Briefcase Icon Business Taxes Icon of a Professional Professional Taxes
Security Center
Privacy Policy

Your Information is Secure with TaxAct

How can I be sure that doing my tax return over the Internet is secure?

A badge that says Safe-Kept Secure Site. SSL 128-bit Encryption.

TaxAct Online follows industry standard best practices to safeguard your personal information. All personal information sent over the Internet is in an encrypted format using Secure Socket Layers (SSL), which means that a computer hacker cannot view or alter the information while it's in transit. When you see a small lock in the bottom right or left corner of your browser window, you know your data is being encrypted for transmission. Your information is safely stored in our secure servers in an encrypted format, behind a corporate firewall.

We also participate in VeriSign's Extended Validation (EV) SSL Certificates. You can look for the Green Address Bar when viewing a secure (https) web page as an easy and reliable way to verify the site identity and security. Only SSL Certificates with EV trigger high-security Web browsers to display your organization's name in a green address bar.

Extended validation examples:

A green address bar on IE browser displaying a secure (https) web page of TaxAct.com
Internet Explorer 10

Firefox browser displaying the secure (https) web page of TaxAct.com
Firefox 31

Chrome browser displaying the secure (https) web page of TaxAct.com
Chrome 37

Trustwave Trusted Commerce

Finally, TaxAct is enrolled in Trustwave's TrustKeeper® remote compliance program to validate compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) supported by all the major credit card associations including: American Express®, Diners Club®, Discover®, JCB®, MasterCard® International, Visa® International and Visa® USA. Being PCI DSS compliant means we adhere with the following requirements:

Goals PCI DSS Requirements
Build and Maintain a Secure Network
  1. Install and maintain a firewall configuration to protect cardholder data
Protect Cardholder Data
  1. Protect stored cardholder data
  2. Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
  1. Use and regularly update anti-virus software or programs
  2. Develop and maintain secure systems and applications
Implement Strong Access Control Measures
  1. Restrict access to cardholder data by business need to know
  2. Assign a unique ID to each person with computer access
  3. Restrict physical access to cardholder data
Regularly Monitor and Test Networks
  1. Track and monitor all access to network resources and cardholder data
  2. Regularly test security systems and processes
Maintain an Information Security Policy
  1. Maintain a policy that addresses information security for all personnel

How can I be sure that this web site is TaxAct's authentic web site?

As an Internet user, you want to ensure that the company web sites you visit on a regular basis are indeed authentic, and not the work of some impostor trying to deceive you into divulging your confidential passwords or other information. By clicking on the VeriSign Seal on the right, you can be confident that this is indeed the authentic site for TaxAct, and that any information exchanged while working on your online tax return is protected against interception and tampering by state-of-the-art encryption technology.

What does encryption mean?

Encryption is the process that ensures your personal information cannot be read or manipulated by an unauthorized party during transit. Data you send from your PC is encrypted (scrambled) before leaving your computer and is not decrypted (unscrambled) until it reaches our computers. The same goes for information travelling in the other direction, i.e., from us to you.

What's a firewall?

A firewall manages communications between a computer located within a private network and a computer located outside of it. The firewall acts as a gatekeeper to protect TaxAct Online's internal network from unauthorized access.