Your Information is Secure with TaxAct
How can I be sure that doing my tax return over the Internet is secure?
TaxAct Online follows industry standard best practices to safeguard your personal information. All personal information sent over the Internet is in an encrypted format using Secure Socket Layers (SSL), which means that a computer hacker cannot view or alter the information while it's in transit. When you see a small lock in the bottom right or left corner of your browser window, you know your data is being encrypted for transmission. Your information is safely stored in our secure servers in an encrypted format, behind a corporate firewall.
We also participate in VeriSign's Extended Validation (EV) SSL Certificates. You can look for the Green Address Bar when viewing a secure (https) web page as an easy and reliable way to verify the site identity and security. Only SSL Certificates with EV trigger high-security Web browsers to display your organization's name in a green address bar.
Extended validation examples:
Microsoft Edge
Firefox 100
Chrome 101
Finally, TaxAct is enrolled in Trustwave's TrustKeeper® remote compliance program to validate compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) supported by all the major credit card associations including: American Express®, Diners Club®, Discover®, JCB®, MasterCard® International, Visa® International and Visa® USA. Being PCI DSS compliant means we adhere with the following requirements:
Goals: Build and Maintain a Secure Network
PCI DSS Requirements
1. Install and maintain a firewall configuration to protect cardholder data
Goals: Protect Cardholder Data
PCI DSS Requirements
2. Protect stored cardholder data
Goals: Protect Cardholder Data
PCI DSS Requirements
3. Encrypt transmission of cardholder data across open, public networks
Goals: Maintain a Vulnerability Management Program
PCI DSS Requirements
4. Use and regularly update anti-virus software or programs
Goals: Maintain a Vulnerability Management Program
PCI DSS Requirements
5. Develop and maintain secure systems and applications
Goals: Implement Strong Access Control Measures
PCI DSS Requirements
6. Restrict access to cardholder data by business need to know
Goals: Implement Strong Access Control Measures
PCI DSS Requirements
7. Assign a unique ID to each person with computer access
Goals: Implement Strong Access Control Measures
PCI DSS Requirements
8. Restrict physical access to cardholder data
Goals: Regularly Monitor and Test Networks
PCI DSS Requirements
9. Track and monitor all access to network resources and cardholder data
Goals: Regularly Monitor and Test Networks
PCI DSS Requirements
10. Regularly test security systems and processes
Goals: Maintain an Information Security Policy
PCI DSS Requirements
11. Maintain a policy that addresses information security for all personnel
How can I be sure that this web site is TaxAct's authentic web site?
As an Internet user, you want to ensure that the company web sites you visit on a regular basis are indeed authentic, and not the work of some impostor trying to deceive you into divulging your confidential passwords or other information. By clicking on the VeriSign Seal on the right, you can be confident that this is indeed the authentic site for TaxAct, and that any information exchanged while working on your online tax return is protected against interception and tampering by state-of-the-art encryption technology.
What does encryption mean?
Encryption is the process that ensures your personal information cannot be read or manipulated by an unauthorized party during transit. Data you send from your PC is encrypted (scrambled) before leaving your computer and is not decrypted (unscrambled) until it reaches our computers. The same goes for information travelling in the other direction, i.e., from us to you.
What's a firewall?
A firewall manages communications between a computer located within a private network and a computer located outside of it. The firewall acts as a gatekeeper to protect TaxAct Online's internal network from unauthorized access.