How Secure is Internet Faxing?

Category: Fax

A reader asks: 'I have been using online faxing for about a year, but until now I never really thought about the potential for my fax transmission falling into the wrong hands. Should I be concerned about the security of Internet faxing?'

Online Fax Security

The security of fax transmissions is especially important to healthcare, legal, and financial entities. Even occasional users may wonder if Internet faxing, despite its many advantages, is secure enough to protect their privacy when sending confidential information. The answer is, it depends...

First, let's compare Internet fax security to the security of normal fax transmissions over phone lines. Both are susceptible to eavesdropping and diversion of transmissions, unless special precautions are taken. In the case of Internet faxes, encrypting a digital transmission or uploading it to a fax server over an encrypted Web connection provide sufficient protection against interception of your document. You should make sure that these security features are supported in any Internet fax service you consider.

Faxzero, an online faxing service I recommend, does encrypt all data before transferring it to their fax servers. In addition, their privacy policy states that they will not release personal information (such as your name, fax number or email address), nor information about the people you send faxes to, unless a court order compels them to do so. But once your document is received by the Faxzero server, it must be transmitted over a good old-fashioned telephone line in order to land on that good old-fashioned fax machine that you want to reach.
Online Fax Security

Faxes travel across the public telephone network, and are subject to potential interception by motivated hackers. That's not a weakness in Faxzero, it's just the way traditional faxing works. See my related article Top Online Fax Services for a list of options to help you send or receive faxes over the Internet.

Email-to-fax services can be spoofed, meaning someone can fake your email address in a message header and send faxes in your name. If you pay for Internet fax service that means you may be stuck with someone else's fax bill. A good Internet fax service sends a confirmation email back to the sender's email address with every fax it sends, providing an alert that an unauthorized fax was sent using your account.

Digital Delivery Offers Enhanced Fax Security

Normal faxes end up printed and deposited in a fax machine's receiving tray, where they lie until someone comes to retrieve them. These paper copies are exposed to everyone who has access to the fax machine, and may be accidentally (or purposely) read by people searching for their own faxes in the stack. Email-based Internet fax delivers faxes directly to the addressee's inbox (instead of a fax machine), where it's less likely to be seen by others.

However, if you receive your incoming faxes as unencrypted PDF documents attached to e-mail messages, those attachments are no more secure than the e-mail messages to which they are attached. It's not likely that anyone is intercepting your emails, but it is technically possible. Using a webmail service like GMail or Hotmail that provides the option to turn on encryption via HTTPS solves this problem.

Another security scheme stores received faxes on an online server. An email notice sent to the addressee contains a web link which points to the digital fax document. When clicked, the link opens a Secure Sockets Layer (SSL) connection to retrieve the document and display it in a browser, from which the recipient can save or print a copy. So the faxed document is never exposed on an unsecured Internet connection.

It's hard to control the security implemented by business partners. If you send an Internet fax to a partner's fax machine number, the printout is subject to the security vulnerabilities noted above. If possible, you should get your partners to use a more secure all-digital Internet fax solution such as fax-to-email or the SSL method described above. Hopefully, they're just as concerned with security as you are.

Bottom line, my take is that internet faxing is more secure than using good old-fashioned office fax machines, because encryption is typically NOT used when sending from one machine to another, across the public telephone network. But because encryption is used by online fax services (in at least part of the journey), and faxes can be delivered directly to the recipient's inbox, online faxing is a more secure option.

Do you have something to say about the security of online faxing? Post your comment or question below...

Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Check out other articles in this category:

Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 11 Oct 2012

For Fun: Buy Bob a Snickers.

Prev Article:
Free Online Video Converters

The Top Twenty
Next Article:
Is a Paperless Office Really Possible?

Most recent comments on "How Secure is Internet Faxing?"

Posted by:

11 Oct 2012

The phrase 'unless court order compels them to do so' says it all. If the government wants to look over your shoulder the is nothing that a company can do about stopping them, short of deleting the information and risk going to jail for a long time!

