I just checked out of my hotel room in NYC after delivering an identity theft speech to the most wonderful New Yorkers at the Federal Reserve Bank of NY, and it reminded me of a question I hear constantly as I travel:
Can my identity be stolen off of the room key cards that hotels use?
In my experience, the answer is “no”. I have never found anything other than my name, room number and occasionally a customer number encoded on the magnetic strip on the back of the card.
Here’s how key cards work. Hotels store your personal information (credit card number, address, etc.) on their computer system rather than on the card. When they issue you your key card, they encode your name and the room number onto the card. When you use your key card at the hotel gift store or at the bar, it simply records that charge to your room or customer number. When you check out, the charge is billed directly to your credit card.
To verify the accuracy of my experiences, I researched hotel key cards on Snopes.com. Snopes is an excellent way to verify the truth of possible scams, frauds and urban myths. Snopes supports my findings, however…
Why take the chance? I’ve never been to a hotel that actually charges you if you don’t return the cards. So, the responsible privacy reflex here is to minimize your chances by destroying the card, even if it doesn’t pose much of a risk. Just like you should shred mail that only has your name and address on it (the first pieces of information an identity thief needs to uncover more identity on the Internet), so should you eliminate the chances that something on the hotel key card will ever be used to steal your identity. It costs you nothing and takes less than 30 seconds to CHOP. And in the meantime, this will get you in the habit of destroying identity exposure so that when it does count, you’re prepared.
Identity theft prevention isn’t about being paranoid, it’s about establishing good habits of privacy and being prepared.