Transmitting Confidential Data Through Cyberspace — Is It Safe?
By Jesse Rivera, CEO at New Vista Solutions
Data hacking has become all too common in recent years. We are constantly reminded that our personally identifiable information (PII) is vulnerable and accessible to hackers and identity thieves, even in the most trusted hands.
So the big question for lenders — how do you provide the convenience that your customers demand without compromising their confidential data that’s being transmitted over the Internet and fax lines?
Should consumers be concerned about sending their social security number and other sensitive information electronically? How do we as a society combat the cyber criminals without sacrificing our love affair with speed and convenience?
First, let’s look at the most common methods of transmitting confidential documents and information today.
We all rely on email as a convenient means of communicating and sharing information — but is it safe? Unfortunately, the answer is no. There are studies that show seven out of ten mortgage lenders use unsecure email to acquire borrower information during the loan approval process.
When an email leaves an email provider’s server, it bounces around the Internet passing through an undetermined number of servers before landing at its intended destination. It’s impossible to know who has access to those servers.
What about encrypted email? This is no doubt a higher level of security, but there’s one problem. The email must be encrypted before it leaves the sender’s computer and it must remain encrypted all the way to its recipient. Even though the sender might go to great lengths to set up encryption protocols, it’s not possible to ensure that the recipient has done the same.
There are dozens of applications available that are designed to send electronic data in a secure email environment — aka “secure email” — but most require the recipient to download software and then create a password to access an email. Consumers are usually turned off by this regimen — just too many hoops to jump through.
In short, sending confidential data via email is risky at best. It can be intercepted at any point along its path and can easily fall into the wrong hands.
The traditional fax machine is rapidly becoming obsolete, but it’s surprising how many businesses still use them regularly. Most individuals don’t have them in their homes, so sending a fax means heading over to the nearest Office Depot — another inconvenience for the consumer.
Fax lines are not only vulnerable to malicious interception, but they are also extremely susceptible to human error. A wrong destination fax number entered by the sender can transmit private documents to an unknown recipient.
The location of the recipient’s fax machine is also an unknown. Most businesses have departmental fax machines sitting in open areas where anyone can read the incoming documents. And the documents are easy to alter and re-copy.
ONLINE FAX SOFTWARE
While this method of faxing is much more secure than using a traditional fax machine, it still utilizes the Internet to transmit documents — so we’re back to the same vulnerability as email.
WHAT CAN LENDERS DO TO STEP UP THEIR CYBERSECURITY GAME?
Government regulations and compliance laws have plenty to say about how lenders should handle personally identifiable information. Information Security processes and procedures are front and center in any organization that deals with sensitive personal data. So how does the lending community make sure they’re going the extra mile for their customers?
Although it’s a daunting task to protect confidential data during transmission from sender to recipient, there are steps that can be taken within an organization that will protect the data once retrieved.
One option is ‘data masking’. This process utilizes software that creates a fictitious yet realistic version of the sensitive data that can be used for internal testing and user training. The confidential data is protected while IT personnel and product development teams have a functional substitute to work with. The less sensitive data is moved and manipulated, the less likely it is to be compromised.
Application Programming Interfaces (APIs) offer another means of protecting consumer data. Some lenders are entering into partnerships with third-party service providers to create API data portals to ensure a secure environment for data transmission. The portal provides a secure ‘read only’ connection for data to be retrieved from a consumer’s account without involving user names and passwords. This allows the customer to share data with third parties without giving up login credentials.
Innovation and technology will continue to produce new and more effective ways to protect our data. As of this article writing, a new product is rolling out that could change the way we transmit confidential information. Some call it the “Snapchat for document transmission”. This product offers end-to-end encryption and doesn’t save or store the documents or images being transmitted.
New Vista Solutions (NVS) is working with the provider of this product, and will soon add it to the NVS suite of services. This application allows lenders to send a link to a borrower via email or text message. The borrower then clicks on the link from a computer or mobile device, selects a file or image, and hits SEND. The lender receives the file with a time and date stamp, secure and encrypted. No email, secure portals or FTP transfers. And the data isn’t stored anywhere…ever.
One thing is certain — the need for more robust security measures to keep our data safe isn’t going away. New technology will continue to emerge as software developers strive to meet the demand. The biggest challenge for lenders might be as simple as keeping up with best practices. Constant review of internal security processes is a must. It’s no longer a matter of if a security breach will occur, but when.
New Vista Solutions is a leader in centralized platforms designed for the mortgage industry offering best in class customer service along with quick, easy-to-use access to a full suite of settlement services and products. NVS utilizes the best providers in addition to centralized ordering, customer service, contracts and invoicing.
Products and Services include:
Property Tax Searches
Valuations and Appraisals
Warranty on Residential Evaluations (up to $50K)
Employment and Income Verification
Compliance and QC Products
One order entry platform. One customer service contact. One monthly invoice.
Visit our website at New Vista Solutions.com to learn more.