Posted by:

11 Oct 2012

thanks for this! I was wondering when there would be online faxing! I hate fax machines, never know if they went through. Now there's an alternative!

Posted by:

11 Oct 2012

One important point you left out is that even though the fax service may be using SSL, if the data isn't encrypted on the server, then it's very possible that the server could be compromised and all of the faxes exposed. Also, once the fax is sent, if the fax service does not wipe (not just delete) the fax, then the data faces additional exposure if the server is compromised or the server is sold in surplus or the hard drive removed/replaced.

Posted by:

Louis Toscano
13 Nov 2012

Would there be a security risk faxing across VOIP where it is available? My system, Ooma, does not offer it yet.

Posted by:

27 Mar 2013

I couldn't find anything about encryption or security in faxzero's FAQ and their terms of use state " You understand that fax information may be transmitted without encryption over the Internet, telephone network, and other telecommunications networks; and stored on our servers, and is not guaranteed to be private."

EDITOR'S NOTE: Nonetheless, if you view the HTML source code, you can see that the HTTPS protocol is used when submitting the fax form. That means your data is encrypted before going to the Faxzero server. But as I mentioned, the public telephone network which delivers the faxes is NOT encrypted. (Which is really quite analogous to the way email is delivered.)

Posted by:

14 Jun 2014

Your analysis assumes that online FAX services are not mining every word in every FAX and are not using that information for purposes we would not approve of. That is a big assumption.

The danger is not from an outside snooper, but from those who provide the "free" service.

It is much less likely that a real FAX -- FAX machine to FAX machine over hard wire -- will be read by anyone other than someone who has access to the receiving FAX machine.

The requirements by law or by businesses that a FAX be used to protect privacy is clearly based on an assumption that real FAX machines will be used for sending and receiving.

As the world is moving online, privacy is moving out the window. The NSA is nothing compared to what "free" services on the Internet can see and do with our information.

The day is coming when every word, spoken or written by any of us, will be saved in perpetuity and indexed, if they go anywhere near the Internet.

For example, once phone companies are put out of business by free Internet phone services like Google Voice, we will have no option but to use such Internet phone services to communicate by voice at a distance, and the service's voice recognition allows instant transcription, storage in perpetuity, and indexing of every word spoken.

Online FAX services are "the same thing but different" if they result in the demise of real FAX machines (at least at reasonable mass market cost).

Posted by:

10 Oct 2014

Great article Bob. And... excellent, thought-provoking points made by MC. Glad I read this before FAX'ing a confidential document. I don't own a FAX machine. Guess I better head into town for a real FAX machine and not be so lazy!

MC - your comments are very similar to the premise for a TV series I began watching this year: Check out "Person of Interest." Great show.

Posted by:

10 Dec 2015

re: FaxZero
the FAQ says it is encryped, the terms of service say that it may not be ( ).
You understand that fax information may be transmitted without encryption over the Internet, telephone network, and other telecommunications networks; and stored on our servers, and is not guaranteed to be private. Can they be trusted to secure your info?

EDITOR'S NOTE: The FaxZero owner says: "FaxZero faxes are always encrypted while being transferred over the Internet (from the user to our server, and from our server to the backend provider that transmits faxes.) But the information needs to be unencrypted on our server and at the backend server. We can see fax content as a matter of maintenance and support. Also, fax transmission over the telecommunications network (e.g. from the backend provider to the destination fax machine) is by its nature not encrypted."

Posted by:

03 Apr 2017

Thank you very much for sharing such helpful information! Ü/

Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter

Copyright © 2005 - Bob Rankin - All Rights Reserved
About Us     Privacy Policy     RSS/XML

Article information: AskBobRankin -- How Secure is Internet Faxing? (Posted: 11 Oct 2012)
Copyright © 2005 - Bob Rankin - All Rights Reserved