came back with discernable information. The fact that he found it in 3 chains hardly means that things are worth panicing about.

      Granted, I've never checked, but I'd find it hard to believe that the large national chains (Marriott, Hilton, Accor, etc.) put your credit card number on your room key, and nobody has made a giant fuss about it yet. Guess it's time to go check my latest Courtyard key and see for myself.

Magnetic Money Clip (4, Informative)

Loether (769074) | more than 8 years ago | (#13604949)

I have a magnetic Money clip I use. If I put a hotel keycard even in the same pocket it wipes it completely. Whereas my credit card has never been a problem. Hotel cards use a different technology that is more easily wipable than standard credit cards.

Re:Magnetic Money Clip (1, Funny)

Anonymous Coward | more than 8 years ago | (#13605008)

Luxury!

I use magnets that I ripped from dead hard drives, and I likes it that way.

Wait he's complaining (1)

ifwm (687373) | more than 8 years ago | (#13604960)

That something he keeps in his wallet with his driver's license and credit cards has his personal info and credit card number on it?

C-R-Y-B-A-B-Y.

People just love to invent stuff to complain about.

Re:Wait he's complaining (1)

DustyShadow (691635) | more than 8 years ago | (#13605011)

No, he's complaining because a lot of hotels tell their guests to RETURN the card to them when they leave. They usually just throw those cards in a pile next on the counter to be used again. A lot of people are starting to realize this. All it takes is for the counter boy to walk away and bam, I've got my hands on a hundred valid credit card #s with their billing addresses. Cha-ching.

Re:Wait he's complaining (1)

ifwm (687373) | more than 8 years ago | (#13605041)

"No, he's complaining because a lot of hotels tell their guests to RETURN the card to them when they leave."

Really? Name some, then tell me why you can't insist they destroy the cards, or destroy them yourselves.

I've traveled a lot, and NEVER returned the card. Not once. I have also NEVER been told to return the cards. YMMV.

No, I was right, he's making up crap to complain about.

Re:Wait he's complaining (1)

east coast (590680) | more than 8 years ago | (#13605113)

That something he keeps in his wallet with his driver's license and credit cards has his personal info and credit card number on it?

While your point is well taken I do have to add a bit in his defense; If this story is true remember that not all people carry this card in their wallet. Infact I don't when I travel. I keep it seperate for the convience of quick access to the card when I go back to my room. With this in mind think about the situation if you lose the card; not knowing that it contains such personal information you might notify the hotel that the card is lost and have them cancel the cards access to your room. Fine. But if you were unaware that an unencrypted credit card number also was part of the card you may think nothing of it. If I lost my wallet I'd want to cancel my cards, if I lost my hotel keycard I wouldn't even think of calling my credit card company.

I'll start to worry... (0)

Anonymous Coward | more than 8 years ago | (#13604965)

... when the data includes the movies I rented from Spanktravision.

You can have my credit card number, as long as you don't know that last night I watched Asian Prison Nurses 5.

Urban Legend? (4, Informative)

nonsense28sal (680645) | more than 8 years ago | (#13604976)

I have to admit, I'm a little suspicious. I've heard this story [snopes.com] before and it was labeled false. Add to the situation that the author "declined to name specific hotels" and it only adds to my doubts. Why not name names???

Better idea! (3, Insightful)

czarangelus (805501) | more than 8 years ago | (#13604987)

Instead of using a hotel keycard, they should code the lock to allow you to open your door with your own credit card. That's something you're far more likely to take good care of, and then you don't have to worry about duplicates of that information floating around.

Why put the info on at all? (1)

frdmfghtr (603968) | more than 8 years ago | (#13604996)

I don't see the point in putting all that information on the card in the first place. All the card has to do is match the embedded code with the code the door is programmed to accept. Why bother with anything else?

A metal key doesn't need all that extra information, and is somewhat harder to duplicate. By that I mean all you need is a card reader/writer and a blank card. The card doesn't need to be a specific shape, they are all pretty generic, aren't they? A metal key in comparison is secured not only in the teeth cut into the key but also the grooves on the side of the key.

Any enlightening thoughts?

Dupe (1)

aggieben (620937) | more than 8 years ago | (#13605048)

This is a dupe. A pretty old one too.

I know it's too much to expect /. readers to search the old stuff to make sure they're not posting something already discussed, but is this also something the editors aren't willing to do?

Obviously: outlaw card readers! (1)

dpbsmith (263124) | more than 8 years ago | (#13605050)

...What right does the lay public have to know what information is on their own magnetic stripes? It just causes trouble! Now all the bad guys will know about these hotel-card stripes.

----> Note: IRONY ----

How do you read a card? (1)

some1somewhere (642060) | more than 8 years ago | (#13605060)

Is there any website or webpage describing what you need to buy, what software you need, to read cards? Are card readers able to write to the cards as well?

Urban myth? (1, Interesting)

RapmasterT (787426) | more than 8 years ago | (#13605075)

this article reads almost word for word like an urban myth email chain letter that went around a while back, it sounds like this guy is just repeating it and putting himself in the story.

Sure it's possible to put any kind of data you want on a magnetic strip, but you might as well worry the hotel is printing your PII data on sheets of paper and tossing them out the back windows. What possibly reason would they have to put info like that on the keycard??

I'm not buying this story, not even a little.

just one question, WHY? (1)

jeffs72 (711141) | more than 8 years ago | (#13605088)

Why the fuck does credit card data, or even name, need to be stored on a key for a hotel room?

They don't/didn't write your name and credit card number on actual keys, why key cards?

Good god, what a gross display of stupidity this is. I'd love a list of which hotels do this.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...