E-Services users now register through Secure Access
Starting Monday, Dec. 10, all users of the IRS’s e-Services platform must register through a new ID-proofing process called Secure Access.
Any e-Services user who has not previously created a Secure Access account through Get Transcript Online, IP PIN tool, View Balance or by exception processing must validate their identity through this process. This also includes all TIN Matching users, and users who received Letter 5903 last December and authenticated by telephone.
This new process is mandatory on the part of the IRS or its online users, the agency stressed.
“We apologize for the short notice, but as you know we’ve been planning this move for more than a year,” the service announced. “The IRS must make this change to meet federal information system standards. Additionally, cybercriminals increasingly are targeting tax professionals to steal e-Services usernames and passwords, putting taxpayer data at risk.”
In recent years, each e-Services user was authenticated individually with such information as name, address, Social Security number, date of birth, adjusted gross income and filing status. That limited amount of information no longer is enough to meet federal information system standards, according to the IRS.
Secure Access strengthens the initial identity proofing and uses two-factor authentication for returning users. Two-factor authentication means users must have credentials (username and password) plus a security code sent to their mobile phone or generated by their IRS2Go app each time they log in.
Under Secure Access, users can no longer script the login process, the IRS added.
More about the steps to complete the Secure Access process, alternatives to online processing and how to use the IRS2Go app are under “Important Update about Your e-Services Account” on IRS.gov.