An article in this months Wired details how Disney spent $1 Billion developing, testing, and rolling out their Magicband system that started actually rolling out in 2013.
Disney's Magicband system is based on a wristband containing an RFID chip and a 2.4gHz wifi transmitter. To use the system, the guest simply aligns the Mickey head on the wristband with a Mickey head on the receiving antenna. These antenna are dispersed throughout the park; for example: rides, souvenir shops, restaurants, and on-property hotel rooms. Rather than having to pull out a wallet to pay for something, one simply uses the Magicband and, upon a good read of the RFID tag, your associated credit card gets charged accordingly. It is even used by their FastPass system which allows you to schedule getting on rides.
When everything works, the reader flashes green and emits a pleasing tone; if something goes wrong, it glows blue, never red. Red lights are forbidden at Disney, as they imply something bad happened. Nothing bad can happen at Disney World.
In early 2014, "atdisneyagain.com" did an actual dissection of a Magicband to get a look at the components, complete with FCC look ups to see exactly what was going on inside.
[Update: corrected grammar and phrasing.]
(Score: 5, Informative) by darthservo on Monday March 23 2015, @03:17PM
My wife and I went there last year, so I'll give my perspective of using them.
We used it for pretty much the whole gamut while we were there - park pass, FastPass lines for rides, room key, purchasing, food service, and the park photographers. For the most part, it was user-friendly and we found they were convenient to wear on the wrist rather than having to pull out a wallet and fumble for the right card. For those that weren't staying on the resort property, Disney provided RFID cards that worked the same way with the option of 'upgrading' to a band.
Of note, most use was some form of two-factor. When you go into the park for the first time during your visit, you scan your band but also have to 'register' a fingerprint. (Though I'm not sure what happens if you refuse to do offer your biometric data as I never did see or hear anyone raise the issue - I should have asked what alternatives they offer.) From that point forward during the rest of your visit, you have to use that same finger to two-factor your entry into the park. I'm assuming they do this in case someone loses their band and another person decides to get a free vacation, but then you think they could just disable the band ID. Would be interesting to know how long they keep your fingerprint retained as well.
Additionally, any purchases are also two-factored by a PIN that you pre-select. If it was lost, someone would need to know your PIN to buy anything. I'm also assuming that since your park pass and room key expires after your last day, then someone couldn't take it with them and start ringing up purchases. Our experience was that purchases get added on to the room bill, which then got billed back to the card we had on file. If you needed to, you could probably dispute something, but I imagine that's not an easy process with Disney.
The one area that was not two-factored was the room key. If someone was able to obtain another guest's band, they'd have a hard time figuring out which room they were staying in - Disney has somewhere around 30,000 rooms on the property, IIRC. But with some social engineering it could lessen those odds significantly. Regardless, it would be the same with a normal hotel room key.
We only ran into a few times where the band didn't register correctly on the receivers, but it was simply a matter of positioning it just so. This seemed to be more of a problem on the POS registers whenever you were buying something and especially with the park photographers' mobile setups. But we did notice instances where a very small number of people just didn't get how to do it, no matter how much help the employees were offering. These instances led to some line-clogging, be it at the park entrance or trying to get into a ride's FastPass line, but nothing major.
Overall, they actually worked very well for their intended purpose. But it would be interesting to see if they end up incorporating this with phones (or smart watches) now that more and more are NFC capable.
"Good judgment seeks balance and progress. Lack of it eventually finds imbalance and frustration." - Dwight D Eisenhower
(Score: 1, Disagree) by darthservo on Monday March 23 2015, @03:22PM
Sorry, it isn't really *two* factor since the bands are just an ID. (Not enough coffee, yadda yadda)
"Good judgment seeks balance and progress. Lack of it eventually finds imbalance and frustration." - Dwight D Eisenhower
(Score: 4, Informative) by tathra on Monday March 23 2015, @03:47PM
no, its still two factor - "something you have" (the band) and "something you are" (fingerprint)
(Score: 1) by skater on Monday March 23 2015, @03:48PM
Your experience matches ours almost perfectly - you must have been following us around!
Seriously, I had forgotten about the fingerprint/PIN step. But I'm pretty sure they were doing fingerprints before the MBs were implemented.
(Score: 0) by Anonymous Coward on Monday March 23 2015, @05:50PM
> But I'm pretty sure they were doing fingerprints before the MBs were implemented
for about 20 years now, the one and only time i went to disney was in the mid 90s and they had just started it