As parking technology continues to evolve, more and more of the interactions that parking owners and operators have with their customers are digital. The majority of on- and off-street parking operations utilize some form of mobile platform to enable customers to locate, navigate too, and most importantly pay for their parking.
While this transition has helped to significantly streamline parking operations and create a more seamless and pleasant experience for customers, it leads to a lot of questions and concerns regarding the protection of Personally Identifiable Information (PII). At ParkEngage, all of our touchless parking solutions incorporate technologies which help to increase customer convenience but come with the responsibility to provide a high level of security for the information our clients’ customers provide.
ParkEngage takes this responsibility very seriously and we implement numerous strategies to protect PII and ensure the security of this critical data. These efforts include:
- All customer PII data is transmitted over SSL for secure connection. All transactions are secured with the SSL protocol. Using SSL helps encrypt the user’s private information so user payment information, and other sensitive data are protected. This also improves payment security and makes customers more willing to buy and use our products.
- Tokenization/HASH-based Encryption. Tokenization replaces sensitive user data like names, license plate numbers, email addresses, phone numbers, vehicle nicknames, passwords, etc. With a randomly generated string of characters, it reduces the risk associated with a data breach. We also use this technique when processing credit card data. When the transaction is authorized, the data is sent to a centralized server and stored securely.
- Use Strong Passwords. We have enabled PCI compliance-based password policies and encryption algorithms so that user data cannot be hacked.
- Two Factor Authentication. This strategy provides an additional layer of security to the standard method of online identification using passwords.
- PCI Compliance Payment Gateway for Secure Transactions. We follow the Payment Card Industry Data Security Standards (PCI DSS) provided guidelines to secure sensitive data in payment processing.
- Anti-fraud Tools. ParkEngage has developed an in-house AI-based anti-fraud tool to identify malicious transactions based on the user transaction patterns
- Secure Cloud-based Infra. We use a secure virtual network in cloud. The cloud provider has all the security and monitoring software installed within their ecosystem, which is helpful to transmit the user data securely. Operating systems and other software remain up to date as per the latest stable released versions.
- Secure Deployment Environment. We use secure VPN tunnels to deploy and manage our software in the cloud. All the cloud virtual machine instances have private interfaces and cannot be accessed over a public network.
- Data Backup and Purging Policies. Backups are one of the most crucial steps in protecting your PII and sensitive data. We have appropriate policies in place to securely back up the user data and timely purge the data of the off-boarded customers.
ParkEngage is consistently seeking to identify and implement the highest level of security to protect our clients and the PII of their customers. As the industry continues to transform, we will continue to evaluate the latest data security solutions and incorporate these strategies as they are appropriate for our clients.