Slashdot Mirror

← Back to Stories (view on slashdot.org)

Robotic Kiosk Stores Digital Copies of Physical Keys

Posted by Soulskill on from the what-could-possibly-go-wrong dept.

An anonymous reader writes "The New York Daily News reports that a startup company in Manhattan is putting robotic key copying machines in 7-Eleven stores. The machines can automatically create physical copies of common apartment and office keys. What's more interesting is that they allow users to save digital copies of their keys, which can later be created when the original is lost or the user is locked out of their home."

44 of 192 comments (clear)

  1. What could possibly go wrong? by Simulant · · Score: 4, Insightful

    May as well just get rid of physical keys altogether.

    1. Re:What could possibly go wrong? by Anonymous Coward · · Score: 2, Funny

      What can go wrong is when you lose the key to the safe that contains the password to access the digital copy of the key to the safe.

    2. Re:What could possibly go wrong? by BoRegardless · · Score: 2

      We soon get to the same damn thing car company's have when you want to replace your electronic car key and they want $600-800.

      Keys only keep out the bad guys for just a bit longer than an open door, so I doubt electronics will work.

      Have you seen how quickly a short crowbar works on a door? A glass cutter in skilled hands is not much slower, but quieter.

    3. Re:What could possibly go wrong? by Smidge204 · · Score: 4, Insightful

      Crowbar marks, splintered door jams and broken glass are evidence of forced entry.

      Using a key leaves no evidence and may not even raise suspicion should anyone see you do it.
      =Smidge=

    4. Re:What could possibly go wrong? by icebike · · Score: 2

      And the City Key is much faster, but noisy.

      --
      Sig Battery depleted. Reverting to safe mode.
    5. Re:What could possibly go wrong? by calzones · · Score: 3, Insightful

      I see a potential problem where if you loan your key to someone, they can duck into the store and quickly save a copy for themselves to retrieve at any time in the future. Or they might "borrow" your keys for this very purpose and give them back before you realize they are missing.

      Yes, they could theoretically do this with physical copies as well, but that it more cumbersome and takes longer (having to go to a dedicated hardware store to do so).

      I also see landlords not liking this technology.

      --
      Asking people to think is like asking them to buy you a new car
    6. Re:What could possibly go wrong? by icebike · · Score: 2

      Just to help out...

      KeyMe employs high-level encryption and doesn’t store addresses or any other data that can match the key information with a location. Logging into your account requires fingerprint authentication.

      Wait, What? Fingerprint?

      Well how long before that database draws a subpoena?
      And do we know there isn't a camera in the KeyMe kiosks?

      --
      Sig Battery depleted. Reverting to safe mode.
    7. Re:What could possibly go wrong? by king+neckbeard · · Score: 3, Insightful

      You can have copies of house keys made at Wal-Mart.

      --
      This is my signature. There are many like it, but this one is mine.
    8. Re:What could possibly go wrong? by Anonymous Coward · · Score: 2, Funny

      Well how long before that database draws a subpoena?

      A subpoena? How quaint.

    9. Re:What could possibly go wrong? by Charliemopps · · Score: 5, Interesting

      I used to think this to. Then, about 10 years ago, an apartment complex I lived in turned on the heat for the winter. It was set to 65. This is when I realized that I had no thermostat in the apartment. They told me there was no way to turn it up, it was a "fixed system" uh huh... after a bit of exploring I found a locked door in the basement. I did a couple of internet searches, watched some videos and an hour later I was standing in the now unlocked utility room looking at a VERY adjustable thermostat which then got set to 75 for the rest of the winter. When it got too hot we'd just open a window.

      And just for clarification, picking a dead-bolt by a complete novice that had never done it before took all of 2min.

    10. Re:What could possibly go wrong? by Desler · · Score: 2

      Wait, What? Fingerprint?

      So then all that is needed is a warmed up Gummi bear.

    11. Re:What could possibly go wrong? by alexander_686 · · Score: 2

      Yeah, that was my thought as well, but then I had another idea. The only advantage with something like this is to disassociate yourself with your accomplice.

