Hackers will generally take anything they can get when it comes to pilfering information, but for cybercriminals who are unaffiliated with hacking groups or foreign governments, the real prize is anything that can be sold quickly. This includes Social Security numbers, online account login information, and especially payment data such as debit and credit card numbers.
Several prominent examples of the latter being stolen have made headlines within the past few years. Target, for example, was breached in late 2013, resulting in the theft of up to 40 million credit card credentials. More recently, Donald Trump’s hotel chain was hacked, putting guests’ payment information at risk of being compromised. And, at the end of October, The Guardian discovered 100 stolen U.K. payment cards being sold online. It goes without saying that every business should make cybersecurity and general best practices for handling sensitive data a top priority. However, any company that handles payment card information should be especially cautious about how they store and transfer this data.
The Payment Card Industry Data Security Standard
“When customers give businesses payment information, they supply them with keys to their money.”
Any and all businesses that handle payment information must abide by a strict set of standards established by the Payment Card Industry Data Security Standard Council. This includes retailers, restaurants, mechanics and maintenance services, and much more. Meeting these standards can mean the difference between a hacked credit card account that results in thousands or even millions in legal damages, and business as usual.
For example, directly emailing payment card information, either in the body of an email or in an accessible attached document, would be in violation of PCI standards. This is because a password is all that would stand between a hacker and his or her loot, and with phishing scams at large, obtaining said password is no longer a very difficult task. In fact, PCI compliance even has recommendations and mandates regarding the transfer of inactive payment account information. It all comes down to the fact that when customers give businesses payment information, they supply them with keys to their money. It is the company’s job to keep these keys safe from exploitation.
How fax solutions help
Like email and other methods for transferring sensitive payment information, fax solutions must also abide by PCI standards. That said, it’s worth noting that in some ways fax services are inherently more secure than simple email attachments or file sharing methods. PCI compliant fax services typically provide end-to-end data transfers, which substantially reduces the likelihood of being intercepted.
Furthermore, PCI-compliant fax solutions, like everything else in the office, have evolved over the years. Fax over IP, or FoIP allows for data transfers over an IP network, much in the same way that VoIP sends data packets containing audio information. Fax servers over IP make it possible to send an online fax, or an email fax over the network. And unlike traditional fax services, FoIP provides end-to-end encryption, so that the information would be secure even if it were somehow intercepted. This transfer can then be accessed via a laptop, tablet, or smartphone through a secure email account, but only by the intended recipient. An additional benefit to PCI compliant fax to email is the fact that payment information can be encrypted and stored in a protected network drive, rather than immediately printed in physical, paper format. This minimizes needless duplication of the information and eliminates the risks involved with having a physical piece of paper that can be misfiled, lost, or stolen.
Most importantly, FoIP abides by PCI compliance and therefore keeps customers’ data safe and sound – and ultimately, customers will only do business with companies they trust.
Enhance enterprise communication, collaboration, and compliance efforts with a proven PCI compliant fax to email solution from FaxCore. Contact FaxCore today to learn more about their ‘Partly-Cloudy’ fax solutions.