Security

Built for the data your clients trust you with.

Tax pros handle SSNs, EINs, addresses, and dollar figures that map to people. We treat that data the way the IRS expects: with isolation, encryption, audit trails, and short retention.

Auth

Clerk-backed sessions, MFA available.

Authentication runs on Clerk. Passwords never touch our servers; sessions are JWTs validated at the middleware layer on every protected route.

Multi-factor authentication (TOTP authenticator apps, passkeys) is supported. Each user gets an isolated workspace keyed off their Clerk user ID — no shared accounts, no collaborator-creep on multi-client data.

Data at rest

Postgres, scoped to your org on every query.

Submissions, records, and amounts live in Neon Postgres. The database is never reachable from the browser — every query runs server-side over a single authenticated connection, and the data layer scopes each one to your org before it executes. Route handlers are gated behind Clerk before any DB call runs.

Generated IRIS XML is stored in Cloudflare R2. Both stores encrypt data at rest (AES-256) at the platform layer.

Data in transit

TLS 1.2+, HSTS, modern cipher suites.

Every request between your browser, our app, Clerk, Neon, Cloudflare R2, Stripe, and the IRS A2A API is TLS-encrypted. The marketing site, the app, and the API all enforce HTTPS; HSTS is on at the platform layer.

No customer 1099 data ever flows over an unencrypted channel — including during conversion, submission, or ack-polling.

File handling

Source files: short-lived. XML: yours forever.

When you upload a FIRE / CSV / Excel file, we parse it in-memory, validate, and emit IRIS XML. Source files are not retained as raw blobs in v1 — the structured records hit the database, but the original bytes do not persist past the request.

Generated IRIS XML payloads are stored against your submission so you can re-download, audit, or refile a correction. Retention follows IRS recordkeeping guidance (4 years from due date by default).

IRS posture

One transmitter, one TCC, your records stay yours.

PixelCove LLC is the named Transmitter. Your clients do not need their own Transmitter Control Codes — we file on your behalf as the operator. Submissions are tagged with your org so the IRS audit trail still leads back to you, the tax professional.

Status (April 2026): IRIS TCC approved and active. The A2A integration is in development against the IRS test system per Pub 5718 guidance and goes live for the 2027 filing season. Until then, IRISfile generates filing-ready IRIS XML, plus IRIS Portal CSV for 1099-NEC and 1099-MISC.

Vendors we trust

Compliance-grade infrastructure underneath.

Clerk — auth, sessions, MFA.
Neon — Postgres, branching, backups (built on AWS, SOC 2 Type II).
Cloudflare R2 — generated XML storage, encrypted at rest.
Stripe — PCI DSS Level 1 for billing. Card data never touches us.
Vercel / Cloudflare — TLS, DDoS protection, edge cache.
IRS A2A — OAuth 2.0, signed XML, sandbox-first development.

Reporting issues

Found something? We want to hear.

If you spot a vulnerability or have questions about our handling of a specific data flow, write to security@irisfile.co. We acknowledge within one business day and triage from there.

Posture

Tabular numbers. Audit trails. No data we don't need.

Get notified