Common Hotel Card Types
Most, if not all, guest management systems in hotels use hotel key cards. Chances are you’ve probably got a hotel key card more than once in your life to access a room. You also might have some questions about how they work and how secure they are.
Some hotels use access cards with magnetic strips, popularly abbreviated to 'mag stripe cards'. Magnetic stripe cards are also known as 'swipe cards'. But there are other alternatives to hotel access, such as proximity (RFID) cards, access cards with holes, photo ID cards, barcode cards, and smart cards.
Mag stripe or swipe cards are a cost-effective option in common use, but they tend to wear out quickly and are less secure than some of the other options. RFID cards are more durable and more expensive. Hole (punch) cards are based on a mechanical method that requires the holes on the card to fit in the reader’s mechanism. These cards are less common.
All cards are based on different technologies but provide more or less the same functions for door access control. Smart cards can include plenty of additional information. With a smart card, the holder can not only access his or her room, but can also use other services, such as restaurant, utility or laundry in the hotel to get a joint record of all bills at one place. This helps with the financial management and makes the user feel like a welcome guest.
Hotel key cards are used with door card readers that are installed on each door lock and can be programmed to open specific doors in defined time periods.
Modern hotel access management systems enable grouping the door locks with a number of users, providing access to the same group, as well as an audit trail of who opened the door and when. For instance, one group can have access to open the hotel lobby door or the staff toilets, but only within a certain period in the day.
The most likely authorized users for a personal hotel room card are the guest and the room maintenance service.
How do they work to unlock hotel doors?
Magnetic stripe cards have a magnetic layer or a strip which contains minimal information for the user. Typically, the user access number is the most identifiable information. Personnel at the hotel desk will imprint the user information at check-in and usually set a time limit for its use until checkout. The door lock is triggered once the magnetic strip is read and verified by the hotel door card reader. As a general rule, the motion is completed by swiping the card through the magnetic reader.
RFID or proximity cards don’t require the swiping motion. They use radio frequencies to enable access from a programmed short distance (therefore: proximity cards). RFID cards belong to the group of contactless cards. If you get a proximity card, you will need to almost touch the RFID reader to unlock the door.
Smart cards are also contactless cards. They use microchips to store data and although they are more expensive, they are the prevalent alternative in today’s hotels.
Another alternative to hotel key cards is the NFC technology integrated into mobile phones. Hotel guests receive a code from the hotel management and are able to access their rooms by either bringing the NFC phone feature close to the NFC reader or typing the code as a pass code. This method is quite new and less frequent.
Hotel key cards myths
Common key cards myths are related to the information stored on them. User keep hearing make-believe stories that don’t always include the absolute truth. A typical key card myth is that cards contain sensitive user data, such as personal or financial information. Fact is, the majority of hotel key cards store only room numbers and dates of stay. Additional information that can be stored on a key card comes down to four key pieces of information:
- Room number
- Date of granted access
- Date of removed access
- Guest number (on occasions)
Hotel key cards are access card with the least privilege, thus limiting the possibilities of misuse. That doesn’t protect users from someone stealing the card itself and accessing their rooms, though, so this is a priority reason for concern compared to stealing information from the card.
Although it is true that hotel key cards are not bulletproof to misuse, modern data protection regulations prevent this from happening. It is worth keeping in mind that not all geographical locations have the same privacy rules. If you are traveling abroad, for example, in Europe, your card may store financial details, such as credit card numbers.
The technology behind hotel key cards provides the best protection about misusing hotel access cards. Smart cards, which are increasingly used in hotels, are not so easy to reset and read as magstripe cards are. Mag stripe cards record and store information on the principles of encryption. You need to have decoding readers to be able to interpret what's on them. The practice for ISO-standard cards provides storing data on three tracks on the magnetic strip, whereas hotel lock systems use a proprietary encoding pattern to encode data on the third track.
Other possible risks associated with key cards, which can not be classified as key card myths are those ensuing from third-party vendors integrated into the same guest access management system. However, these systems are also based on strict rule compliance, so breaches are not something that needs to be expected.