Most lock manufacturers don’t really talk about security because it is ‘proprietary’. They have a legitimate interest in not sharing information because they don’t want their competitors to steal anything that is good and they don’t want anybody to know what is not good.
At y!kes, we have a different vision on the topic. We believe that transparency is key to mobile key technology, especially when it comes to security and privacy.
Where are user credentials saved?
Most guest credentials reside on the user’s phone. The problem is, phones are not secure. If a phone is stolen, or if the guest is a hacker, it’s easy to access and manipulate data and credentials.
With y!kes, no credentials are stored on the phone. There is nothing of interest to a hacker on the guest’s phone.
How often are credentials generated?
Other solutions on the market place have credentials provided to the guest for a given stay one time only. It leaves the door opened (no pun intended) for ‘replay attacks’, meaning a hacker can break the code and replay it over and over again to access rooms.
With y!kes, credentials are only generated and supplied to the guest when the guest is approaching the door. Credentials are only good for a few seconds, refreshed regularly to prevent ‘replay attacks’.
What’s the difference between point-to-point and multi-point communication?
Other solutions on the market offer point-to-point communication between only the phone and the lock, credentials being stored on the phone. Such solutions have a much higher risk of man-in-the-middle attacks, meaning it is easy for a hacker to break the code between the phone and the lock, even if the communication is encrypted.
y!kes relies on a third point of communication. Not only are credentials encrypted to stop man-in-the middle attacks between the 3 points (devices) of communication, but the guest’s phone is only given part of the credentials. The 2 other devices in the system are given credentials independently. All 3 devices must work together to unlock the door.
What if the guest leaves the phone close to the door while inside the room?
Other solutions on the market cannot detect whether the phone is inside or outside the room, they only detect whether the phone is within proximity of the door. If a guest inadvertently leaves the phone next to the door while sleeping, any one can unlock the door from the outside.
y!kes patented ‘inside/outside detection’ technology detects whether a guest’s phone is inside or outside the room. Even if the phone sits inside the room by the door, the door remains locked. See it in action.
Can guests share a key on their mobile app, and is it more secure than an RFID card?
When you give two RFID cards to a guest, you don’t know with whom the guest shares the key cards, you have no control. The same applies to most of the mobile key solutions on the market.
With y!kes’ unique Shared Keys feature, guests can control with whom they share access to their room. You – the hotelier – can revoke the shared key function at any time.
To learn more, download our white paper on security here.