The IRS is set to partner with business to prevent tax fraud. Its new motto: “Taxes. Security. Together.”
Imagine if one of your staffers goes to file their tax return only to learn someone else has already done so – and claimed his or her refund.
That’s a situation that happens thousands of times a year. And now, security officials for the IRS are trying to pull out all the stops in order to prevent it from happening again. What they’ve learned could be helpful for any organization that’s trying to prevent theft and fraud.
Presentation outlines security
In a presentation at the recent American Payroll Association (APA) Capital Summit, Ken Corbin, Director of Return Integrity and Compliance Services at IRS, explained some of the security steps his organization has taken in the wake of some fairly serious breaches.
Here are three main approaches Corbin highlighted:
- Collaboration. IRS has begun holding annual “security summits,” where IRS pros get together with payroll, tax preparation organizations and financial institutions to share information on what they’re seeing and ideas for preventing fraud and theft.
This collaboration and information sharing can be helpful in several ways. For instance, each organization has access to some taxpayer information, but not all of them have the same information. By discussing ways they could share more information or match to be sure the information is correct, the groups could someday collaborate to ensure accuracy of returns. - Out-of-pocket security questions. Many services try to verify identities by having users answer security questions, such as “What street was your first house on?” or “What’s your mother’s maiden name?” But with sharing on social media at an all-time high, those answers barely pose a challenge to hackers anymore, according to Corbin. Even for questions that don’t have easily searchable answers, hackers can compromise or imitate a friend’s social media account and trick users into handing over the information.
Using questions that can’t easily be searched for – and providing a limited timeframe to answer before being locked out – is a more secure method. - Adding filters. Since 2011, IRS returns have gone from checking 11 so-called “fraud filters” (or indicators that a filer is actually who they claim to be) to well over 200. Each filter makes it a little more likely that only the right filer will be able to process a return.
“Fraudsters will never get all the elements of a W-2 right,” Corbin said. Each added layer of verification – from security questions to even checking device log-in IDs – tilts accuracy in the organization’s favor.