(Bloomberg) — Last year’s income tax season was marked by an explosion of refund theft. Will this year be any different?
Increased protections may cut down on fraud but will likely draw out clients’ wait for their money. Changes will be visible when using tax preparation firms and filing software, with warnings akin to those from one’s bank if trying to log in from a new device or change account information.
Less visible will be broader changes, such as revamped fraud-sniffing programs used by the IRS, states, and the tax prep industry, as well as new information-sharing agreements among all three.
Whether theses measures will make it appreciably harder for someone to use a client’s identity to claim a refund isn’t clear. One of the best consumer defenses against refund fraud is to file as early as possible, starting Jan. 19, beating would-be thieves who depend on procrastination. But the best defense is to set deductions ahead of time so that clients’ get no refund at all.
Here’s what taxpayers can expect this season: More identity verification
Yes, this means wider use of those multiple-choice questions about where a client lived 30 years ago if filing electronically. It also means “a lot more reactive warnings to users that something has been changed, and making sure it was them that changed it,” said JoAnn Kintzel, chief executive of Tax Act, a tax software firm. ”If an e-mail address changes, a message will go both to the new e-mail and the old e-mail.
Taxpayers will also get a notice if bank deposit information or their home address is changed, said Julie Miller, a spokesperson for tax software company TurboTax, and companies will check to see if more than one account is using the same Social Security number.
Leading tax prep and software companies, as well as payroll and tax financial payment processors, working with states and the IRS, have all agreed to a set of minimum security measures. Companies and states may put in place additional measures, as Alabama did this year, requiring anyone filing electronically in that state to provide information from a driver’s license or state ID card.
Though complex passwords are commonplace on other consumer and bank websites, the tax industry has finally joined the club. The passwords must now include a lowercase letter, an uppercase letter, a symbol, and a number (for example, #H8This). A new timed lockout feature will kick in after repeated failed login attempts.
The IRS launched a consumer education and awareness campaign this past November about security basics. They include not using the same password for multiple accounts, using anti-virus protection, and encrypting sensitive data.