The communication between the MFP and a web browser is exposed to the risk of unauthorized viewing and modification.
To protect confidential information when sending or receiving personal data or sending confidential scan files using Extended JavaScript, be sure to encrypt data communications and check that the server is a website whose authenticity can be validated.
Check that the communication path is encrypted
You can check the URL address to see if the communication path is encrypted.
If the communication path is encrypted, the URL starts with "https" and the color of the URL bar changes.
Check that the connected website is legitimate
To check that the connected website is legitimate, check the site's URL address at the top of the screen.
Even if the connected website is encrypted, check the following in the website's server certificate to judge that is it is legitimate.
The certificate was issued by a CA (certification authority).
The URL of the website to which the certificate was issued matches the URL displayed at the top of the screen.
The certificate has not expired.
For details about how to display a server certificate, see Displaying the Server Certificate.
If the connected website has a security problem, a message may appear. If the message “This site has a security problem.” appears, we recommend that you do not browse the website.