      So you and the victim go on a road trip to City B. Find a excuse to borrow the keys and fill up the gas tank at a 7-11. Transmit the data to City A where your accomplice makes the key and does the crime.

      Now, I am guessing that there are easier ways to do this.

    12. Re:What could possibly go wrong? by TubeSteak · · Score: 3, Insightful

      This is what insurance for, though. Both ways of a thief getting in are what insurance is for.

      Your insurance policy probably doesn't cover shit if there's no evidence of forced entry, but YMMV.
      The police might not even take a report.

      --
      [Fuck Beta]
      o0t!
    13. Re:What could possibly go wrong? by mysidia · · Score: 2

      I also see landlords not liking this technology.

      The commercial apartment owner probably has little to worry about -- these kiosks are most likely not going to be able to duplicate keys to operate Best Lock / SFIC core types; there are also restricted keyway systes they may be using such as Arrow Lock, MUL-T-LOCKs, Schlage Everest, Abloy, Medeco, or BiLock keyways.

      Commercial appartment complexes, schools, and large businesses use key management systems that sometimes leverage high security locks which often contain some important features such as key control -- keys cannot easily be duplicated, except by the specific locksmith responsible for that particular installation, who has the right hardware whose sale is restricted to authorized contracters.

      Generally; they keyway of a restricted keyway high-security lock as well as the format of the key is patented; and restricted sales channels are used to control the distribution of the key blanks (key blank control), in order to prevent unauthorized duplicates.

      Typically; each locksmith will have their own unique serial number and "serial number" pre-encoded on their key blanks (So that essentially, they are only able to cut keys for locks that they sold), and each legal owner will have an ID card.

      Without the ID card, and driver's license matching the name on the ID card; none of the locksmiths allowed to order blanks or locks are allowed to dupe the key.

      Also; the use of patented key designs, means that no other company can legally duplicate it -- therefore, they cannot legally produce a blank, or mill the keys required

      The only unfortunate thing there, is patents have a limited duration -- and the governent has not yet seen fit to extend protections to restricted key designs.

    14. Re:What could possibly go wrong? by hedwards · · Score: 2

      Doubtful, at least for apartment dwellers, there would be some sort of access that the super would have to create a new card key and open the door. The cost of replacing one of these would likely be less than the cost of getting a locksmith to come in and open the door.

      I used to work as a security officer and we loved those keys. It made it easy to change the locks when need be, as most of the time it just required changing the access from the terminal, you could quickly disable access to the super's key if that was lost or misplaced, and the cost of replacing a key, or offering a temporary to a worker was quite low.

      The downside to it is the possibility of somebody cracking the key, but it's not like real keys don't have issues like that as well.

    15. Re:What could possibly go wrong? by Sir+Holo · · Score: 2

      Agreed. Why get rid of physical keys?

      Carrying a few keys is far preferable than having to memorize a bunch of passwords, pass-number codes, etc. Or alternatively to carrying several gigantic, plastic "electronic key fobs" that replace what used to fit easily in your pocket.

      You need to use one to open the pool gate, of course, but don't take it into the water (meaning you must leave your housekey/fob on your blanket while you swim. Increased security my ass.)!

      At the end of the day, you and I are still just bags of meat. We all find it natural to interact with the world by touch and feel –– by using or manipulating objects.

      And, y'know, touch-screen-computerizing all interfaces does not automatically make them better. Sometimes, it is the opposite. For example, a major auto manufacturer recently removed the touch-screen control of audio, and replaced that with dials. DIALS for gosh sakes! Consumers had complained that they had had to look away from the (real) road to simply adjust the volume.

    16. Re:What could possibly go wrong? by DigiShaman · · Score: 2

      I know I'm stating the obvious, but it all comes down to trust. Do you trust the technology? Do you trust those that manage said technology? If the answer is 'no', then don't use the device. Pure and simple.

      BTW, personally I would not be using this service. I'd rather hire a licensed (legal) locksmith should something stupid happen. If I'm going to have my security compromised, I'd rather have a paper trail for insurance and law enforcement reasons.

