Security and Compliance

A photobooth kiosk lives in a public space and handles money, customer photos, and sometimes customer email addresses. This section covers what BoothIQ does for you automatically, what you should do as an operator, and what to tell customers if they ask about their data.

Articles in this section

Admin account best practices. Strong passwords, recovery PINs, separating Master from User accounts.
The master password system. Single-use emergency access for when normal login fails.
Data and privacy. What's stored on the kiosk, what's synced to the cloud, what happens to customer photos.
Physical security. Securing the kiosk hardware itself.

Who this section is for

Every operator should read Admin account best practices at minimum. Operators in regulated venues (events with minors, corporate clients with NDAs, government venues) should also read Data and privacy.

Quick rules to live by

Never give the default admin / admin123 password to anyone. Change it immediately on first login (see First login and password).
Do set up the recovery PIN. It's the difference between a 5-second password reset and a support call.
Don't share one admin account between multiple staff members. Create separate accounts at the User access level.
Do sign out of admin (Exit Admin button) when you're done. Never leave the booth in admin mode unattended.

Next steps

For the technical details of the licensing and master password systems, see the developer documentation.