The secrecy and confidentiality of taxpayers' information
are our utmost concern.
We have taken the following security measures:
1.
The eTAX System, including Business Tax Portal (BTP),
Individual Tax Portal (ITP) and Tax Representative
Portal (TRP), has been designed and will be reviewed
with reference to the latest best practice for
Information Security Management as defined by ISO 27001
and ISO 27002.
2.
IRD's eTAX Services, including BTP Services, ITP
Services and TRP Services, are operated in a secure site
that use Transport Layer Security (TLS) encryption
technology - a well-proven industry standard for
encryption to ensure both confidentiality and integrity
during data transmission over the Internet. All personal
data provided to the IRD via eTAX System are secured,
and access to them is restricted to authorised officers
in the Department only.
3.
You have to use the following means to authenticate your
identity every time you login your eTAX Account,
including ITP Account, BTP User Account and TRP User
Account. Your username for the ITP Account shall not be
the same as your username for the BTP User Account
and/or TRP User Account. Your password will be revoked
upon 5 unsuccessful login attempts.
a. For ITP Account, your Tax Identification Number (TIN)
and password or Digital Certificate or "iAM Smart".
b. For BTP User Account, your username and password or "iAM
Smart".
c. For TRP User Account, your username and password or "iAM
Smart".
4.
If your computer remains inactive for a period of time
after login, the system will automatically log out
itself to prevent any unauthorised access.
5.
Our web servers are protected by "firewalls" and our
systems are monitored to prevent any unauthorised
access.
6.
Stringent administrative control is put in place to
monitor all access to the system and ensure that all
transactions are properly authorised.
7.
We do not send personal information to you by
unencrypted email nor embed hyperlinks in email for
accessing your eTAX Account.
We recommend that you adopt the following practices :-
1.
Always remember to log out properly and close the
browser after you have finished using eTAX Services.
2.
Do not use easy-to-guess characters (such as your
birthday or Hong Kong Identity Card Number) as your
password.
3.
Change your password on a regular basis.
4.
Access eTAX System only through the GovHK or the IRD's
website or type the URL https://www.gov.hk/etax in the
address bar of the browser.
5.
Avoid conducting transactions from public terminals.
6.
Install proper firewalls, anti-virus software and
anti-spyware software in your computer, and update them
on a regular basis.
7.
Do not disclose your password to anyone, including a
person who claims to be a staff member of IRD.
8.
If you suspect any security breach or unusual activity,
please contact us immediately at (852)183 2011.