The security certificate of the income-tax department's Internet portal is yet to be renewed after it expired on 8 May, potentially making the site vulnerable to cyber attacks and compromising confidential information of assessees who continue to file their returns electronically.
A security certificate guarantees the authenticity of a website and that all transactions are encrypted and hence secure. Although it is not mandatory for all websites to obtain such certificates, it is a general practice with most banking portals and e-commerce sites.
“There has never been a case of either data theft or hacking on our data base,” a senior income tax official said on condition of anonymity. The same person added that the tax department uses its own server, which is not linked in any way to a common government pool.
Electronic filing is a growing preference among individuals filing income tax returns even though it is mandatory only for corporates tax payers and individuals with income exceeding Rs 40 lakh.
According to the income tax department's website, about 4.83 million returns were filed electronically in the assessment year 2009-10. About 35 million tax returns are filed every year.
The income tax department's portal was issued a security certificate on May8 2008 by Entrust.net Secure Server Certification Authority and was valid for two years.