The number of hotels in the United States that have digital keys available rose from 6 percent in 2016 to 17 percent last year, according to a survey by the American Hotel & Lodging Association. Marriott International, Hilton, MGM Resorts and Disney hotels are among the brands offering loyalty members the option of using digital keys at some properties.
Some, including Hilton and Marriott, only allow a single phone to receive a key during a stay, and other guests in the room receive card keys. Like the card keys, the digital keys can be used to access elevators, fitness centers, parking garages and other common areas. Some mobile keys require the user to touch a button on their phone screen to unlock the door, while others require that the phone be held up to the lock.
Digital keys are hugely popular with travelers in some areas, like Silicon Valley, but overall, only about 10 percent of all hotel guests use them, Mr. Aznar estimated.
“Every new technology generates a little fear,” he said.
One of those who shied away during a recent trip was Lexi Galantino, 23, a San Francisco-based software engineer who specializes in protecting privacy. Ms. Galantino was set to try a digital key at a hotel in Kauai, Hawaii, in April, but as she was downloading the app, she opted instead for a card key.
“I was a little bit spooked by some of the security things,” she said.
Last year, the Finnish cybersecurity firm F-Secure Corp. revealed that after thousands of hours of work it had found a flaw in an older model RFID-style digital hotel lock that could allow hackers to create a spoof master key. It worked with Assa Abloy to patch the software, which was used in 42,000 properties in 166 countries, said Tomi Tuominen, of Helsinki, one of researchers. “We broke and then it got fixed,” he said.