Increased e-filing security planned for 2016 filing season
IRS Security Summit announces new efforts to fight tax ID theft, fraudulent refunds
When you electronically file your tax return next year, get ready to provide a stronger password and meet tougher validation procedures.
That's just one of the ways the Internal Revenue Service and the tax industry is planning to protect taxpayer accounts from criminals.
The IRS, state tax administrators and tax industry leaders joined forces in March in a self-named Security Summit to come up with ways to combat tax identity theft. The group today provided an update of their efforts.
In addition, the Security Summit participants also identified additional tax security topics they plan to tackle in the coming months as the 2016 filing season approaches.
Stronger taxpayer authentication: Along with enhanced e-filing password protections, the IRS reported that the group has tested more than 20 new data elements on tax returns that will be used next year to prevent fraudulent refunds.
The revised tax-filing security elements include:
- New password standards to access tax software that will require a minimum of eight characters with upper case, lower case, alpha, numerical and special characters.
- A new timed lockout feature and limited unsuccessful log-in attempts.
- The addition of three security questions.
- Out-of-band verification for email addresses, which is sending an email or text to the customer with a PIN, a common practice used throughout the financial sector.
"We are taking [these] new steps upfront to protect taxpayers at the time they file and beyond," IRS Commissioner John Koskinen said. "Thanks to the cooperative efforts taking place between the industry, the states and the IRS, we will have new tools in place this January to protect taxpayers during the 2016 filing season."
The new taxpayer authentication safeguards are not expected to substantially change the time it takes for taxpayers to file their returns electronically, the commissioner added.
Tougher return acceptance, too: Making sure that tax returns are filed by legitimate taxpayers is just one part of the anti-ID theft equation. When con artists or hackers do get their hands on taxpayer information, they can beat the filing safeguards.
So the IRS must do better in catching questionable returns. The Security Summit members say they have come up with ways to help here, too.
On the return transmission side, tax software providers tested more than 20 new data elements from tax return submissions that will be shared with the IRS and the states to help tax offices detect and prevent fraudulent returns. They include:
- Reviewing the transmission of the tax return, including the improper and/or repetitive use of Internet Protocol numbers, the Internet address from which the return is originating.
- Reviewing computer device identification data tied to the return's origin.
- Reviewing the time it takes to complete a tax return, so computer mechanized fraud can be detected.
- Capturing metadata in the computer transaction that will allow review for identity theft related fraud.
"This unprecedented partnership continues to put strong new safeguards in place for the 2016 tax season," IRS Commissioner John Koskinen said. "We are breaking new ground in the battle against identity theft. Taxpayers will have more protection than ever when they file their tax returns."
Tax pro input, too: The 2016 filing season actions also will serve as the baseline for on-going discussions and additional enhancements for the 2017 filing season and beyond.
And those on-going discussions will include tax professionals.
The initial Security Summit focus was on tax software and tax issues surrounding the do-it-yourself taxpayer to identify immediate changes for 2016. However, during that process the Summit participants recognized the role tax professionals play, in both federal and state tax arenas.
The IRS announced today that a new Security Summit working group will examine how new filing security requirements will affect tax preparers who use professional software, how the preparer community will be affected by the overall data capture and reporting requirements and how the preparer community can contribute in the prevention of identity theft and refund fraud.
The IRS hasn't released details on how tax professionals can be a part of this working group. But stay tuned. When I hear something, I'll pass it along.
You also might find these items of interest:
- Tax scam callers now spoofing telephone numbers
- IRS says free identity theft protection services are tax-free
- Uncle Sam, watch TV! You need these kind of tech-savvy staffers to fight tax hackers
Find more tax news and tips at the Don't Mess With Taxes home page.