Your information is secure with TaxACT

TaxACT Online follows industry standard best practices to safeguard your personal information. All personal information sent over the Internet is in an encrypted format using Secure Socket Layers (SSL), which means that a computer hacker cannot view or alter the information while it's in transit. Your information is safely and securely stored in our secure servers in an encrypted format, behind a corporate firewall. We follow all best practices for data security, and are certified in the Payment Card Industry (PCI) Data Security Standard.

As an Internet user, you want to ensure that the company web sites you visit on a regular basis are indeed authentic, and not the work of some imposter trying to deceive you into divulging your confidential passwords or other information. By clicking on the VeriSign Seal on the right, you can be confident that this is indeed the authentic site for TaxACT, and that any information exchanged while working on your Online tax return is protected against interception and tampering by state-of-the-art encryption technology.

2nd Story Software is certified in AmbironTrustWave's TrustKeeper® remote compliance program to validate compliance with the Payment Card Industry (PCI) Data Security Standard supported by all the major credit card associations including: American Express, Diners Club, Discover, JCB, MasterCard International, Visa International and Visa USA.

Encryption is the process that ensures your personal information cannot be read or manipulated by an unauthorized party during transit. Data you send from your PC is encrypted (scrambled) before leaving your computer and is not decrypted (unscrambled) until it reaches our computers. The same goes for information travelling in the other direction, i.e., from us to you.

A firewall manages communications between a computer located within a private network and a computer located outside of it. The firewall acts as a gatekeeper to protect TaxACT's internal network from unauthorized access.

The secure socket layer protocol (SSL) is the standard mechanism used across the industry for establishing the appropriate level of encryption between computers before secure communications can truly begin. Two versions of this technology exist, SSL2 and SSL3, with SSL2 being the earlier version of this technology.

Yes. Your role is an important one. It consists mainly of these common-sense rules:

• Never divulge your password to anyone.
• Never let anyone watch you type in your password.
• Do not leave your PC unattended while signed on to TaxACT.

There are two levels of encryption commonly available on the market today: 40-bit and 128-bit encryption. While both types offer a level of protection high enough to use with your Online tax return, 128-bit offers a far higher level of encryption than 40-bit. You can download both types from the Internet.

In order to provide even greater protection of your personal information, as of October 1, 2005, we will require you to use a browser with 128-bit encryption.

The difference lies in the size of the "key" used to encrypt or scramble the information. Mathematically speaking, 128-bit encryption is 2 to the 88 times stronger than 40-bit. Expressed as a number, 128-bit encryption is 309,485,009,821,345,068,724,781,056 times stronger than 40-bit. It's very costly and impractical for any one in the world today to break 128-bit encryption.

However, 40-bit is still very powerful. To give a practical example, Netscape reports that a French graduate student, using 112 computers, each simultaneously testing approximately 800,000 keys per second, needed slightly over 7 days to "crack" one 40-bit encrypted message. No small effort to break something which the cryptographic community doesn't consider "strong" encryption!

For Internet Explorer, go to "Help" and click "About Internet Explorer". Depending on the version you're using, it will either say "Domestic" or "International", or "128-bit" or "40-bit" encryption (Domestic means 128-bit, and International means 40-bit). Or, it may show the "Cipher Strength" directly.

For Netscape, go to "Help" and click "About Communicator" or "About Netscape", whichever is on the Help menu. To the right of the "RSA" image, it will say "This version supports U.S. security..." (which indicates 128-bit encryption), or "This version supports International security..." (which indicates 40-bit), or "This version supports high-grade (128-bit) security", or a similar message to the previous one containing the "(40-bit)".