According to IRS Publication 1345 1 , Providers shall implement an effective challenge-response protocol (e.g., CAPTCHA) to protect their web site against malicious bots. Is SmartVault required to implement this technology?
No.
Why Not?
SmartVault does not have the functionality to e-file. The purpose of deploying CAPTCHA or similar solutions is ‘to protect Web sites against malicious bots.’ This protection is to detect and prevent attempts at automated bulk submissions of fraudulent tax returns 2. SmartVault stores Taxpayer information.
What IRS third party applicable Standards does SmartVault comply with?
The IRS* has the following security, privacy and business standards:
- Extended Validation SSL Certificate – SmartVault complies with standard
- External Vulnerability Scan – SmartVault complies with the standard
- Information Privacy and Safeguard Policies – SmartVault complies with the standard
- Web site Challenge-Response Test – Not applicable
- Public Domain Name Registration – SmartVault complies with this standard
- Reporting of Security Incidents – SmartVault complies with this standard