The standard for the security of toll road payment systems has just been updated.
No electronic system is free from the threat of hacking, including your local tollbooth. Attacks on electronic fee collection (EFC) systems can result in anything from lost revenue to personal data being leaked. None of this is desirable, which is why the standard for their security is regularly revised. The latest version has just been published.
ISO 19299, Electronic fee collection – Security framework, defines an information security framework for all aspects of an EFC scheme, featuring a set of security requirements and associated measures.
The latest version includes updated data protection considerations to align with the European Union’s General Data Protection Regulation and additional requirements and measures for the use of common payment media.
The standard also features an extensive list of potential threats to EFC systems that can be used for a threat analysis to identify relevant security requirements.
ISO 19299 was developed and updated by ISO technical committee ISO/TC 204, Intelligent transport systems, whose secretariat is held by ANSI, ISO’s member for the USA. It can be purchased from your national ISO member or the ISO Store.