Hyatt believes that a digital hotel key stored in your Apple Wallet is an extremely safe and convenient, contactless alternative to physical keys and keycards. It’s also a small step away from the digital room keys already being offered in the World of Hyatt app, as it uses the same near-field communication (NFC) technology. It’s not unreasonable to have doubts about the security of a system like this, but experts believe that, while not infallible, Apple Wallet keys are even more secure than physical keys. However, they also point out that this convenience and security can come at a pretty steep price point for everyone involved. “It is generally more secure to use a digital key because someone would have to obtain and compromise the mobile device to illegally access the hotel room,” said Aubrey Turner, Executive Advisor at zero trust security company Ping Identity, in an email to Lifewire. “People tend to leave their keys in the cardboard room key holder they provide at check-in, which shows the hotel room number to potential thieves and makes it easier to break in.”
Better Than Cards?
Convenience and security are being touted as the most important aspects to storing hotel keys in Apple Wallet, and experts mostly agree. A small physical keycard can get lost or stolen more easily than an iPhone, and as Turner pointed out, many physical room keys also include the room number. If your iPhone were lost or stolen, thieves would have to be able to unlock the phone to use the key in the first place. Also, you have a chance at tracking a missing iPhone with the Find My app—physical keys generally aren’t trackable in the same way. “Compared to the traditional keys that do not require additional factors to use, Apple has tapped a new quality in the hospitality industry in granting, removing access, and authenticating users,” said Wojciech Syrkiewicz-Trepiak, Security Engineer at infrastructure as code (IaC) company Spacelift, in an email to Lifewire, “What’s more, Apple Wallet takes security pretty seriously; therefore, the chances of third-party compromising are not only low but almost impossible as there are no known ways of doing so.” Syrkiewicz-Trepiak also pointed out that some physical keycards intended for NFC locks can be easily copied. “Once it’s done,” Syrkiewicz-Trepiak said, “the card is valid as long as the existing card is active in the system.” A digital key in your Apple Wallet won’t have that same vulnerability, though Turner acknowledged that it is technically possible to clone a phone. However, something like that is unlikely as it requires a lot of work in addition to compromising your Apple ID. Human error is also something to account for. According to Turner, “In more than 15 years of travel, I have occasionally been given the key to a hotel room that was occupied, so I suspect mistakes will be made as adoption increases for this convenience.”
Somewhat Limited in Scope
So in a general sense, experts agree that Apple Wallet is a very safe and secure system to use for digital keys. However, Mark Zisek, Director of Commercial Operations at the hotel supply company Front Desk Supply, has a different perspective on the technology. It’s not a security risk, but the usability and convenience are more of a financial matter. “Upgrading locks is expensive. Tens of thousands of dollars are spent changing lock systems depending on the hotel,” Zisek said in an email to Lifewire, “The Hyatt and big hotel brands can accomplish this because they likely cut a deal with the lock manufacturers. For independent and boutique hotels, this option will be costly, and they may not have the staff to determine how to best implement Apple Wallet room keys.” Then there’s the matter of simply using an iPhone in the first place. Contactless digital key entry with a device most people have on them is faster and generally more convenient than a thin piece of plastic. But what about the times when you don’t want to carry an expensive piece of electronic equipment around? “This is especially true for vacationers who might go to the pool and might not want their $ 1,000’ key card’ to get wet or risk getting stolen,” Zisek pointed out, “It is convenient for a swath of guests, but certainly not for everyone.”