      --
      Life is not for the lazy.
    17. Re:What could possibly go wrong? by CrashPoint · · Score: 2

      Right, just like he has your bank account because of the ATM in the store...

    18. Re:What could possibly go wrong? by hawkinspeter · · Score: 2

      That's funny - I label all my keys with your name and address as well.

      --
      You're a temporary arrangement of matter sliding towards oblivion in a cold, uncaring universe
    19. Re:What could possibly go wrong? by delt0r · · Score: 2

      Locks keep honest people out. Nothing more.

      --
      If information wants to be free, why does my internet connection cost so much?
    20. Re:What could possibly go wrong? by Nukenbar · · Score: 3, Funny

      Locks also keep homeless people from shitting in my car.

    21. Re:What could possibly go wrong? by delt0r · · Score: 2

      You haven't meet the determined homeless.

      --
      If information wants to be free, why does my internet connection cost so much?
    22. Re:What could possibly go wrong? by gameboyhippo · · Score: 2

      I think a specific problem goes like this. I print and store a key. I sell an item such as a home or vehicle and hand over the keys. I then go to the store and reprint the key, now I have an unauthorized key. Yes, if someone wanted to be sneaky they could have just printed an extra key to begin with, but now we have a mechanism where someone could change their mind (like a breakup) and then make a new key.

  2. Public keys by ChumpusRex2003 · · Score: 4, Funny

    Could this be the first case of public key encryption getting broken?

  3. Double edged sword... by mlts · · Score: 4, Interesting

    Copy of physical key's bitting dimensions + address info from a credit card. A remote intruder could download that, then sell lists of those to local gangs wanting some easy prey for home invasions.

    Of course, there is the fact that if you want to buy a bump-resistant lock [1], it won't be something a key copying kiosk can copy easily.

    [1]: I'm partial to Abloy's Protec2 Cliq line because it has the top tier mechanical pick resistance in addition to an electronic lock. Makes life easier to reprogram the lock to deny access just to the single lost key than have to rekey the lock and hand out new keys.

  4. It could work securely by jtownatpunk.net · · Score: 3, Insightful

    There's no technical reason why the kiosk system needs to "know" or store the physical location of the locks that match the keys. Create an account and pay with cash and there's no reason to enter any personally identifying information.

    I think charging $20 for an emergency key is a kick in the nuts, tho. They're only charging $3.50 for a standard copy of a key you have in-hand so why are they being dicks about the price of printing a key you've stored? Well, obviously, the reason is, "Because they can." But it's still a dick move.

    Also, I hope they've got some sort of approval method where a human looks at a picture of the key to see if it's marked "do not duplicate" before a copy is made. That's something I wouldn't trust to OCR.

    1. Re:It could work securely by ChumpusRex2003 · · Score: 4, Informative

      This type of scanning key cutting machine has been around for ages - the storing of the key bitting is new.

      In general, this type of machine designed for public use, is only loaded with blanks for "unrestricted" keys.

      "Do not duplicate" keys are not protected by just being labelled, they are physically a different shape (often with patented curves and bends), and genuine blanks can only be bought by registered locksmiths who have signed an agreement with the manufacturer not to duplicate keys without proof that the customer is authorised to duplicate that key.

      Manufacturers do cut off supply to locksmiths that engage in unauthorized duplication (if they find out). Similarly, the manufacturers will use patent laws to block sale of 3rd party key blanks.

      You can still get unauthorized copies made, but it's more difficult. The higher end manufacturers part-key the key blanks to a locksmith's unique code (using difficult to copy modifications - e.g. holes drilled to a specific depth along the length of the key, or curves engraved on the side of the key); a locksmith can only obtain blanks to duplicate keys that he himself sold, making it much easier to trace unauthorized duplication.

    2. Re:It could work securely by icebike · · Score: 2

      The reason is because if it doesn't use your name or physical location or similar then you have to remember some kind of login that you'll probably never use again,

      Or, you could actually RTFA: (You had time to type all that you could have read the article in less time)

      KeyMe employs high-level encryption and doesn’t store addresses or any other data that can match the key information with a location. Logging into your account requires fingerprint authentication.

