Door Lock Security Workgroup

From HTNG Connectivity Wiki

Jump to: navigation, search


Workgroup Overview

Hotels, and particularly smaller hotel groups and independent hotels, lack both the technical sophistication and any credible source of information to help them assess the security of various door locking solutions. As a result, these systems are often bought based on other considerations such as cost or functionality, which can lead to hotels purchasing systems with poor security. This workgroup will mitigate these issues by creating a set of testing procedures and valuation criteria, to be performed by a trusted third party capable of bench marking locking solutions against a well defined list of standards.

Current Workgroup Charter Outline

Business Problem

There is a lack of credible information by which hotels can evaluate the relative security of a physical access control (locking) solution.

  • Locking solutions of widely varying levels of security are available on the market, at various price points and levels of intellectual property risk
  • But most hotel brands and virtually all hotel owners lack the technical knowledge to evaluate locking system security (both software and hardware) objectively and adequately.
  • Buyers lack empirical evidence to verify most security claims made by vendors for locking systems.
  • There are no neutral, third party standards or guidelines against which complete locking solutions are benchmarked.

As a result of buyers being unable to tell which locking solutions are more secure, they select on other factors, such as price. This may lead to the (often unknowing) selection of less secure solutions.

Planned Outcomes

A standard set of testing procedures and valuation criteria, and one or more approved neutral (trusted) third parties capable of benchmarking locking solutions or components against those criteria. Criteria might include, for example:

  • Wireless communication infrastructure (e.g. ZigBee, ZWave, BlueTooth)
  • Physical RFID credentials, communications protocols, authentication protocols, and encryption methodologies
  • Bluetooth as a communications medium for access control
  • Hardware design vulnerabilities
  • Logical identification and authentication


Key Contacts


  • Armand Rabinowitz, Hyatt Hotels Corporation
  • Ted Harrington, Independent Security Evaluators

Board Liaisons:

  • Peter Engel

Facilitator: Patrick Dunphy

Status/Meeting Schedule

  • weekly meeting schedule for the first few months of operation, to be reevaluated as needed


List of participants

Categories of participation:


  • Hotels planning to use, or using RFID
  • Locking solution providers
  • Smartcard IC manufacturers
  • Card/inlay manufacturers
  • Security consultants or test houses

Participation Options:

Key Documents & Other Useful Information


  • TBA
Personal tools
administrative tools