• Portal security

    The portals are secure websites protected by AUSkey.

    AUSkey

    AUSkey is a secure login that identifies you when transacting with the ATO online and gives:

    • you assurance that your online transactions with us are safe
    • us assurance we are interacting with the right person for each transaction.

    Modern security credentials make fraud very difficult. For someone to gain access to our online services as you, they would have to be using a computer on which your AUSkey is installed and know your individual password.

    Every person within your business, practice, or entity who wants to deal with us online on behalf of your Australian business number (ABN) will need their own AUSkey.

    You should never share your AUSkey, as you expose the risk to fraudulent activity within your business or practice.

    See also: 

    Looking after your AUSkey

    The security of the information you want to guard through the use of an AUSkey is only as good as the care you take to protect your AUSkey.

    Never disclose your AUSkey password or any password to anyone including your staff, us or the credential's issuer.

    When deciding on a password, ensure that it is sufficiently complex. Your password must:

    • be at least 10 characters long
    • contain numeric as well as alphabetic characters
    • have a mix of upper and lower case alphabetic characters
    • have at least one special character (for example, !,@,# , etc.).

    AUSkey expiry

    As long as you use your AUSkey at least once each year, it will not expire. If your AUSkey expires you will need to register for a new one or see your AUSkey administrator within your business.

    Your role in securing your information

    Technology and computers cannot safeguard information automatically. You need to protect your own and your clients' information related to using this service.

    We strongly recommend you:

    • never disclose your AUSkey password to anyone, including us or the credential's issuer
    • don't download your AUSkey to general use computers unless
      • the computer is configured for multiple users
      • each person has a unique account and password
       
    • keep your computer software up-to-date, especially with security upgrades and patches (these are usually available from the licenser of the software)
    • ensure that your anti-virus software is current and running on your computer at all times – scan new programs/files for viruses before opening, running, installing or using them
    • ensure that you have anti intrusion software (commonly referred to as a ‘firewall’) – to provide added security around your information and protection from misuse or your identify
    • avoid opening, running, installing or using programs/files you have obtained from a person or organisation unless you are positive that you can trust them
    • select Logout when you finish using this portal – you should also lock or logout of your computer if left unattended (to avoid others accessing your account)
    • conduct secure disposal practices such as cleansing of the hard disk on disposal of your computer.

    Compromised AUSkeys and lost or stolen computers and USB sticks

    Treat this situation with the same degree of urgency that you would give to the loss of a credit card.

    If your computer or USB stick is lost or stolen, cancel your AUSkey immediately to ensure nobody uses it.

    If your password is compromised, lost or stolen, you can change your AUSkey password. Log into AUSkey Manager and select Change password under the My AUSkey heading.

    An Administrator AUSkey user can cancel your AUSkey for you. If you do not know who your Administrator AUSkey is contact us.

    When you cancel an AUSkey, any AUSkeys you have on other computers or USB sticks for the same Australian business number (ABN) will be cancelled.

    After cancelling your AUSkey you will need to register for a new AUSkey to continue using participating online services.

Relying on our information - our commitment to you

We are committed to providing you with advice and guidance you can rely on, so we make every effort to ensure that what we give you is correct.

If you follow our advice or guidance and it turns out to be incorrect, or it is misleading and you make a mistake as a result, we will take that into account when determining what action, if any, we should take.

Some of the advice and guidance on this website applies to a specific financial year. This is clearly marked. Make sure you have the information for the right year before making decisions based on that information.

If you feel that our advice and guidance does not fully cover your circumstances, or you are unsure how it applies to you, contact us or seek professional advice.

Copyright

© Australian Taxation Office for the Commonwealth of Australia

You are free to copy, adapt, modify, transmit and distribute this material as you wish (but not in any way that suggests the ATO or the Commonwealth endorses you or any of your services or products).