ASSA ABLOY Hospitality comments regarding hotel lock software system VingCard Vision

Two researchers employed by F-secure have been working for more than a decade to try to find a vulnerability in the hotel locksoftware system VingCard Vision.

Regarding this, ASSA ABLOY wants to make the following statements and clarifications:

  • Vision Software is a 20-year-old product, which has been compromised after 12 years and thousands of hours of intensive work by two employees at F-Secure.
  • ASSA ABLOY has fixed the flaws in the Vision software and issued software updates, released in February. Hotels that have applied the updates to their systems are not vulnerable.
  • Digital devices and software of all kinds are vulnerable to hacking. However, it would take a big team of skilled specialists years to try to repeat the effort. Since the tools are not made available, it is not about just going into a hotel and getting instant access.
  • These locks represent only a small fraction of the hotel locks in the world and are being rapidly replaced with new, more advanced technology.
  •  For the past decade new features have been launched exclusively on Visionline, a different platform that is not impacted.
  • ASSA ABLOY is constantly monitoring, assessing and addressing its security in order to keep its technology safe.
  • Tools and details of the method will not be released by F-Secure and are known by very few individuals.