FAQ for Government Agencies

A: PayIt provides payment processing and customer experience software for state and local government agencies. This enables a resident or customer to complete a government transaction online. We also provide point-of-sale (POS) and interactive voice response (IVR) solutions to complement our digital payments platform for government payments.

A: We serve state, county, and city agencies across the U.S. and Canada. These include North Carolina DMV, Arkansas Game and Fish Commission, cities like Lansing MI, Buffalo NY, St. Louis MO, and counties such as Harris County TX, Jackson County MO, Anoka County MN, and many more. Our client success stories detail outcomes achieved by these and other agencies.

A: We simplify digital customer experience and payments for state and local government agencies. This enables a state or local government agency to shift 80% or more of its transaction volume to digital channels, reducing paper processes, reducing reconciliation time from days to minutes, and shortening wait times in offices by 40% or more. Our platform sees a 98% transaction success rate, and we handle customer support for the 2% of residents who need it. Agencies reduce paper, printing, and postage costs, mail and check processing costs, human errors, and improve security as more residents adopt digital channels.

A: Supported services include property tax, courts, citations, utilities, driver and vehicle services, hunt/fish licensing, permitting, business filings, tolling, and more. Our clients include county and city tax assessors, commissioners, and collectors, heads of natural resource agencies, public utilities, county and city treasurers, DMV leaders, clerks of court, and IT organizations, to name a few.

A: Our platform is most often priced based on payments volume, but some clients prefer a traditional software subscription. We do not charge for implementation, integrations, additional features, or for changes in a client’s setup. Our pricing model does not have hidden costs.

A: Yes. We are available in AWS Marketplace, and we participate in NASPO, Omnia (NCPA), and statewide contract vehicles such as CMAS (California), NY Office of General Services, NCDIT, Massachusetts Statewide, and more.

A: The contracting government agency retains full ownership of all data, which can be exported in standard formats at any time. Our privacy policy details what information we collect, store, and the circumstances in which we retain, share, or destroy it.

A: We maintain SOC 1 Type 1 and SOC 2 Type 2 certifications, PCI DSS Level 1 compliance, and are ISO 27001 and 27018 Certified. PayIt’s Processing Platform is hosted in Amazon Web Services (AWS), specifically in the GovCloud instance. AWS GovCloud undergoes a rigorous annual audit schedule that includes SSAE-18 SOC 1, 2, and 3 audits; a PCI-DSS Level 1 Service Provider assessment; and ISO 9001, 27001, 27017, and 27018 audits.

A: All data is encrypted at rest and in transit using industry-standard protocols.

PayIt uses industry-standard encryption algorithms for data at rest (AES-256). Databases used in transaction processing are encrypted, and the symmetric keys are stored within AWS’ centralized key management system. No customer data is stored, processed, or transmitted outside of AWS.

PayIt uses industry-standard encryption algorithms for data in transit (TLS 1.2 and above). All connections, including those used to facilitate file transfers, administrative sessions, client and partner API integrations, and citizen interactions via web applications, into the processing platform are encrypted, and are protected via strong, granular access control mechanisms. PayIt has several controls built into its Processing Platform in order to monitor for, identify, and block the transmission of sensitive data outside of approved channels.

All network calls to the PayIt Platform are logged and stored for analysis. All logs will be kept for a minimum of one year. All logs will be kept in a system that is separate from the main production data set.

A: Sensitive information is tokenized and never stored in plain text. Any data categorized as PII as defined by NIST Special Publication 800-122 is encrypted in flight and at rest. PayIt complies with all state, provincial, and federal privacy requirements in the United States and Canada.

A: Many projects launch in 90 days or less, while some projects can take several months. How long an implementation takes depends upon a variety of factors, including the complexity of integrating with a client’s system of record, client response times, the use case(s) included. In general, county and city solutions launch more quickly than state-level solutions. 

