Wednesday, August 19, 2009


Metered parking in a high-tech world

I just spent an extended weekend in Montréal (here’s the Picasa album), and one thing I noted is the parking payment system — New York is adopting a similar system.

In some places, they still have the old parking meters (well, for some value of “old”; they’re digital), and I used one of those — you put coins in, and the time on the display increases up to the maximum. When the time runs out, you stand to get a parking ticket.

Montréal parking markers and payment kioskBut in much of the city, at least in the areas where I was, the parking places are marked with numbered poles instead,[1] and there’s a payment kiosk[2] nearby (“Payez—Partez”, pay and leave). You remember your parking-space number, you go to the kiosk, you pay for the time you want, et voilà. I used one of those, as well.

I started thinking, as an engineer does, about the comparative advantages of the two systems. The new system clearly has many advantages for the city. The poles with the parking-space numbers are pretty low-maintenance things, so they don’t have to worry about repairing meters. In fact, the failure mode of those poles is pretty good: because the numbers are consecutive, if a pole is vandalized and is missing or unreadable, it’s easy to infer the space number from the poles nearby. Someone would have to take out a whole block to cause a real problem there. The money, too, is in one box rather than dozens, so it’s easier to collect it. And, because you can pay with a credit card as well as with cash, money isn’t always an issue anyway.

Of course, regular parking meters could also be fitted to take credit cards. That’d be much more expensive — again, putting the necessary stuff into every meter, one per parking space. So it’s not likely that the city would do that. The ability to use credit cards is a real benefit to the user, who doesn’t have to worry about having pockets full of coins, and then finding that the meter doesn’t take dimes, say.

But the interesting thing to me, as a network security guy, is how the new system favors the city and how it can and can’t be attacked.

With the old parking meters, the model was that you rented the parking space for a given time, the remaining time was publicly displayed, and if you left with time still on the meter, well, the next user would benefit from it. It’s a pretty user-friendly system, in that regard.

With the new system, you also rent the space for a given time... but the time you purchased is not displayed anywhere. Your receipt tells you the time of day when your carriage turns into a pumpkin. But it doesn’t tell it to anyone else, and, in particular, when you find an empty parking space you have no idea whether someone still has a lease on it that she’s not using.

And there’s the great advantage to the city: there might be an hour left on the lease, but you have no way to know, so you pay for the hour that you need. The alternative is to risk a parking ticket. And the city now collects double rent for that space — perhaps even triple or more (my gut feeling is that triple is reasonably likely, and the likelihood goes down pretty rapidly from there... but I don’t know).

To attack the system, you’d need to figure the chances that there’s time left, how much remaining time is likely, and how quickly cars get ticketed when they’re in violation. Then you could approximate the expected cost of parking without paying, for various periods of time, and play the odds.

But to throw another wrinkle into it — how do the enforcement officers know when the time expires for each space? They could get it from the kiosk, but perhaps it’s all “online”, and they get it electronically. One can envision a sophisticated system that uses GPS to track the enforcement officer’s position and gives her a ready list of the status of all the parking spaces in the area. It could highlight the ones that have recently paid, so she can visit those preferentially and note what cars are parked there. If she sees a different car parked in the same space with no intervening payment, she’s found a cheater.

We can even imagine that the identification of the cars might be done with image analysis, using a camera that she carries with her. Everything would be recorded on her little computer tablet — which might well double as a way to write tickets, if it comes with a portable printer built in.

I don’t actually know how the detection and enforcement is done, but it’s fun to speculate on how such a system might work. If we added detectors that could tell when a car enters or leaves a parking space, it might be very difficult, indeed, to get away without paying.

[1] As you can see in the photo (click to enlarge), the markers often double as hitching posts for bicycles, which are used a great deal in the city.

[2] The kiosks are solar powered.


The Ridger, FCD said...

I just got back from Seattle where they have a similar situation. When you pay, you get a ticket you stick on the window of your car. That lets the parking officers know, and anybody else, too. I got a snapshot of a car: it's here .

Barry Leiba said...

Yes, I've been to places where you put a payment receipt in the window or on the dashboard. That makes it harder to cheat if you're not prepared, but you can make fake ones very easily. Unless they use some other mechanism to detect cheating, someone who comes prepared can defeat that system completely.

The Ridger, FCD said...

We obviously think very differently. Faking a parking receipt would never occur to me, especially not as something I could do "very easily".

Thomas J. Brown said...

It seems to me that another way to attack the system is with a sledgehammer. Of course, at that point, I think your goal is a little different...

Barry Leiba said...

Right, that wasn’t the sort of “attack” I had in mind.

On the other hand, you bring up a point: taking a sledgehammer to a meter only affects one meter; with the kiosk system, taking down one kiosk has a much greater effect.