Lock firm Onity offering security fix

The firm that makes door locks with a well-publicised security vulnerability has said it is offering a fix.

Onity makes locks for hotel rooms around the world, but a hacker revealed in July that a security flaw meant burglars could easily access the code to unlock them.

A series of thefts in hotel rooms in Texas has been traced to a burglar believed to have used the technique.

One security expert said Onity had a "big problem" on its hands.

In a statement to the BBC, the company said: "Immediately following the hacker's public presentation of illegal methods of breaking into hotel rooms, Onity engineers quickly developed both mechanical and technical solutions to address the issue.

"These solutions have been tested and validated by two independent security firms, and are available to customers worldwide. All requests for these solutions have already been fulfilled, or are in the process of being fulfilled."

The company declined to give further details about what these solutions were.

An earlier statement detailed how a mechanical cap could be fitted to the lock, but that statement has since been removed from Onity's website.

It has also offered a more permanent fix that involves an upgraded circuit board or new lock, but these must be fitted at the hotel owners' cost.

Some hotels are simply gluing the holes.

Onity is advising customers concerned about insecure locks to call its helpline, which it said was staffed with specialists "who can immediately help select and implement the best possible solution for that customer's specific property".

Master key

Onity locks are believed to be fitted on about 10 million doors worldwide.

In July security researcher Cody Brocious detailed a method for unlocking them using a digital tool that once inserted into a small hole in the door allowed an intruder to discover the combination for the lock.

The hole is described by the company as a power port although it also contains a chip to allow hotels to control which master keys open which doors.

Alan Woodward, a security consultant, told the BBC that the most widespread means used to secure the doors so far was to seal the hole shut.

"I read in various security forums that Onity said they are working on some form of cap, but more temporary fixes could easily be broken by using a penknife or similar," he said.

"With so many locks installed, it has a big problem on its hands."

More on this story