Chicago — October 10, 2012 — OpenWays is addressing a detected and widely publicized hotel door lock security breach. In a new White Paper, the world leader in mobile-based access management solutions identifies problems with electronic locks installed in more than four million hotel room doors, and offers an independently security audited "LOCKFIX" solution. Hotels vulnerable to potential security threats are invited to register to receive a copy of the report and be armed against such attacks with the power of smartphones.
 
More and more hackers are refining the attack Hackers have discovered and exploited the vulnerability of a specific electronic lock and publicized this across the various social media channels. This brings to the attention of the hotel industry and the traveling public huge risks to personal safety, as reported by the media. Information on this breach is now exposed and in the public domain. Anyone can learn how to build a device quickly and inexpensively that triggers the lock's open mechanism in the fraction of a second. Last week, new hackers posted a video on YouTube showing how circuitry hidden inside a dry erase marker can unlock a hotel room door. Forbes.com also reported the new threat in an article titled: Hackers Crack Hotel Room Locks With a Tool Disguised As A Dry Erase Marker. Now reporters are discussing the viability of hackers downsizing the device to the size of a pen.
 
"Time is of essence to recover security," said OpenWays Founder and CEO Pascal Metivier. “The plan proposed by the lock manufacturer in question requires expensive and complicated hardware changes and more importantly, its effectiveness to recover security was already severely challenged by the hacker and the security expert community.
 
“Equally concerning, no independent security audit and testing were yet published by the lock manufacturer resulting in raising a lot doubts," he said.
 
An effective and fully audited solution is finally made available to hoteliers worldwide
To promptly bring a secure solution to hoteliers, OpenWays was able to leverage its Mobile Key platform and make adaptations to address the risks related to the incriminated lock communication port breach.
 
“LOCKFIX has been audited by independent and reputable security firms, and the results confirm the effectiveness of the solution," Metivier added. "The independent audit results also demonstrate that with LOCKFIX, other major non-published security threats(*) are also addressed."
 
With a collective team representing more than 100 years in electronic locking and security systems expertise for hotels and other facilities, OpenWays offers innovative and state of the art mobile-device based access management solutions allowing guests to bypass the front desk, proceed directly to their room and securely open their lock with their cell phone. OpenWays already offers upgrade kits compatible with the major electronic lock brands including the locks in question.
 
“As hotel security experts, the OpenWays team felt obligated to aide in rectifying this serious security issue which can potentially be damaging to both hotel owners and travelers," Metivier said. "Therefore, we have added LOCKFIX to our Mobile Key front-desk bypass solution available in a freeware mode (free of any license fees)."
 
To register to obtain OpenWays’ White Paper on the electronic lock security breach, which explains the LOCKFIX solution and how smartphone technology is future-proofing the industry against threats, click here.
 
Background of the Breach
The initial security breach was publicized on Forbes.com in late July in an article titled: "Hacker Will Expose Potential Security Flaw In Four Million Hotel Room Keycard Locks." At the Black Hat security conference in Las Vegas, Cody Brocious, a hacker and software developer for Mozilla, demonstrated the security breach, and the necessary technical information and code was presented on his web site (http://daeken.com/). Since then, other hackers have been able to replicate and even improve the device with hardware available readily for less than $50 in just a few hours (http://www.youtube.com/watch?v=nYAwEikopzI).  
 
In an August article on Forbes.com titled "Hotel Lock Firm's Security Fix Requires Hardware Changes For Millions Of Keycard Locks," writer Andy Greenberg noted that the lock manufacturer's proposals and systems were not submitted for a thorough security audit to an independent, reputable security audit expert. Today, news of the OpenWays LOCKFIX is spreading: "OpenWays Finds Solution to Cody Brocious's Infamous Hotel Lock Hack."
 
To learn how an affected hotel can benefit from the enhanced fixes and to learn more about Mobile Key, hoteliers are encouraged to read the LOCKFIX White Paper.


About OpenWays
OpenWays is a global solutions provider of mobile-based access-management and security solutions. With offices in Chicago, Las Vegas, Seoul and in Europe, OpenWays provides technology solutions allowing for the secure issuance and delivery of access rights and keys processed via any cell phone operating on any network. The OpenWays solution is truly unique as it is built on the concept of credential dematerialization. The OpenWays mobile room key solution works on ALL the 6.5 billion cell phones in service in the world today. For more information, please contact Andrew Sanders at +1 732 707-1869 or email asanders@openways.com. More information can be found by visiting www.OpenWays.com.
 
OpenWays has developed its cure for the impacted locks independently and no endorsement of the affected lock manufacturer is intended or implied. (*) other major non published security threats were discovered. In the interest of everyones safety, it is OpenWays policy to not publicly disclose security threats. Such “reserved “information will only be made available to pre-qualified hoteliers.