RFID wristbands for resort guests

[jcemom]

You cold even have 1 wristband be the active band for a family of 5- like mine. I get FPs for all the rides with the one wristband.

If this were possible, I'd be okay with the wristband...as long as it could be carried somewhere other than on my wrist.

 

[JimmyV]

With all the publicity lately about how easy it is for credit card skimmers to carry around electronic readers and pirate your information from RFID encoded credit cards, I would not want to have anything to do with this system in a place as crowded as WDW if charging privileges and any sort of payment information were encoded on my wristband.

 

[LoriJune]

I don't think it would bother me and if it did I would throw it in my purse. I would keep the kids bands in my purse as well, for fear they would be too easily lost. Love the photopass element the most, can't stand digging for the card each time we'd like a picture taken.

 

[BAMLuvMickey]

Bands make a lot of sense, actually. All the paper tickets is so 20th century.

As for costs...costs will always go up. That is the way of the world.

If done right, the bands could help a lot.

I agree! There is a chance of losing your KTTW card or paper ticket. At least with a wrist band(as tacky as some may think it looks) you have less of a chance of losing it...

I wish that there was a way for costs to stay the same...Last time I went, I went for less than three grand, now when I price a trip, I can't seem to get a quote under 4500...

 

[notnothin]

A very valid concern and one I raised over in the Rumors and News forum thread on this same topic. It's something that'll need to be addressed.

I feel nearly certain that there will be some level of encryption or key exchange involved in this implementation. I can't see them rolling something out which could be easily cloned with a skimmer.

 

[kerplop]

A very valid concern and one I raised over in the Rumors and News forum thread on this same topic. It's something that'll need to be addressed.

I think if any major corporation can somehow make it work, it'd be Disney. But they would have to throw some major R&D into the tech to make it secure and I don't know if they'd be willing to do that. I still don't know if I'd trust it. I have one credit card with RFID and I keep that in a blocking sleeve.

 

[networktek]

those are great can't wait till they have them out

 

[JimmyV]

I think if any major corporation can somehow make it work, it'd be Disney. But they would have to throw some major R&D into the tech to make it secure and I don't know if they'd be willing to do that. I still don't know if I'd trust it. I have one credit card with RFID and I keep that in a blocking sleeve.

That's a big "if" Every major financial institution has been hacked, as has the CIA, Department of Defense, and most governments. Hackers are always one step ahead of R&D.

 

[kaligal]

I don't like wristbands.

 

[discorsner]

My concerns are the same as pretty much everyone else..

1) Fastpass running. I would need an easy way for DH to be able to go get them all.

2) Privacy and theft issues

3) Not sure I would like the feel of the bracelet in 95 degree weather

4) What color would I get to coordinate with all the different outfits for the week???

I guess we will have to wait and see!

 

[kerplop]

That's a big "if" Every major financial institution has been hacked, as has the CIA, Department of Defense, and most governments. Hackers are always one step ahead of R&D.

Oh I don't disagree at all! Then again like credit card companies I could see them doing it for convenience regardless of the security issues.

 

[tmarquez]

I don't want to wear a wrist band, it'll irritate my skin and annoy me.

Since I'm an AP holder can I have my RF chip implanted under the skin instead?

 

[ChloroFiend]

I feel nearly certain that there will be some level of encryption or key exchange involved in this implementation. I can't see them rolling something out which could be easily cloned with a skimmer.

Now we're speaking my language. I'd hope so, but that kind of goes against what RFID does. You interrogate the chip, it responds with its ID....SKU for inventory, employee ID for a badge, that kind of thing. The end-chips are pretty stupid, for lack of a better term. They don't process, they don't compute....embedding processors into chips (think a wireless smart card) will add a SIGNIFICANT cost to the whole implementation. Think dollars per bracelet compared to pennies.....even with Disney's economy of scale.

There have been some papers written on the subject of authentication. I think one was called "Forward-secure RFID Authentication and Key Exchange" but I haven't heard anything written about a real-world implementation. Talk about a test-case.

Just encrypting the information stored on the bracelets wouldn't do much good. You could skim just the same and then pass that encrypted value to the reader; just like a pass-the-hash password attack. Sure, you might not get access to the real data (credit card, room number, names), but it doesn't much matter.

