On October 20, 2015, the IRS, state taxing authorities, and leaders of the tax industry announced continued progress to expand and strengthen protection against identity theft in refund fraud for the 2016 tax season. “We are taking new steps upfront to protect taxpayers at the time they file and beyond,” said IRS Commissioner John Koskinen in announcing this development. “Thanks to the cooperative efforts taking place between the industry, the states and the IRS, we will have new tools in place this January to protect taxpayers during the 2016 filing season.”

(Tax-related identity theft occurs when someone uses a taxpayer’s stolen Social Security number to file a tax return claiming a fraudulent refund. Generally, an identity thief will use a taxpayer’s SSN to file a false return early in the year. The taxpayer may be unaware he or she is a victim until the taxpayer tries to file a tax return and learns one already has been filed using his or her SSN.)

The strengthened and expanded protections include the following:

  • Enhanced identity requirements and validation procedures implemented by the tax preparation software industry to protect customer accounts from identity thieves, including creation of security questions and device identity recognition at the time of login.
  • Development of 20 data components that the IRS, state taxing authorities, and the tax preparation industry can collect and share when a tax return is filed, including
    • whether tax returns come from the same foreign internet address;
    • whether many tax returns are being filed from the same device; and
    • whether a tax return appears to be automatically generated by a machine (by looking at how long it takes to prepare a return online, from the time a person logs in, to when the return is filed electronically).
  • Collection and sharing of information in real time during the tax filing season. Thirty-two of 42 states that collect income tax have signed a memorandum of understanding to share information, and more are expected to sign the MOU soon.

This collaborative effort among the IRS, state taxing authorities, leaders of tax preparation and software firms, and payroll and tax financial product processors, known as the Security Summit, began in March and culminated in the development of several recommendations in June.

Additional federal resources on data privacy can be found at:

IRS Taxpayer Guide to Identity Theft

IRS Publication 4600 – Safeguarding Taxpayer Information

IRS Publication 4535 – Identity Theft Prevention and Victim Assistance

IRS Publication 4557 – Safeguarding Taxpayer Data – A Guide for Your Business

Information Compromise and the Risk of Identity Theft: Guidance for Your Business

Data Security

United States Computer Emergency Readiness Team