Some users - such as financial service companies and hotel reservation centers - need to send confidential financial data in their faxes - mainly credit card data. These users must remain PCI compliant due to their own compliance restrictions and requirements and as such, all of their providers, such as InterFAX, must be PCI compliant as well (you can read more about PCI compliance).
In anticipation of such requirements, InterFAX has implemented several high security systems and protocols, and suggest that you apply the following measures:
Contact our customer support and convert your services from the InterFAX regular service to the InterFAX PCI service:
- Set your outbound service (for sending faxes) as a PCI compliant service (this is a simple configuration change done on the InterFAX side).
- Close your inbound service (for receiving faxes) and reopen it as a PCI compliant service.
The “Delete after completion” option for sending faxes in InterFAX (which deletes the contents of the outbound fax once processing of the content is completed) will be enabled automatically and cannot be disabled.
For outbound service, use our secure, PCI compliant API. InterFAX offers both a SOAP and REST API which are PCI compliant:
3.1 For SOAP, the endpoint would behttps://ws-sl.fax.tc (you will note that this is a different API endpoint than our regular web service). You can find the documentation for the PCI outbound web service here.
3.2 For REST, the endpoint would behttps://rest-sl.interfax.net (you will note that this is a different API endpoint than our regular web service). You can find the documentation for the PCI outbound web service here.
For inbound service, there is no change in API endpoints, the changes are all internal in InterFAX.
Copy to your records the InterFAX PCI-DSS compliance statement available here.
Make sure that if you are storing fax records (outbound or inbound) which contain credit card information that your system is also PCI compliant (please note that you can store inbound faxes in InterFAX indefinitely, order and tag them and then archive them for storage).