Our Outdoors projects have an extended implementation period, as our Outdoors platform is both a resident-facing front end and the system of record for conservation agencies, and these implementations typically require significantly more customization than other projects.

Our process uses Agile methodology, emphasizing iterative development and rapid deployment. By incrementally developing, troubleshooting, testing, and incorporating agency feedback, client stakeholders identify process optimizations during development, when adjustments are most efficient. This results in the rapid development and implementation of a successful solution configured to meet the agency’s unique needs and workflows while minimizing the time required of agency staff.

A: Yes, we provide APIs and pre-built connectors for common government systems. We have integrated with systems from Tyler Technologies, NIC, Rejis, Grant Street Group, Fast Enterprises, Oracle, BS&A, Farragut Systems, Thomson Reuters, and more. We have never encountered a system of record that we could not build an integration to, whether it was self-built or provided by a vendor. Some of the systems we have integrated with are 20+ years old.

PayIt securely integrates using APIs, web services, batch interfaces, direct integration, or a combination of methods. Our integration layer ensures the most reliable, secure, and real-time access to information and facilitates processing of requests and transactions. Our primary approach is to use or build a REST or SOAP web service interface, or use a public API as the entry point for integrations. With an API integration, transactions are corroborated with back-office systems of record in real-time. All transaction processing is done via a secure gateway that is managed by PayIt. 

We can leverage a wide variety of methods to transfer data, including using comma delimited files and XML to ingest data. We can also export data in a variety of formats, including but not limited to comma delimited text, HTML, XML, XLSX, and PDF. Integrations can also be configured to use webhooks. The integration architecture is determined during the early stages of the implementation process, then configured and tested prior to final solution deployment.

We integrate with any back-office or third-party system, from COBOL-based legacy systems to the most modern cloud applications. We have developed modern API layers on top of legacy systems and phased in database modernization. We also have significant experience in wholesale database conversions; including transitioning large systems with nondescript database tables to properly normalized types, and managing the migration of tens of millions of records in each table.

A: Yes, PayIt supports single sign-on (SSO) using SAML 2.0 or OIDC, allowing integration with all major identity providers such as Azure AD, Okta, and Google Workspace. In addition, PayIt can also act as an identity provider, making it easy to extend secure login across your existing systems and applications.

For residents, PayIt Login offers the option to use an email username/password, as well as Google, Apple, and Facebook login options. Email-based multifactor authentication is included.

A: Agencies receive 24/7 technical support via phone, email, and ticketing, plus a Client Success Manager who helps ensure value realization from our platform. All support requests originating from the client are handled in concert between the Client Operations team and the assigned Client Success Manager and are addressed accordingly:

• Priority Level 1: Same-day transaction troubleshooting; system failure; platform downtime; or other issues which require same-day business resolution. Resolution SLA is 24 hours.
• Priority Level 2: Previously processed transaction troubleshooting or other issues which do not require same-day business resolution. Resolution SLA is 72 hours.
• Priority Level 3: All other user or platform issues. Response SLA is 48 hours; resolution depends on the nature of the request.

A: PayIt provides training at no expense as part of the Rapid Launch implementation process. 

For end-users, the PayIt solution is intuitive and easy to use (over 98% of transactions are completed the first time without the need for support), and is simple for agency staff users to understand and operate.

Each agency’s solution is slightly unique based on business rules and operating efficiencies, so we train staff to the client’s solution. Training courses are typically offered via video conference or in person before the solution is deployed. For Outdoors projects, training for retail license agents and other stakeholders is also provided during the onboarding process.

A: We provide end-user support via phone, chat, and email. Customer service agents are available during regular business hours in the client’s location. We resolve 90% of resident inquiries in the first interaction. We also create and maintain help center websites to help residents self-serve when appropriate. These sites are specific to each client and include a library of FAQ articles to help residents navigate the PayIt solution – and can include content for common inquiries directed toward the government agency as well.

