Hilton and Starwood will soon allow guests to unlock their rooms via a smartphone app.
Starwood, owner of the Sheraton, Westin and "W" hotel chains, has upgraded 30,000 room locks in nearly 150 hotels so they can be unlocked with the new app.
Hilton is planning to enable guests to do the same thing in its 600,000 rooms next year. That hotel chain will begin by piloting a smartphone app at 10 U.S. properties in early 2015. Also, in early 2015, Hilton's HHonors mobile room key app will be enabled at all U.S. properties of Conrad Hotels and Resorts.
In 2016, Hilton plans to deploy the technology across 11 brands globally, including DoubleTree, Hampton Inn, Embassy Suites and Waldorf Astoria.
For Hilton, the technology extends beyond simply guest room access. The mobile app, initially available in iOS and Android versions of the Hilton HHonors mobile app, will allow guests access to various areas of each property that require a room key, such as the fitness center, executive floors, elevators and parking facilities, among others.
"Our mobile room key technology gives our guests greater choice and control over their entire experience," Geraldine Calpin, global head of digital at Hilton Worldwide, said in a statement. "We're truly revolutionizing travel by making the stay experience more convenient."
Starwood announced a Bluetooth-enabled smartphone app, called SPG Keyless, that allows Starwood Preferred Guest (SPG) members to use a keyless entry that corresponds to the room number.
SPG Keyless will officially go live Nov. 5 at three Starwood brands: Aloft, Element and W.
SPG members go through a one-time registration process, and on the day of check-in get a push notification that their phones can now unlock their assigned room. Guests then simply open the app and swipe the phone across a keyless pad on the door.
Starwood said its in-house tech team worked closely with Swedish lock manufacturer Assa Abloy to develop a software and hardware technology for the SPG Keyless entry that is "safe, reliable and design-forward – and equally secure as key card technology."
Mobile keys are sent to the guest’s phone over the Internet using AES encryption and cryptographic hash functions to ensure security, a company spokesperson said. Starwood also hired an independent third-party security firm to conduct “penetration testing” on both the locks and the SPG mobile app to identify for remediation any vulnerabilities.
"Starwood will continue to examine and refine processes as more guests provide feedback following launch," the spokesperson said.
Avivah Litan, a vice president in charge of research at Gartner, said the fact that a door can be opened by a mobile application, also automatically opens it up to security breaches. That does not, however, necessariliy make them more vulnerable than physical cards.
"Someone could hack into your mobile phone and get into your room. It’s easier because it’s connected to the Internet," Litan said. [But] "data on the physical swipe card can be copied and written onto another card. Key locks can be broken relatively easy by a skilled robber. Smart phone apps may offer stronger security assuming the data is encrypted but it may also be prone to user issues, i.e. Not knowing how to use the app – which can cause customer service issues."