PCI fax

Some customers, such as banks, credit card companies, hotels and more, are required to follow PCI guidelines within their communications as they transmit credit card data. Customers who require additional security on their account can use InterFAX's PCI compliant service regardless of the content in their faxes.

The PCI service is located on a different sub-system at InterFAX called PCI switch. InterFAX actively secures the information passing through our PCI environment using PCI regulated methods.

You must be migrated to the PCI switch in order to use our PCI-compliant service. This may require an additional cost.

PCI inbound flow

To enable the secure inbound service, or if you would like to switch from a regular inbound service to the PCI service, contact Support or your Account Manager to set it up.

Inbound faxes are received on a PCI certified fax server. The fax is received on the fax server in a compliant encrypted folder. When the fax is completed, it is uploaded to Amazon S3 service in a secure bucket. The metadata of the fax is then saved on the main data center and is available in the user portal.

The customer may receive a notification by email with a link to the fax that can be viewed in the user portal. The faxes may be retrieved by a dedicated API that runs on the secure environment:

  • Our SOAP endpoint is https://ws-sl.fax.tc (this is a different API endpoint than our regular web service). You can find the documentation for the SOAP PCI outbound web service here.

  • Our REST endpoint is https://rest-sl.interfax.net (this is a different API endpoint than our regular web service). You can find the documentation for the REST PCI outbound web service here.

PCI outbound flow

To enable the secure outbound service, contact Support or your Account Manager.

With our Outbound PCI fax service, faxes are sent through a separate, hardened sub-system that has undergone rigorous compliance testing.

To submit PCI faxes, you can use our PCI compliant APIs. InterFAX offers both SOAP and REST APIs which are PCI compliant:

  • Our SOAP endpoint is https://ws-sl.fax.tc (this is a different API endpoint than our regular web service). You can find the documentation for the SOAP PCI outbound web service here.

  • Our REST endpoint is https://rest-sl.interfax.net (this is a different API endpoint than our regular web service). You can find the documentation for the REST PCI outbound web service here.

Once the fax is submitted by one of the methods above, the fax is processed on the PCI environment and submitted through one of the fax servers that are PCI compliant. The metadata of the fax is saved on the main data center and is available in the user portal.

Note: PCI outbound faxes cannot be sent by email.

Note: The outbound fax images are not saved into our system. The Delete image after completion option for sending faxes will be enabled automatically and cannot be disabled.

Note: Feedback email is not available in the PCI environment for outbound faxes. You can use the web callback option or retrieve the fax information via API.