A: We notify agency staff of any downtime instance through agreed-upon channels, typically via email and phone. Constituents are notified of scheduled downtime with a banner prominently displayed on the login screen which indicates the time and duration of the downtime instance, as well as on the platform help center, if necessary. Unscheduled downtime instances are also communicated in this manner, as soon as a downtime instance affecting a user’s ability to complete a transaction is identified. All unplanned outages undergo a root cause analysis to determine the cause and identify best practices for improvement, and the report is provided to the agency, upon request.

A: Our resident communications team provides marketing services to our clients to help them drive digital adoption. The team designs and executes marketing campaigns, writes copy and builds visual assets, creates brands for government agency programs, and consults on the overall strategy to drive channel shift.

A: Our Engage team partners with our Outdoors clients to support their R3 efforts, consulting on marketing strategies and programs to foster participation and helping to build and execute campaigns in the Outdoors platform CRM.

A: Credit, debit, ACH, Apple Pay, Google Pay. We also offer a hybrid solution for cash payments, in which a resident can use our online platform to make a payment at a convenient local retailer.

A: Yes, residents can schedule recurring payments or opt into payment plans if the government agency offers these features.

A: Yes.

A: Yes, all resident-facing flows are optimized for mobile and responsive across devices.

A: Yes. Guest checkout is available.

A: Yes. Residents who create an account are able to store receipts, documents, and payment methods, sign up for bill notifications and reminders, and see their transaction history. Our account profile also consolidates transactions across government agencies, for example, property tax transactions and DMV transactions can be managed from a single profile.

A: Yes, we support English, Spanish, and additional languages as required by the government agency.

A: Yes, we provide POS and IVR solutions alongside our web platform. Our admin tools consolidate all PayIt channels into a single view for management and reporting.

A: Yes, we can provide email and SMS notifications to residents about bill availability, due dates, payment reminders, and more. We also provide clear guidance for opt-in and opt-out processes.

A: Funds from successfully processed payments (net any ACH failures, pending transactions, or returns) are disbursed within 24 hours of settlement. Funds can settle into any number of merchant accounts based on business rules. PayIt disburses funds via ACH. If there are multiple services, PayIt works with the agency to configure the settlement process for all services based on the business rules and specifications for each service. If necessary, the settlement process can vary for each service.

A: Agencies have access to real-time dashboards, exports, and scheduled reports for reconciliation through ProSight, our admin tool. ProSight provides business intelligence reports and visualizations for an agency’s most important KPIs in customizable dashboards, and administrators with the necessary permissions have 24/7 access to reporting and analytics. Reports can be exported to Excel, CSV, HTML, XML, .tab, and PDF formats. ProSight supports granular permissioning.

A: ProSight, our admin tool, can be used to issue refunds, identify delinquent accounts, manage chargebacks, and create remittance reports. Users can inspect transaction details. ProSight supports granular permissioning.

A: Yes, we comply with or exceed WCAG 2.1 AA and Section 508. PayIt uses programmatic testing at build and runtime in order to validate the web application’s compliance to Section 508 standards. In addition, our applications conform to ADA and WCAG 2.0 specifications by utilizing semantic mark-up, tab order, contrast ratio testing, automated accessibility monitoring at build time, manual accessibility monitoring within the code change process, and continuous accessibility monitoring against both staging and production applications.

A: PayIt adheres to a records retention policy that aligns fully with all pertinent U.S. and Canadian regulations, standards, and contractual requirements. We provide audit logs and configurable retention schedules to meet FOIA/state records requirements. Audit logs include authentication and authorization events within the PayIt platform. They are encrypted and persisted securely within an external, dedicated log aggregation and alerting platform. This architecture ensures the integrity and availability, specifically for investigations, of raw system and application logs. It also ensures that only specific individuals and teams within PayIt, specifically only those with an operational or security need-to-know, have access to aggregated log data and alerting, as per PayIt security policies and standards.