to top

Division of Taxation

Taxation Data Security

New Jersey automatically encrypts sensitive data when it is exchanged on our secure websites. Our system is designed to protect personal data and messages traveling to and from the State network, protecting the information from unauthorized access if it is intercepted or diverted in transit.

The web addresses for these secure sites begin with the letters https. The s stands for secure, indicating that the information entered into fields on the website will be encrypted. On some State sites that allow the submission of sensitive data such as banking and personally identifiable information, a padlock icon will appear either to the left or the right of the web address in the URL field, depending on the web browser. This is a visual indicator to users informing them that traffic to and from the website is encrypted and protected. This use of encryption is designed to prevent hackers and identity thieves from intercepting and accessing the transmitted data. This is the same security method that online shopping websites use to prevent unauthorized access to your payment card information.

Users are NOT required to have special software or applications to take advantage of this security on State websites. The encryption is done automatically by our systems.

The State network uses many other systems and tactics to protect data. For example, the State has multiple firewalls in place that screen and filter data sent to and from the State network. Every day, the State uses these firewalls to block millions of potential threats from accessing its systems and to prevent unsecured, private data from leaving State networks.

New Jersey works with the largest and most respected Internet providers and security firms – as well as national and international online security professionals – to protect the public’s identities and privacy.

To assist in this effort, the public should never send sensitive data such as Social Security numbers and sensitive financial account information to any State agency or entity in regular, unencrypted emails. Instead, this data should only be provided to the State via the State’s secure websites or telephone payment systems.

Last Updated: Tuesday, 01/28/20