There’s been a great deal of discussion recently about the increasing integration of QR codes into the parking experience. Specifically, some have raised concerns about the potential security complications if not implemented or monitored appropriately.

QR codes have become integrated into many aspects of parking technology, from parking meter payments, to parking garage access. However, as adoption rates increase, scammers are on the lookout for gaps in the business processes involving QR codes. In a recent case, authorities found that someone had placed fake QR codes onto parking meters throughout a city, sending unsuspecting patrons to a fake payment site.

As parking technologies continue to become more sophisticated, the responsibility to protect consumers grows as well. Processes using QR code technology are no exception. There are many scenarios where it is an extremely valuable and convenient solution for parking operations, but some in which it should be avoided or used very cautiously.

The use of QR codes for parking business processes in itself is not harmful. But if they are not installed in a trusted, controlled, and physically secure environment, they could be targets for tampering. For instance, scammers could replace legitimately posted QR codes with fake ones, leading the customer to malicious links or even to download malware on their phones.

In parking, QR codes are best suited for parking garages and gated lots rather than for open street parking or un-monitored facilities. Vending the gates is an ideal process to automate with QR codes, but care should be taken if QR codes are used to prompt the customer to initiate payment processes.

Customers should be taken to the payment process via a secured link sent to them only after they have been able to physically verify a trusted and expected second factor outcome, like the opening of a gate arm. If that expected second factor outcome does not take place, it would caution the customer that something is wrong, and they can notify the attendant immediately to take corrective action. This prevents any other customer from exposure if it indeed happened due to a fake QR code.

For example, only after the customer sees that their scanned QR code has successfully opened the gate (thus establishing the QR code’s verity), would they then trust an eTicket link, sent to their mobile device, after they have successfully entered through the gate. Once this trust is established, they would be willing to safely use that eTicket link for payment, before proceeding to the exit gate. For added safety, we propose our customers use our unique system of Dynamic QR Codes.

Finally, there are also a number of physical design-related precautions that are necessary to protect the process. Proper branding and signage elements will inform the customers of the exact steps and screens to expect during the parking process, while creating a professional and quality image for the garage. In addition, simply locating the signage in a convenient location, but secured behind or within a clear box or structure will eliminate the opportunity for anyone to tamper with the actual QR code. As parking professionals, it is important that we are constantly looking at all aspects of our parking operations to ensure that the public is protected both physically, as well as digitally. The responsible integration of these valuable technologies will not only ensure that we keep our communities protected, but that we maintain the highest standard of quality for our organizations.

Touchless parking has transformed the parking industry in recent years. It was already significantly impacting the market before COVID-19 came along, with the younger, smartphone-dependent generation adopting the solutions at a high rate. Following COVID people are very conscious of hygiene and would prefer to touch few surfaces and interact with as few individuals throughout their day as possible.

Some garages have tried to offer touchless parking to their parkers, but with the technologies available to them in the market, they have been limited to offer touchless solutions to only those parkers who have identified themselves prior to coming to the garage. This is typically as low as 10-20 percent of the total number of customers who park with them. With these limiting technologies, garages have only been able to offer touchless parking if a customer is willing to download parking apps on their phones, register their vehicles by creating customer accounts with the garage, or make a reservation or hold a permit thus identifying their vehicle.  

However, the majority of the parkers coming to a typical garage are drive-up customers. These customers may have never visited that garage before, may be unwilling to download a new parking app or create an account, or may not have a prior reservation or permit. Unfortunately, in the absence of any touchless solution for the drive-up customers available to the garage, those parkers are limited to using old-fashion paper tickets. They must push a button on a ticket dispensing machine, pull a ticket, carry and not misplace their paper ticket, and then present their paper ticket at the time of payment to the parking attendant or insert in a pay on foot machines. Thus exposing themselves to the unhygienic surfaces, or putting themselves and the attendant at risk of exposure to transmission of germs.

ParkEngage is revolutionizing the touchless parking technologies. With the ParkEngage Touchless Parking solutions deployed in the garage, all customers, regardless of previous parking, permit, or reservation status, get the same touchless experience, and all of that without customer needing to download any parking App.

Contact us for more information about our innovative Touchless Parking solution and to set up a demo or a free trial.