TaxFolder enhancements

I have seen the web page with the recent enhancements.

I am still worried that the process is too cumbersome for many of our clients.

I am wondering if the process could be simplified while still having enhanced security. For example, could the link in the email we send to request the signature take the client to the dashboard. Have them log in there with their password and the 2FA code and have the dashboard flag new items requiring a signature.

Once they have signed in with the password and one time code either through a SMS, Voice message or the athenticator app, I would like the client to be able to open the document and sign it without having to go through any additional security questions.

I think the SIN, Birthdate, etc. after already properly logging in is a bit of overkill that will only serve to annoy and frustrate our clients.

It might be that some want all of that security, so maybe there could be an option setting for one or the other option on a firm-wide client by client basis.

We would really like to use this, but at this point we don’t anticipate using it due to the annoyance factor for our clients.

1 Like

When I was helping with beta testing it seemed the client did not even need to have a TaxFolder account or log into their account to sign a document that I sent. The actual signing process seemed to happen on a webpage outside of their TaxFolder account. Other than perhaps a few too many authentication questions, I thought the process of getting a document signed and returned was quite smooth and fairly seamless. Many of my clients won’t want to log into a portal or account to sign documents so I thought this will work well for those. On the other hand, I also have clients that will sign up for and use their TaxFolder portal to securely upload and receive documents that may not require signatures.

I know this is a difficult thing to make easy for all. Some of our clients are computer savvy clients, and some not so much. But from overhearing our staff try to walk people through the e-courier and the DocuSign process (which seems much more simple), I can see this is going to be an issue.

(The lack of the ability to type your name in for the signature instead of drawing it, is also going to be an issue.)

As CRA is willing to have the SIN masked on the signed documents, I think the 2FA is enough security for most of our clients.

@matthew -

Thanks for the feedback. We will continue to look at refinements to the process to make it easier for clients.

Right now it appears that there are a few devices that don’t work as well as others. We’ll fix these issues first and then see how well clients are doing with it.

As for DocuSign in particular, I know that it is possible to use DocuSign without signing with your finger, and also without using 2FA. CRA has been hinting that both of these things will be required for the signature to be valid, so we are reluctant to invest time reducing those requirements only to find that the resulting product will be an eSignature CRA won’t accept.

As CRA clarifies their requirements and makes them official, and as we get more user feedback, we will continue to improve.

Thanks for your patience.


I echo @snoplowguy comments re: the E-Signature portion of TaxFolder. Works quite smoothly and clients have found the process quite easy to use so far. Just sending documents from within Taxcycle and then viewing and retrieving later in the TaxFolder portal.

I was curious to know if there were any changes planned for Taxfolder. We are trying to decide if we will switch to Taxfolder this year.
I am concerned that some of the MFA /2FA (especially the Family name as some have 2 family names, there can be typos, etc.) will require a lot of back and forth with the client.

Are there any plans to adjust some of the required MFA/2FA steps?

Currently only the phone number verification and SMS code is mandatory to access and sign a document sent through TaxFolder when using the email link. When you send the signature request, you have the option to add the three Knowledge Based Questions (one of which is last name)
as added security. If you use the client portal with your clients they also have the option to turn on the 2FA to access their client portal dashboard.

Our next development priority will be to make the client portal and the related invitation optional as a number of customers have been asking for this.