Tax IDs
Encrypted Tax ID Input Field
Tax identification numbers are used for identity theft. SmartField encrypts tax IDs at the keystroke level, invisible to analytics, extensions, and injected scripts.
The Problem
Tax IDs entered in a standard HTML input are immediately accessible to any JavaScript on the page:
// Any script, extension, or tracker:
document.querySelector('input').value
// Your tax ids in plaintext
The Solution
<smart-field type="password" encrypt-key="/api/sf-key"
placeholder="Enter tax ids"></smart-field>
Now the same attack returns AES-256-GCM encrypted data. The tax ids never exist as plaintext in the browser.
What the User Sees
The user types normally. The screen shows animated cipher characters: ΣΩΔψξλμπ
The real tax ids are stored in a WeakMap (invisible to JavaScript) and encrypted with AES-256-GCM (unreadable without the server key).
Server-Side Decryption
// Node.js
const sf = require('@smartfield-dev/server');
await sf.init();
const data = await sf.decrypt(req.body.field);
// Your tax ids in plaintext, server-side only
Frequently Asked Questions
How does SmartField encrypt tax ids?+
SmartField generates a new AES-256 key and IV for every encryption. Tax IDs are encrypted before they exist in the DOM. The AES key is wrapped with RSA-2048. Only your server can decrypt.
Can trackers like Hotjar capture tax ids?+
No. Hotjar records DOM content. SmartField stores tax ids in a WeakMap inside a closed Shadow DOM. Hotjar only captures cipher characters.
What server languages are supported?+
SmartField provides SDKs for Node.js, Python, Java, Go, PHP, and Ruby. All tested and verified.
Related Pages