Keeping data secure, confidential, and readily accessible are our greatest priorities.
Passport’s cybersecurity program is based on the concept of Defense in Depth: securing our organization and your data at every layer.
Our cybersecurity program aligns with the NIST Cybersecurity Framework, and Passport is SOC 2 compliant and PCI DSS Level 1 merchant and service provider certified.
While no system can guard against every potential threat, Passport’s defensive line is monitored 24/7, 365 days a year by skilled, highly trained professionals.
Passport’s cybersecurity team, led by our Chief Information Security Officer (CISO), is responsible for the implementation and management of our cybersecurity program. The CISO is supported by the members of Passport’s engineering and product teams and is enabled by our Executive Leadership team.
The focus of Passport’s cybersecurity program is to prevent unauthorized access to customer data. To this end, our team of dedicated cybersecurity practitioners, working in partnership with peers across the company, take specific steps to identify and mitigate risks, implement best practices, and continuously develop ways to improve.
- Do you control the transfer of information to external parties through authentication and encryption?
- Do you currently use encryption in your database(s)?
- Does your product process protected health information (PHI) or any data covered by the Health Insurance Portability and Accountability Act?
Trust Center Updates
Passport 2023 PCI ComplianceComplianceCopy link
We are happy to announce that Passport's 2023 PCI reports are now finalized and live! Please check the cards above to download the latest reports.
Passport 2022 SOC 1 and SOC 2 ComplianceComplianceCopy link
We are happy to announce that Passport's 2022 SOC 1 and SOC 2 reports are now finalized and live! Please check each card above to download the latest reports.
We have received bridge letters from our auditor for the 2022 SOC 1 and SOC 2 reporting period while the 2022 reports are being finalized. Please check the SOC 1 and SOC 2 cards to download the letters from our auditors.
As soon as the final reports are available, we will update this portal with the latest documents and send out another Trust Center announcement.
Passport's Mobile Parking Solutions and PrivacyGeneralCopy link
Passport works with municipalities across the US and Canada to provide cashless, digital parking solutions.
Our mobile parking solution asks for the following personal information when creating an account to pay for parking:
- First and Last name
- Phone number
- Email address
- License plate number
- Vehicle Make and Model
- State / Province
Passport’s mobile parking solution does not capture other information about the user. Passport does request access to details about the phone being used so that we can track mobile device and OS details. For example, we capture data about Android vs Apple mobile device utilization, and within each of those device categories, we are interested in the version of OS used. This helps us ensure our app testing and rollout strategy is informed by and aligned with realities of end-user phone adoption.
As a municipal mobile parking solution, Passport only tracks the space or zone # that someone parked in, along with the date that the parking transaction occurred. This information is absolutely necessary to maintain as it relates to a municipality's ability to enforce parking, whether Passport is the provider of enforcement software for a city, or if that software is provided by another company. Anytime that a citizen is parking, there will be a corresponding need to enforce if that parking violates timeframes or rules defined by a city or private operators in that city.
It is important to note that, beyond the information outlined above, Passport does not capture additional information about end-users and does not share or sell that information with third parties for commercial or marketing purposes. We do not "mine” or “glean” other data from our application.
Passport works on behalf of the municipalities in which we work and the data captured by our solutions are used for providing mobile parking solutions and are not a source of additional marketing or commercial activity by Passport.