      --
      Sig Battery depleted. Reverting to safe mode.
    3. Re:It could work securely by DerekLyons · · Score: 2

      "Do not duplicate" keys are not protected by just being labelled, they are physically a different shape (often with patented curves and bends), and genuine blanks can only be bought by registered locksmiths who have signed an agreement with the manufacturer not to duplicate keys without proof that the customer is authorised to duplicate that key.

        SOME "do not duplicate" keys are like that - but they're a minority because they're expensive and a PITA to manage (like most proprietary systems). Many more are just ordinary keys, the same kind you find at any hardware store or home center, stamped with "DO NOT DUPLICATE". And you can get those copied trivially at the same places you can find the unstamped blanks.

  5. Burglary Convenience? by Mad-Bassist · · Score: 3, Interesting

    Now we can't even trust the babysitter to grab a Slurpee down the street...

    I can only see this inspiring people with shifty morals to try something new because it's now more convenient. Good thing car keys are more complex these days.

    --
    "The only legitimate use of a computer is to play games." - Eugene Jarvis
    1. Re:Burglary Convenience? by Sir+Holo · · Score: 2

      Best to post such things as AC.

  6. IAALS by Anonymous Coward · · Score: 3, Informative

    I Am A LockSmith. The fastest and easiest way to get a bump resistant lock is add one or two tried and tested bump resistant pins. The variety Masterlock came up with does not work. T-pins work well. Dramatically different spring strengths or top pin weights will stop bumping. All three of those methods cost pennies.

    As for the Abloy's of the world, well- they have a problem. Great fun for picking enthusiasts. A good way to kill free time. As for opening them- it takes less time than a Schlage with some spools:

    http://www.youtube.com/watch?v=uj4myR2XlWc

    This is what professionals use. There really is nothing short of a vault door that cannot be opened in seconds. Personally, if you are willing to put the money into a Protec2, you really should consider putting ballistic film on your windows and replacing your door frames with steel. They are on the same level. You can't just increase the strength of one link on a chain and call it good.

    1. Re:IAALS by adolf · · Score: 4, Insightful

      That may cause problems if the fire department wants to get in in a hurry, for example if your house is on fire.

      If the maximum level of security for a home is governed by a fireman's ability to break in, then we're done here. There's nothing left to discuss.

      --
      Kid-proof tablet..
  7. Already easy to steal keys this way by dalias · · Score: 2

    This is nothing you can't do with a camera phone, a decent-angle shot of the victim's key, some trivial math, and a 3D printer. Of course I just said "3D printer" to be trendy. It works just as well with a 2D printer, cutting out the image, laying it on top of a blank key as a pattern, and taking a Dremel to it.

    1. Re:Already easy to steal keys this way by dalias · · Score: 2

      Actually I just guessed this would work, but apparently somebody already made a video showing how to do it: http://www.youtube.com/watch?v=qpDJC4vK7O0

  8. Sure, why not? by Valdrax · · Score: 4, Interesting

    That's what my roommates did at the house I live at. Keyless entry via numeric pad attached to a battery-powered* dead bolt. Simple, convenient, and no less secure than physical keys. It just replaces "something I have" with "something I know," and it isn't vulnerable to bump-keys or lock-picking tools.

    *Lasts for months and gives plenty of warning before it goes out, so no worries there.

    --
    If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
    1. Re:Sure, why not? by Demolition · · Score: 2

      I have one of these on my front door. Handy if you're carrying something and don't want to fish in your pocket for keys.

      I imagine that GP has something similar or perhaps the model with no lever/knob (i.e. just a deadbolt).

    2. Re:Sure, why not? by swillden · · Score: 2

      I'm interested in the particular model.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    3. Re:Sure, why not? by Anonymous Coward · · Score: 4, Interesting

      High voltage electricity acts funny. It doesn't really respect things like insulation or air gaps. Normally-insulating materials like concrete become conductive. When indiscriminately applied to electronics, high voltage doesn't generally do what you want.

