A security revelation is shaking the hospitality sector, raising concerns about the safety of millions of hotel rooms worldwide. Security researchers have uncovered a technique that allows intruders to exploit vulnerabilities in Dormakaba's Saflok-brand RFID-based keycard locks, used in 13,000 properties across 131 countries.
The exploit, which requires only two taps on a cloned keycard, grants unauthorised access to any room equipped with vulnerable Saflok locks. While Dormakaba has been working on a fix since last year, only 36% of the affected locks have been updated to date, leaving almost 3 million hotel rooms at risk.
The implications for travellers are significant. Despite efforts to mitigate the issue, identifying vulnerable locks remains challenging, as updated versions are visually indistinguishable from vulnerable ones. Consequently, guests may unknowingly stay in rooms susceptible to unauthorised entry.
With the potential for exploitation looming, guests are urged to remain vigilant and take precautions. Using tools like the NFC Taginfo app can help travellers identify vulnerable keycard systems, allowing them to make informed decisions about their accommodations. Additionally, travel agents can advise clients to carry door stops to prevent unwanted intrusion into their rooms while occupied.