F-Secure has found design flaws that allow attackers to open hotel room doors without being noticed

"You can imagine what a malicious person could do with the power to enter any hotel room,
with a master key created basically out of thin air."

Tomi Tuominen

Practice Leader at F-Secure Cyber Security Services

Tomi Tuominen

Ghost in the Locks

F-Secure researchers have found that global hotel chains and hotels worldwide are using an electronic lock system that could be exploited by an attacker to gain access to any room in the facility.

The researchers simulated the attack with an ordinary electronic key to the target facility. Using information on the key, they were able to create a master key that can open any door using the same lock system in the facility. The key doesn't even have to be a working key – even one that's long expired, discarded, or used to access spaces such as a garage or closet could be used. The attack can be performed without being noticed.

The design flaws discovered in the smart lock system's software, which is known as Vision by VingCard and used to secure millions of hotel rooms worldwide, have prompted the world's largest lock manufacturer, Assa Abloy, to issue software updates with security fixes to mitigate the issue.

Ghost in the Locks presentation

F-Secure researchers Tomi Tuominen and Timo Hirvonen explain the hotel room lock hacking experiment at INFILTRATE 2018 Security Conference.

Security should not be treated as an afterthought

Understanding the interaction between hardware and software is essential in designing secure products. You need to make the right choices from the beginning, since hardware vulnerabilities cannot be patched as easily as software. Involving our world-class hardware security experts in the process early on will save you time and money.

Our hardware security services include:

  • Hardware and firmware design review
  • FPGA, firmware, application source code review
  • Penetration testing
  • Research & Development
"Our success rate in completely subverting the security of nearly 100% of our tested targets is only equal to the ability of ensuring their security, and safety, before deployment. We had the privilege to help countless customers early on in their development phase, with a cost-effective approach instrumental for the security of their products whether operating on air, land, sea or space."

Andrea Barisani

Head of Hardware Security at F-Secure

Andrea Barisani

Contact us

Get in touch with one of our hardware security experts to discuss your product security.


F-Secure researchers Tomi Tuominen and Timo Hirvonen were interviewed about the Ghost in the Locks case in our Cyber Security Sauna podcast.

Listen to the podcast

Behind the scenes

The researchers' interest in hacking hotel locks was sparked a decade ago when a colleague's laptop was stolen from a hotel room. When the researchers reported the theft, hotel staff dismissed their complaint as there was no sign of forced entry, and no evidence of unauthorized access in the room entry logs. The researchers decided to investigate the issue further.

Read more

In the media

"Researchers say flaws they found in the equipment's software meant they could create "master keys" that opened the rooms without leaving an activity log."