Security researchers have built a master key that exploits a design flaw in a popular and widely used hotel electronic lock system, allowing unfettered access to every room in the building.
The electronic lock system, known as Vision by VingCard and built by Swedish lock manufacturer Assa Abloy, is used in more than 42,000 properties in 166 countries, amounting to millions of hotel rooms — as well as garages and storage units.
These electronic lock systems are commonplace in hotels, used by staff to provide granular controls over where a person can go in a hotel — such as their room — and even restricting the floor that the elevator stops at. And these keys can be wiped and reused when guests check-out.
While hijacking and cloning hotel room keys is nothing new, the attack designed by Hirvonen and Tuominen is exceptional for a few reasons: First off, it allows the attacker to produce a master key for the entire building within a matter of minutes. All that’s needed is a regular hotel room key. It can even be expired.
Since staff keys typically work throughout the building, hackers usually target cleaning staff or managers whenever attempting to clone a key that can open any room in the hotel.
Keys that use RFID, or electromagnetic fields, for instance, can be cloned easily without raising suspicion. Even just walking by hotel staff with an RFID reader concealed in a messenger bag is usually enough to capture a card.