With any luck, far fewer taxpayers will have their personal information — and their refunds — stolen by identity thieves when they start filing their taxes next year.
The IRS said Tuesday that leading tax software companies will now share with it and with state tax administrators 20 new pieces of data to better detect and and prevent tax-related identity theft and refund fraud.
Among the new information that companies will share with the IRS and the states: whether there has been improper or repetitive use of Internet Protocol numbers, which are the addresses of the computers from which tax returns are sent; and the time it takes to complete a return, to better suss out any computer mechanized fraud.
“If tax returns come from the same foreign internet address, we’ll see that. If many tax returns are being filed from the same device, we’ll see that as well,” said IRS Commissioner John Koskinen. “If a tax return appears to be automatically generated by a machine, we’ll find that out.”
These changes will be on the back-end of the process, so they shouldn’t inconvenience tax software users. But other changes will be noticed by filers.
The leading tax preparation software companies, such as H&R Block and TurboTax, have agreed to:
- Implement new password standards to get into the software, requiring a minimum of 8 characters that include upper case, lower case, alpha, numerical and special characters.
- Impose a limit on unsuccessful log-in attempts
- Include three more security questions.
- Send a verification email or text to the customer that includes a PIN, so that only the real taxpayer can access the software, much the way banks and brokerages send verification emails to let their customers gain access to accounts.
It’s not clear yet how much more time it will take to complete and file your return as a result of these greater security measures.
But, Koskinen noted, “I don’t expect there will be a sea-change in what it takes to file your return.”