Latest News

How Secure Is Your Printer?

Written by Tarsus Distribution | Feb 28, 2022 10:00:00 PM

Smart devices make your work-from-home environment more intelligent, but this added functionality comes with a potential downside. It’s no secret that internet-connected devices are under heavy siege from hackers. With many office employees working at home, the security of personal and company information needs heightened attention. An easily overlooked potential vulnerability lurks inside every printer and MFP: the consumables cartridge.

How a toner cartridge chip works

"Printer cartridges come equipped with embedded integrated circuit (IC) microcontroller chips that contain code that enables them to communicate with the printer and perform essential functions. Without tight control over the origin of the chip and its coding, as well as safeguards against tampering with the cartridge at every step of its lifecycle, customers’ devices and networks could be at risk." Drikus van der Walt, Business unit manager, Tarsus Distribution

It has become increasingly clear that all network endpoints – printers and MFPs included –need to be strengthened against potential attacks.

How to protect your printer

Be sure only to buy cartridges from reputable brands. Well-known and respected companies put a lot of time and effort into making their devices secure.

With HP, for example, at every step of the design, production and supply chain process for original office cartridges, security is built in. HP has always taken cybersecurity threats seriously and has designed its devices to be among the most secure in the industry.

To protect users, chips in original HP office printer cartridges contain tamper-resistant, proprietary HP firmware which cannot be modified by third parties after production and helps reduce the risk of malicious code entering the cartridge chip.

The company uses secure “smart card” technology chips – the same chip technology used in credit and debit cards – that authenticate and then allow information to be transferred back and forth between the printer and the chip securely. Non-HP chips may use general-purpose microcontrollers, which can be vulnerable to reprogramming or the introduction of malware code.

When it comes to packaging, specialised construction designs and glues contribute to tamper-resistant packaging. HP adds further security with a tamper-evident label on the tear strip and a zip-strip sealed inner package. The box cannot be re-sealed once opened. If the cartridge box has been tampered with, the box may very well contain a non-original cartridge, a counterfeit cartridge, chip of unknown origin containing malware or worse.

HP is also vigilant about recognising and mitigating security risks in the supply chain to help reduce the chance of malware entering the chip.

You get what you pay for

Non-original third-party cartridges from aftermarket providers can not only cause damage to your printer, but they also void the printer warranty.

When a company remanufactures or refills a cartridge it may or may not reuse the original HP chip. If an original chip is reused, when a remanufactured or refilled cartridge is placed into the printer, the chip recognises that the cartridge was refilled and communicates to the printer and the user that the cartridge is no longer original. This is important because not all remanufactured or refilled cartridges are clearly marked and packaged to indicate that they are no longer original cartridges.

When buying cartridges off the Internet, some websites do not make it entirely clear whether a cartridge is an original or not. When the unalterable HP chip communicates to the user that the office cartridge is no longer original, this helps the user to be assured that what they got is what they intended to purchase.

Some remanufactured or refilled cartridges and all newly built imitation cartridges use non-HP chips with programs that have not been written by HP. They are not secure.

Using original cartridges will help protect the integrity of your office systems and prevent malicious attacks.

ENDS