Protect your own and your customers’ valuable business data

Protect your own and your customers’ valuable business data

Gisela Bechmann4 minutes reading time

Data security and availability are in increasing demand these days. The risks of cyber-attacks and other digital threats grow every year, and managing those risks is becoming more and more of a priority for all of us. To protect yourself from threats as a parking operator, it is imperative that your parking management system is running the latest operating system security patches and the latest parking system application patches.

 

Q: What does PCI DSS mean?

A: It stands for “Payment Card Industry Data Security Standard” and was developed by the PCI Security Standards Council (PCI SCC) to curb fraud in online credit card payments. The PCI Security Standards Council was created by American Express, VISA, Discover, MasterCard, and JCB in 2006. PCI SCC is responsible for developing and managing the Payment Card Industry Data Security Standard (PCI DSS). This security standard was developed to encourage and enhance cardholder data security and provide consistency in data security globally.

Q: Who has to be PCI compliant?

A: All companies that process cardholder data to enable payments for goods and/or services must comply with PCI DSS. They have to sign a ‘merchant contract’ with an acquiring bank. This agreement also includes an obligation to be PCI compliant. If a car park operator accepts credit card payments on site (this means they are acting as a merchant), then they are required to be PCI DSS compliant.

The SKIDATA parking management system supports several credit card acceptance methods

  1. Real Time Authorization using Credit Card Authorization Server via magstripe (outdated)
  2. Real Time Authorization using External Terminal Hardware (EMV/PTS Chip&Pin Solutions)
  3. Real Time Authorization via External P2PE Terminal Solution (P2PE Chip&Pin Solutions)

The obligation to be PCI DSS compliant comes with several requirements. Operators have to:

  • build and maintain a secure network
  • install and maintain a firewall configuration to protect cardholder data
  • refrain from using vendor-supplied defaults for system passwords and other security parameters
  • protect stored cardholder data
  • encrypt transmission of cardholder data across open, public networks
  •  regularly monitor and test networks
  • maintain an information security policy
  • maintain a vulnerability management program


credit-card-hand-1910x1000

 

Q: How does SKIDATA help simplify PCI compliance?

A: SKIDATA has over 15 years of experience with PCI. We offer several solutions that help our customers minimize the effort and cost of PCI compliance. One such solution is our Point-to-Point Encryption (P2PE) offering. This solution encrypts credit card data from the point of entry until it is securely decrypted at the bank or payment service provider. As a result, the scope of PCI compliance is significantly reduced, simplifying the annual PCI assessments and reducing the operational impact for parking operators.

Q: How does P2PE make PCI compliance easier?

A: P2PE solutions significantly simplify the compliance process by reducing the scope of PCI. This means only the P2PE solution itself falls within the compliance scope, while other parts of the system no longer need to meet the full PCI requirements. This not only reduces audit requirements but also lowers associated costs and operational burdens for operators. Ultimately, PCI-compliant parking systems can be run more easily and cost-effectively.

Q: How does SKIDATA ensure its systems are always up to date?

A: SKIDATA provides Digital Software Delivery (DSD), a highly convenient way to automatically receive software updates and security patches. Much like Microsoft’s automatic updates, DSD ensures that systems remain up to date without manual intervention. This saves time and costs, while also reducing the effort required for software maintenance. The benefit for our customers is an optimized, secure system environment without the need to worry about software update management.

Q: What is the benefit for parking operators who switch to P2PE?

A: For parking operators, switching to a P2PE solution means a significant reduction in the scope of their annual PCI assessments. Additionally, there is no longer a need for specific, PCI-validated payment applications, as P2PE fully covers the security of credit card data. This leads to fewer operational disruptions and lower compliance costs overall.

 

Sounds complicated? But there is good news:

As mentioned, SKIDATA already has a long history with PCI. We have been providing validated software versions for more than 15 years since the beginning of PCI. We have validated more than 12 major versions of our parking management software in compliance with PCI PA DSS.

It is important to know that PCI SSC has now ceased the PA DSS program and replaced it with a new standard called "SSF Software Security Framework."

Even if SKIDATA is not doing official PCI SSF validations for the parking management software, we have processes and security measures in place for the development group and the whole organization to ensure top-level quality and security for our parking management software and hardware.

SKIDATA strongly recommends migrating to P2PE solutions to achieve PCI site compliance more efficiently, cost-effectively, and with fewer operational impacts. That’s why SKIDATA offers different P2PE-validated solutions for its parking management solutions.

SKIDATA is here to support you: To protect yourself from threats, it is imperative to have an up-to-date system with the latest operating system security patches and parking system application patches. With SKIDATA’s DSD (Digital Software Delivery), a service to download and install software and patches online, like what Microsoft offers with automatic updates, we provide you with high-quality software from a trusted reliable source.

Latest Blogs

Creating Cities That Thrive: Reducing Congestion with Smart Parking Solutions

Read more

SKIDATA & Adyen: Revolutionizing Payments, Everywhere You Go

Read more

Why EV-Charging is Key to Future-Proof Parking Facilities

Read more

Let’s Welcome Emotions: SKIDATA's Leadership in Transforming Sports & Entertainment

Read more

The Revolutionary sMove Gate - A New Era of Welcoming People 

Read more

SKIDATA: From Ticket-Based Systems to AI-Based Mobility

Read more

How SKIDATA's Mobility Suite Makes Urban Parking Management Simple

Read more

SKIDATA: Leading the Way in Integrated Visitor Management Solutions

Read more

Embracing Tomorrow: SKIDATA's Role in Crafting Cutting-Edge Mobility Hubs

Read more

Transforming Parking Payments: The Power of License Plate Recognition

Read more

Smart City Parking Linköping

Read more

SKIDATA: Leading the Charge in Sustainable Access Solutions

Read more

Ticketless Parking: Leading the Charge in Modern Parking Solutions

Read more

Elevating Fan Experience: Sky Stadium's Advanced Access Tech

Read more

We are ClimatePartner certified!

Read more

4 Things to Consider When Choosing a Parking Access Solution Partner

Read more

From Allianz Arena to Asia: SKIDATA's Stadium Access Solutions

Read more

The Benefits of Parking Guidance for Parking Operators

Read more

Parking Management - Data security is key

Read more

Improve customer satisfaction with plausible CSR strategies

Read more

How tomorrow’s car parks benefit from smart IoT

Read more

SKIDATA is ISO 27001 certified

Read more

KitzSki's Journey to Smartphone Ski Passes [Video]

Read more

Streamline your parking operations with LPR

Read more

A piece of nature for your guests’ pocket - keycard pure

Read more

Attract more traffic to your car park with EV-charging stations

Read more

Protect your own and your customers’ valuable business data

Read more

Double your guests’ convenience with parking management for ski resorts

Read more

Revenues 24/7: One-stop-shop anytime, anywhere with e-commerce

Read more

Faster updates for faster deployment

Read more