SecureMint
← All use cases
Built for firms replacing PPAP with client-friendly delivery

SecureMint for Accountants & Tax Firms

How accountants and tax professionals use SecureMint to replace PPAP, track client deliveries, and strip metadata from sensitive financial documents.

Use SecureMint when you need clients to open a secure delivery link without creating an account, while keeping an internal trail of what was sent and downloaded.

Open Secure File SendStrip document metadata first

Best fit when

  • You still send tax returns, financial statements, or My Number documents over email.
  • Clients push back on creating accounts for every portal you introduce.
  • You need lightweight download evidence without rolling out a full client portal.

What this page gives you

  • A simple send flow your staff can use immediately.
  • A rationale for replacing PPAP in plain business language.
  • A way to remove hidden document metadata before delivery.

Who this is for

Accountants, tax advisors, and CPA firms who regularly exchange financial statements, tax filings, and confidential client data via email.

The typical pain

PPAP (password-protected ZIP emails) is discouraged, but most paid alternatives require clients to create accounts. Meanwhile, PDFs and Excel files often contain hidden author names, file paths, and revision history that leak confidential information.

How SecureMint solves it

SecureMint provides an E2E-encrypted shareable link that any recipient can open in a browser with no signup. Pair it with the built-in metadata remover to strip hidden fields from every deliverable before sending. Pro adds per-link download logs that help your team keep an internal delivery trail.

Public sources you can cite

This workflow is based on current public guidance, not just product claims. Use these sources when you need to explain the operational rationale internally or to an auditor.

Japan's FSA stated in May 2025 that password-protected files should generally not be sent by email, and pointed institutions toward encrypted transport paths or safer online storage instead.

FSA (May 2025): industry discussion points

JPCERT/CC documented Emotet campaigns that abused password-protected ZIP attachments, which is why recipient-side inspection matters in practice.

JPCERT/CC: Alert on renewed Emotet infections

Microsoft documents that Office files can contain document properties and personal information such as author names, comments, and revision data, which supports stripping metadata before external delivery.

Microsoft Support: remove hidden data and personal information
SecureMint uses zero-knowledge design. The server cannot read your data.

Workflow

1

1. Remove metadata from the deliverable

Drop the final PDF or Excel into the metadata remover. Author name, revision history, and file paths are stripped in the browser β€” nothing is uploaded.

2

2. Encrypt and upload via secure send

Go to /send, attach the cleaned file, optionally set a password and an expiration window. The file is encrypted in the browser before upload.

3

3. Email the link to the client

Copy the generated link and paste it into your usual email. The decryption key lives in the URL fragment and never touches the server. Clients simply click β€” no signup, no app install.

4

4. Confirm receipt via download log (Pro)

Pro plan records each download with timestamp and IP. Use it as an internal handoff record when you need to confirm who downloaded which file and when.

Ready-to-use templates

Use these snippets as a starting point when you need to explain the workflow without drafting from scratch.

Client delivery email

Use this when sending tax returns, statements, or My Number related files with a SecureMint link.

Subject: Secure delivery of your documents

Hello,

Your documents are available at the secure link below.
[SecureMint link]

This link opens in a browser and does not require an account. If a separate password is needed, I will send it via another channel.

Please download the file by [date]. Reply to this email if you have any trouble opening it.

Best regards,

Internal PPAP replacement note

Use this when explaining the new workflow to staff who still send password ZIP files by email.

Password-protected ZIP by email is no longer our default. Before external delivery, remove hidden metadata when needed, then send the file through SecureMint /send. The client receives a browser link and does not need to create an account. If a password is used, send it via a different channel. Use Pro download logs when you need a receipt trail.

Tools used

Metadata Removal→Secure File Send→File Encryption→PPAP Alternative Guide→

When Pro becomes the right next step

Start free if you want. These are the moments where Pro starts paying for itself operationally.

When you need an internal receipt trail

Move to Pro once partners ask who downloaded which file and when. Download tracking and revocation become the operational baseline.

See Pro tracking features

When clients need to send files back securely

If clients still reply with attachments, switch to a file request flow so inbound documents enter the same secure path.

Create a file request

FAQ

Is this acceptable for Japanese tax audits?
SecureMint can help you document external delivery, but it is not a certification or a legal guarantee by itself. For formal tax, P Mark, or ISMS requirements, confirm the exact evidence you need with your auditor or compliance lead and use SecureMint's logs as supporting material.
Do my clients need to sign up?
No. Recipients open the link in any modern browser. No signup, no app, no plugin.

Related use cases

SecureMint for Small Business Owners

SecureMint for Legal Professionals

SecureMint for Freelance Developers

Try it free

No signup. Open your browser and start using it immediately.

Open Secure File Send