Attachment A: Glossary
Employer – you employ a person under a verbal or written employment contract on a full-time, part-time or casual basis (definition for super guarantee purposes).
Machine credentials – allows you to transact with government online services through Standard Business Reporting (SBR)-enabled software. If you use desktop or locally hosted SBR-software, you will need to create a machine credential through Relationship Authorisation Manager.
Matched – this means a match has been found for the TFN supplied. Also known as a ‘valid’ response.
Member – a member of a super fund, the depositor of an approved deposit fund, the holder of an RSA or a member of an SMSF.
myID – is an app you download to your smart device that lets you prove who you are when logging into government online services
Relationship Authorisation Manager (RAM) – is an authorisation service that allows you to act on behalf of a business with government online services when linked with your myID. You'll use your myID to log into RAM.
Super fund – an APRA-regulated super fund, an approved deposit fund, or an RSA provider.
SuperStream data standards – data standards that are part of the government's Super Reform package. These standards provide a consistent, reliable electronic method of transacting linked data and payments for super. The goal is to improve the efficiency of the super system, improve the timeliness of processing of rollovers and contributions, and reduce the number of lost accounts and unclaimed monies.
The standards are a set of minimum conditions for data and payment transmission including a minimum set of prescribed data. Broadly, there are five aspects:
- a standard set of business terms and definitions (the 'definitional taxonomy')
- a standard set of data message formats (the 'reporting taxonomy' set out in relevant message guides)
- a messaging services standard which sets out requirements for message packaging, transport, security and receipting of messages
- a standard format for electronic payments
- enabling services (also referred to as 'validation services').
Unmatched – this means a match has not been found for the TFN supplied. Also known as a ‘not valid’ response.
Attachment B: Security guidelines
EmployerTICK is a secure service protected by our online security credentials.
We recommend you review the latest security guidelines regularly. These are updated as we become aware of issues and relevant information, to help you maintain the highest levels of security.
Security credentials
A security credential is an electronic file and/or software used for identification purposes when transacting over the internet.
A security credential is used to establish a secure environment for online transactions. This provides you with assurance that your online transactions with us are safe by letting us know we are interacting with the right person for each transaction.
Modern security credentials make fraud very difficult. For someone to gain access to our online services as you, they would have to be using a computer on which the credential is installed and they would have to know your password.
Every person associated with your organisation who wants to deal with us online on behalf of the entity will need their own security credential.
See also:
Looking after your security credential
The security of the information you want to guard through the use of a credential is only as good as the care you take to keep this credential protected.
Never disclose your password to anyone, including our staff or the provider of your credential.
When deciding on a password, ensure it is sufficiently complex. Your password must:
- be at least eight characters long
- contain numeric as well as alphabetic characters
- have a mix of upper and lower case alphabetic characters
- have at least one special character (for example, !, @, #).
Your role in securing your information
Technology and computers cannot safeguard information automatically. You need to protect your own and the employee’s information related to use of this service.
We strongly recommend that you:
- never disclose your credential password to anyone, including us or the credential's issuer
- do not download your credential to general use computers. Access Online services for business only from computers to which you have exclusive use, or that you share under one of the following conditions
- the computer is configured for multiple users
- each person has a unique account
- other users are individuals you can trust
- keep your computer software up-to-date, especially with security upgrades and patches – these are usually available from the licenser of the software
- ensure your anti-virus software is current and running on your computer at all times – scan new programs or files for viruses before opening, running, installing or using them
- ensure you have anti-intrusion software (commonly referred to as a ‘firewall’) to provide added security around your information and protection from misuse of your identity
- avoid opening, running, installing or using programs/files you have obtained from a person or organisation unless you are positive that you can trust them
- conduct secure disposal practices such as cleansing of the hard disk on disposal of your computer.
What to do if someone obtains your password or your device is stolen
This situation should be treated with the same degree of urgency that you would give to the loss of a credit card.
If you are aware or suspect someone has inappropriately accessed your personal information in myID, you need to report this immediately.
Contact the myID support line on 1300 287 539 (select option 2 for myID enquiries) between 8:00 am and 6:00 pm AEST, Monday to Friday.
International callers can contact us by phoning our switchboard on +61 2 6216 1111 between 8:00 am to 5:00 pm AEST and request your call be transferred to the myID support line.
If you are aware or suspect that your machine credential has been compromised, we recommend that you log into RAM and revoke the compromised machine credential. If required, you can then create a new machine credential for that device.
See Online security for more information.