Prime MSP Logo - Click to go to the homepage
Call 201-440-2900 or click the Request A Quote button to request information.

Prime MSP - Blog
Security & Fraud > Hotel Room Keys and Your Personal Data > Post a Comment

Hotel Room Keys and Your Personal Data

by Raymond Pizzo on Fri, Jun 29 2012 12:45 PM

On many occasions I have been asked about hotel room keys and what information is actually kept directly on them.  Electronic hotel room keys come in two typical styles, plastic swipe cards and wristbands. Prime MSP has serviced hotels of different brands and have some experience with this. There are many room key coding systems and the security methods are changing as technology allows.  Here I am addressing your typical hotel system.  At this time I would like to answer a few of the questions posed using the experience that I have in this area. 


The most frequent inquiries are:


  • "Is my credit card information stored on the card?"
  • "Is there personal and\or financial information on that room key?"
  • "Should I destroy the room key or give back to the front desk?"
  • "What information is actually on the room key?"
  • "How do they charge items from a restaurant or store in the hotel to my credit card?"

My simple answers are:


  • No,your credit card information is not stored on the card.
  • Possibly items such as your name (or person's name the room is registered), room number and a GUID (more on that later). No financial information.
  • It really doesn't matter since there is no personally identifiable information stored aside from possibly a name and room number.
  • Typically, depending on the key coding system used there is minor information stored and in most cases only a GUID or key code for the room and room number is stored.
  • Your credit card is usually not charged directly, your room is by referencing your room number and\or room identifier.

Let's explain this a bit further for you...


Let's start with the GUID, pronounced (gu : id).  The GUID is an acronym for Globally Unique Identifier. This is a series of characters or a string of bits in segments that comes in different lengths and complexities.  A typical GUID look something like this: "8f644bf5-4b7f-493a-a44e-3fed532baa46", "1a5b6312-92e2-4aa6-a68f-9804dcd41d04".  The GUID is sometimes combined with a date and time which can also be encrypted in which the key will expire. They are generally used instead of simple sequential or random serial numbers such as "3739383894" or "100078988" since it is much easier to guess or break the code of a serial number than a GUID.  Generally using a GUID is a much safer means of identifying an item that is not to be duplicated.


The Room Key coding system is usually a stand-alone system, meaning it is not communicating with hotel management system. it stands alone and it's only purpose is to encode or write a specific GUID or number onto the room key card.  Generally all the room door locks are stand alone devices as well.  On the door lock there is a room number and a series GUIDs or IDs that are pre-programmed.  An association is made with the key and the door lock itself, if successful the lock opens, if not you stand there swiping and re-swiping feeling frustrated before you go back to the front desk to complain that the key is not working.


How are restaurant and other charges made with just the room key?  The credit card is not actually charged with the room key. Generally the room key is swiped at the vendor and the room reservation is charged with the amount spent and you will see it on your bill or invoice when checking out of the hotel.  A sure fire warning sign of credit card information being stored on the card would be when the vendor asks you to sign for your purchases you would see some information relating to your credit card such as the type and last 4 digits of the card number. Otherwise it would indicate your name and\or room number.


Should you destroy your room key or give it back?  It really does not matter since there is no information that is useful to anyone after you checkout. The date and time for room access has expired and the reservation has been paid and closed so the room key is no longer authorized to charge merchandise or services at any hotel vendor.  If it makes you feel better to destroy it, go right ahead. They usually do not ask for them back when checking out but it would be a good practice to ask when checking in if they require you to return your room key or wristband.


I will be continually researching this matter and updating you as I find other important information regarding room keys and wristbands.  If you find that a specific system is copying your personal and financial data to your key please email me at: ray@primemsp.com.


Thanks and best regards.


Raymond A. Pizzo Sr.
Prime MSP, LLC
201-440-2900
www.PrimeMSP.com


 

Share |

Prime MSP is a member of the American Bar Association (ABA).

Prime MSP is also a Microsoft Small Business Specialist.

Prime MSP is a member Meadowlands Regional Chamber of Commerce.

Prime MSP protects your network and servers 24x7.

Prime MSP is a member of the Software Industry Professionals Association.

Prime MSP employs Certified Industry Webmasters.







What's My IP Address Pay a Bill Online Blog Our Datacenter Service Plans
.MSC Shortcuts Remote Desktop Support WiFi Services Partnerships Existing App Enhancements
Large File Transfer Utility Client Helpdesk Portal .Net Development Public Case Studies Website Design