Data Security in the Gun Industry

In August 2020, datasets containing over 240,000 records of the Utah Gun Exchange website were posted openly on a popular hacking forum. While the stolen databases didn’t contain any financial records, they did contain email addresses and hashed passwords.

Many people hope and even believe that a data security breach won’t happen to them. The reality is that a data breach can happen to almost anyone and when it occurs, the ramifications are widespread. That’s why it is essential for firearms dealers to use security-centric software that focuses on complying with ATF security regulations.

Firearms sales grew at an unprecedented pace in 2020, and still aren't slowing down. In addition to brick and mortar sales, more and more firearms dealers bring their products online. Whether on or offline, firearm sales must be compliant with state and federal laws, including data storage and security.

At Bravo, we believe that data security is the most important issue facing firearms dealers in 2022 and beyond; in part because the ATF requires it but also because, even in the absence of regulations, your reputation demands it. Since the ATF digital requirements are the minimum standard with which you must comply, let’s take a closer look.

Firearms Acquisition and Disposition Record Storage

ATF Requirements:

  • Transactions must be completed entirely in a digital environment, in accordance with ATF Ruling 2016-2 and Form 4473s must be saved in an unalterable format.
  • Electronically retained Forms 4473 must be downloaded and retained on a device that is located at the licensed premises.

E4473 Features Meet & Exceed:

  • E4473 operates with a five-star security protocol, including document encryption, storage encryption, and two-factor authentication.
  • E4473 offers the ultimate solution, capturing customer data, and storing the information securely on our remote servers, in addition to the digital copy on the licensed premises.

Data Security

ATF Requirements:

  • A filter or wall must be created to make sure that Form 4473s for completed transactions are stored separately from Form 4473s where the transaction was not completed.
  • Each licensee must maintain its stored e-Form 4473 on a separate/partitioned database that cannot be intermingled with another licensee’s.

E4473 Features Meet & Exceed:

  • Our 24/7 monitoring service is included with each of our digital storage packages to protect against attacks.
  • All data, for every E4473 user account is stored within a secured, separate database so that data from separate accounts can’t be intermingled.

Data Backup

ATF Requirements:

  • The system must back up its stored Form 4473s upon the completion of a transaction. When a transaction is stopped before completion, the system must save the partially complete Form 4473.
  • The storage system must back-up the stored e-Form 4473 on at least a daily basis to protect the data from accidental deletion or system failure.

E4473 Features Meet & Exceed:

  • Our databases are backed up on a daily basis.
  • During the completion process, the E4473 intake system prompts users to click “Save & Close.” If a user cancels, they’ll get the following warning, “You’re about to cancel, are you sure?”

E4473 uses many layers of high level security to validate and verify that your data is protected. Using E4473 to complete Form 4473  ensures that you are both fully compliant with ATF regulations and secure from criminals who want to steal your data.

Bravo's E4473 is the first solution to offer FFLs unmatched data security now and into the future. When you use E4473, data security is one thing you can check off your list with confidence.