Also, don't think so fast that Disney wouldn't roll out something insecure. Many of the kiosks that take credit cards/KTTW in the park are using WiFi for communication and (if memory serves, its been a while since I fired up a WiFi analyzer on my phone) they were using encryption methods easily bypassed/intercepted. Not saying it's happening, but it could.

I think if any major corporation can somehow make it work, it'd be Disney. But they would have to throw some major R&D into the tech to make it secure and I don't know if they'd be willing to do that. I still don't know if I'd trust it. I have one credit card with RFID and I keep that in a blocking sleeve.

Plenty of major corporations have implemented RFID on a massive scale...such as WalMart for inventory tracking. The main difference is the information being stored in the RFID; skimming a SKU of a pallet of razor blades is one thing. Skimming access to a hotel room or charge ability is completely different.

My concerns are the same as pretty much everyone else..

1) Fastpass running. I would need an easy way for DH to be able to go get them all.

2) Privacy and theft issues

3) Not sure I would like the feel of the bracelet in 95 degree weather

4) What color would I get to coordinate with all the different outfits for the week???

I guess we will have to wait and see!

You forgot tan lines. And yeah, we'll definitely have to wait and see.

 

[notnothin]

Now we're speaking my language. I'd hope so, but that kind of goes against what RFID does. You interrogate the chip, it responds with its ID....SKU for inventory, employee ID for a badge, that kind of thing. The end-chips are pretty stupid, for lack of a better term. They don't process, they don't compute....embedding processors into chips (think a wireless smart card) will add a SIGNIFICANT cost to the whole implementation. Think dollars per bracelet compared to pennies.....even with Disney's economy of scale.

There have been some papers written on the subject of authentication. I think one was called "Forward-secure RFID Authentication and Key Exchange" but I haven't heard anything written about a real-world implementation. Talk about a test-case.

Just encrypting the information stored on the bracelets wouldn't do much good. You could skim just the same and then pass that encrypted value to the reader; just like a pass-the-hash password attack. Sure, you might not get access to the real data (credit card, room number, names), but it doesn't much matter.

Also, don't think so fast that Disney wouldn't roll out something insecure. Many of the kiosks that take credit cards/KTTW in the park are using WiFi for communication and (if memory serves, its been a while since I fired up a WiFi analyzer on my phone) they were using encryption methods easily bypassed/intercepted. Not saying it's happening, but it could.

Agreed for the most part and a good response. I've read a bit on some nextgen implementations of RFID utilizing digital signatures and PKE and it sounds promising. Not sure that Disney would roll out such a bleeding edge version of that chip, though. Hilarious on the network sniffing, don't tell me it was WEP?!?

 

[going/again]

As for the cost of the bands, RFID chips are pretty cheap and they won't have issues being "demagnetized".

They can also be read with a reader from ebay, they cost about £20, easy to get all your details off

 

[pooh2001]

We have already pre-bought our 10 day park hoppers tickets.

If my family wants the wrist bands and they are available June 2012 -

Then HOW do I excahnge the 10 day park hoppers tickets for the new RFID wristbands ?

DD would want pink, DW, me, would take purple, DS would do blue and DH would do any color other than black.

 

[pgowder]

Bands make a lot of sense, actually. All the paper tickets is so 20th century.

I was shocked when they handed me a paper ticket for my AP!

I'd love to have my AP on a band.

 

[Lumiere Lover]

I can see paying extra for something like this. I think the video of you and your family on a ride together is worth it. I think this sounds super exciting!!

 

[Mickey'sApprentice]

I don't think they would charge extra for it.

These wrist bands would make it Sooooo easy to spend money.

Oh, I love that Mickey Mug! (Bleep) --- What a good picture of us on Splash Mountain! (Bleep) DD would just love that tinkerbell outfit (Bleep). Hey how about a Dole Whip? (Bleep)

Here's your Bill. Oh (#&^@!!!) I mean (Bleep!!)

 

[bellanotte10]

I don't think they would charge extra for it.

These wrist bands would make it Sooooo easy to spend money.

Oh, I love that Mickey Mug! (Bleep) --- What a good picture of us on Splash Mountain! (Bleep) DD would just love that tinkerbell outfit (Bleep). Hey how about a Dole Whip? (Bleep)

Here's your Bill. Oh (#&^@!!!) I mean (Bleep!!)

I agree, but i've found that its just as easy to overspend with a KTTW card attached to your credit card simply because it doesn't look like your credit card anymore, and is more convinient