At TaxTank, we prioritise security to provide our users with the highest level of assurance. Our comprehensive security framework encompasses various measures to protect your data and ensure the integrity of our platform.

Here are the key components of our security framework:

We have integrated GitLab DevSecOps into our development process to provide real-time security solutions. This integration offers several benefits:

Our platform undergoes continuous vulnerability scanning, allowing us to identify and address vulnerabilities in real time.

Automated security testing is incorporated into our development pipeline, ensuring that security checks are part of every code change and update.

We adopt a “security as code” approach, embedding security in our development process to reduce the likelihood of vulnerabilities.

All our servers are hosted on secure, private infrastructure. The use of private servers provides numerous benefits:

Private servers offer a higher level of data privacy and protection compared to public cloud solutions.

We have full control over server configurations, security policies, and access, allowing us to tailor our security measures to meet specific requirements.

Private servers are less susceptible to public-facing vulnerabilities, reducing the risk of external threats.

We are committed to data sovereignty and ensure that all user data is stored within Australia. This has several advantages:

Storing data within Australia ensures compliance with local data protection and privacy laws, including the Privacy Act.

Local data storage typically results in faster access and better performance for Australian users.

Data stored locally is subject to Australian data protection regulations, providing an added layer of security and accountability.

We employ robust encryption protocols to protect data both in transit and at rest. This includes the use of SSL/TLS for data transmission and encryption mechanisms for data storage. User data is encrypted to prevent unauthorised access.

Access to the TaxTank platform is tightly controlled. We implement role-based access control (RBAC) to ensure that only authorised personnel can access and manage the system.

Users have the convenience of logging in using their Google or Facebook accounts, ensuring a seamless and secure login process.

In the event of a security incident, TaxTank has a well-defined incident response plan in place. This plan allows us to react swiftly, minimise impact, and ensure transparency and communication with affected users.

TaxTank is fully compliant with open banking regulations and provides all required functionality as per the Consumer Data Right (CDR) regulations. This includes the important feature of allowing users to delete their bank data, ensuring complete control and data privacy.

Open Banking is a carefully regulated government initiative which can only be used by Accredited Data Recipients (ADR) registered with the ACCC.

When sharing financial data, a consumer is not required to disclose their login and password details to the ADR (as they log in via the interface of the financial institution).

We use an Australian based aggregator to give Basiq permission to connect to your bank. We collect information required by the provider of your account or service, such as your login information, transactions, account numbers, and balances as well as general identity data including names and email addresses. This allows you to gain access to powerful financial services and tools and speeds up identity and account verification.

Basiq provides a read-only service, in other words, we can report on your accounts and transactions, but we can’t make any payments or transfers – so your money is secure. Full control: Consumers also have full visibility of who they have consented to sharing the financial data with, for what purpose and for what duration, with the ability to revoke consent at any time.

MFA within the open banking framework facilitates a seamless and user-friendly experience. Once consumers have authorised a trusted ADR, they can enjoy a streamlined and uninterrupted delivery of bank transactions.

At TaxTank, we are committed to providing a secure and reliable platform for our users. Our security framework, which includes the integration of GitLab DevSecOps, private servers, data storage in Australia, and various other security measures, is designed to deliver the highest level of assurance. We continually adapt and enhance our security practices to stay ahead of emerging threats and protect your data.