      Inappropriately high voltage to the contacts on a digital lock keypad -- not the faceplate, which is floating on a wooden jamb or grounded for a metal jamb -- will, at best, burn out the microcontroller which is responsible for engaging the relay which releases the door. At worst it will simply burn out the input pins responsible for the keypad, leaving a perfectly functional digital lock with no input available to unlock it.

      If you're lucky, or the protagonist in a drama, it will fail in exactly the right way to engage the relay while not damaging any of the other circuitry in the device. This is difficult to achieve in practice and rarely occurs outside of high-pressure situations in TV shows or movies.

      If the bolt relay is activated by putting +Vcc on a transistor or the legs of a solid-state relay, you will have to apply just the right voltage and current through the keypad in order to turn the microcontroller into a blob of solder. However, the resulting blob will simply short out the batteries, either sending no current to the relay, or leaving insufficient current available to drive the bolt motor. If the device has a pair of relays (one per motor direction) then both may become energized, resulting in no motion or a dead short.

      If the bolt relay is activated by grounding a pin, you're screwed unless the circuit designer added a failsafe where the bolt will be released if the microcontroller fails to initialize. Since the failsafe circuitry in most keypad locks is a few lines of code inside the microcontroller's interrupt handler, this is not likely to be triggered by the protagonist's magic lightning.

      I've seen a badly designed keypad lock drain its batteries trying to lock itself repeatedly when the batteries got low. The device had a beeper in it to alert users that its batteries were running low. After several days of unattended beeping, the lock suddenly began to beep twice a second while simultaneously engaging its lock motor. The low voltage began playing havoc with the latches on the keypad input pins and it was interpreting the incoming noise as a user pressing the "lock" button on the keypad. The batteries died in seconds once this failure mode took hold. Fortunately, people were on the correct side of the door to replace them.

  9. Re:Consumer locks are shitty anyway by icebike · · Score: 2

    And yet the work just fine for the intended purpose.
    If people want in, no amount of tumblers will prevent it.

    --
    Sig Battery depleted. Reverting to safe mode.
  10. Re:Don't kid yourself. by mlts · · Score: 2

    The brick through a window leaves an obvious signature, which makes life a lot easier when filing a police report and making an insurance claim on stolen goods.

    A picked lock means (unless there is something obvious like major damage to the lock) that it is just my word with no evidence to back it up. Similar if the burglar is caught. A broken window will almost be a certain conviction. A picked lock can be explained away as the door was already unlocked, so a B&E charge would end up not being able to be prosecuted.

  11. Re:Don't kid yourself. by adolf · · Score: 3, Insightful

    Heh.

    Whenever someone I've known has had their house robbed by a stranger, there's tons of evidence: The place gets trashed.

    It is a different story when you're being robbed by someone you know: They're neat and clean and precise. All you notice is that you go looking for your diamond-studded Rolex, and it isn't there anymore. But chances are good that you've already invited them in, anyway, so a lock doesn't help that situation at all either.

    --
    Kid-proof tablet..
  12. Three million lockouts/year in NYC? by Brooklynoid · · Score: 2

    Really? TFA describes this as a Manhattan-based initiative, so I'm guessing that he's using the term New York City to refer to Manhattan, not Greater New York (all five boroughs). There are 1.6 million people in Manhattan. I don't believe the average person locks themselves out twice per year. Even if he does mean all five boroughs, that still means that one-third of the city locks themselves out each year. I have a very hard time believing this.

    Also, virtually all Manhattan residents live in apartment buildings, so they need to get though two locked doors; the front door to the building and the door to their actual apartment. Pretty much all buildings use a lock/key that can't be (easily) copied (Mul-T-Lock or similar) for the front door, so unless you're going to break into your own lobby, you're still up the creek. And if you live in a building with a doorman or live-in superintendent, they frequently have access to a copy of your key.

    I don't see this catching on in a big way.

  13. Re:Car repair by bonehead · · Score: 2

    Aww.... That's so cute....

    He actually thinks a lock and key can stop someone from getting in...