3.42.8 Secure Access and E-Services Procedures for Electronic Products and Services Support (EPSS)

Manual Transmittal

September 17, 2020

Purpose

(1) This transmits revised IRM 3.42.8, Electronic Tax Administration, Secure Access and E-Services Procedures for Electronic Products and Services Support (EPSS).

Material Changes

(1) IRM 3.42.8.2 E-Services Overview - This subsection was deleted and content moved to IRM 3.42.8.5 E-Services. Subsequent subsections renumbered.

(2) IRM 3.42.8.3.1.2 Compromised Electronic Filing Identification Number (EFIN) - This was deleted and content moved into IRM 3.42.10.14.7 Compromised Electronic Filing Identification Number (EFIN), so all content is one location. Subsequent subsections renumbered.

(3) IRM 3.42.8.3.1.3 Compromised Secure Access Account, IPU 20U0028 issued 01-02-2020 - Removed instruction to inactivate use of the application.

(4) IRM 3.42.8.3.1.4 Identity Theft (IDT) - Electronic Return Originator - This subsection was deleted and content moved into IRM 3.42.10.14.18 Identity Theft, so all content is one location.

(5) IRM 3.42.8.4 Secure Access Authentication for Taxpayers - New subsection includes technical content moved from IRM 3.42.7 as stated below. Subsequent subsections were renumbered.

  1. IRM 3.42.7.15.4 Secure Access Authentication for Taxpayer, moved into IRM 3.42.8.4.

  2. IRM 3.42.7.15.4.1 Login Issues, moved into IRM 3.42.8.4.1.

  3. IRM 3.42.7.15.4.2 Password Problems, moved into IRM 3.42.8.4.2.

  4. IRM 3.42.7.15.4.3 Forgotten Username, moved into IRM 3.42.8.4.3.

  5. IRM 3.42.7.15.4.4 Re-Registration, moved into IRM 3.42.8.4.4.

  6. IRM 3.42.7.15.4.5 Disable Account, moved into IRM 3.42.8.4.5.

  7. IRM 3.42.7.15.4.6 Enable Account, moved into IRM 3.42.8.4.6.

  8. IRM 3.42.7.15.4.7 Previously Disabled Account, moved into IRM 3.42.8.4.7.

  9. IRM 3.42.7.15.4.8 Technical Problems, moved into IRM 3.42.8.4.8.

  10. IRM 3.42.7.15.4.9 Problems with Accessibility Software, moved into IRM 3.42.8.4.9.

(6) IRM 3.42.8.5 E-Services - This subsection was previously titled Accessing E-Services. It now includes e-Services Overview. Previous content moved to IRM 3.42.8.5.1.

(7) IRM 3.42.8.5.1 Accessing E-Services - This subsection was previously titled Employee User Portal (EUP). Previous content moved to IRM 3.42.8.5.1.1.

(8) IRM 3.42.8.5.1.1 Employee User Portal (EUP) - This subsection was previously titled Integrated Enterprise Portal (IEP). Previous content moved to IRM 3.42.8.5.1.2.

(9) IRM 3.42.8.5.1.2 Integrated Enterprise Portal (IEP) - This subsection was previously titled Clear Cache. Previous content moved to IRM 3.42.8.5.1.3.

(10) IRM 3.42.8.6 Secure Access Authentication Registration for Tax Professionals - This subsection was previously titled E-Services Secure Access Registration.

(11) IRM 3.42.8.6.1 Recertification, IPU 19U1272 issued 12-12-2019 - Updated title of subsection and revised time-frame for e-Services users recertification.

(12) IRM 3.42.8.6.2.2(4) New E-Services Users, IPU 19U1272 issued 12-12-2019 - Revised exception processing steps for new users and revised time frames to 15 business days.

(13) IRM 3.42.8.6.3(8) Secure Access Registration Issues, IPU 19U1272 issued 12-12-2019 - Added site image and site phrase information.

(14) IRM 3.42.8.6.4 Invalid Username or Password, IPU 19U1272 issued 12-12-2019 - In (2) removed temporary profile information and added Username error instructions.

(15) IRM 3.42.8.6.5 Modify an Existing Password, IPU 19U1272 issued 12-12-2019 - Added modify password instructions.

(16) IRM 3.42.8.6.6 Update Profile, IPU 19U1272 issued 12-12-2019 - Added IRS2GO information and Update Profile instructions.

(17) IRM 3.42.8.6.10 Taxpayer Assistance Center (TAC) Exception Processing Support, IPU 19U1272 issued 12-12-2019 - Revised referral to TAC procedures. Added procedures for when the caller contacts us after they’ve ID Proofed with the TAC.

(18) IRM 3.42.8.7 IRS e-file Application - Content from this entire subsection including IRM 3.42.8.7.1 Adding a New Location, IRM 3.42.8.7.2 Close Office or Request EFIN Be Dropped and IRM 3.42.8.7.3 IRS e-file Application Status has been moved to IRM 3.42.10, Authorized IRS e-file Providers. Subsequent subsections have been renumbered.

(19) IRM 3.42.8.7.3 Replace a Principal, IPU 20U0488 issued 04-06-2020 - Updated instructions for changes to Principal.

(20) IRM 3.42.8.8 Transcript Delivery System (TDS) - Moved content from IRM 3.42.10 Transcript Delivery System (TDS), into (2). All TDS information is now in IRM 3.42.8.

(21) IRM 3.42.8.8.5 State Users, IPU 19U1272 issued 12-12-2019 - Updated Disclosure Contact link.

(22) IRM 3.42.8.8.7 Income Verification Express Service (IVES), IPU 20U0488 issued 04-06-2020 - Updated to include instructions for customers who received transcripts without an approved form and referral information to the RAIVS Program office.

(23) IRM 3.42.8.9.1 PIN Rules/Inquiries, IPU 19U1272 issued 12-12-2019 - Revised instruction for voluntarily changing PIN.

(24) IRM 3.42.8.9.3 Missing Links, IPU 19U1272 issued 12-12-2019 - Revised to incorporate Secure Access Procedures.

(25) Exhibit 3.42.8-1 Acronyms - Added Electronic Filing Identification Number (EFIN) to table.

(26) Various sections, minor grammatical and editorial changes throughout the IRM.

Effect on Other Documents

IRM 3.42.8 dated 09/16/2019 (effective 10/01/2019) is superseded. This IRM also incorporates the following IRM Procedural Updates (IPU) 19U1272 (issued 12/12/2019), IPU 20U0028 (issued 01/02/2020) and 20U0488 (issued 04/06/2020).

Audience

These procedures are used by EPSS e-help Desk assistors and Technical Services Operation (TSO) employees. These procedures are also intended for managers, analysts, business owners, and others who provide support to users of IRS electronic products and services.

Effective Date

(10-01-2020)

Cheryl Deaton
Acting Director, Electronic Products and Services Support
Wage and Investment Division

Program Scope and Objectives

  1. This Internal Revenue Manual (IRM) provides the basis for e-Services Procedures For Electronic Products and Services Support (EPSS) assistors to respond to external customers needing assistance or information when using e-Services web based products.

  2. Purpose: This section provides instructions for EPSS phone assistors working in Andover MA, Atlanta GA, Austin TX, Cincinnati OH and Ogden UT.

  3. Audience: These procedures apply to employees who are responsible for assisting EPSS customers.

  4. Policy Owner: Director, EPSS

  5. EPSS provides support for the programs listed in IRM 3.42.8.5, E-Services.

Background

  1. EPSS provides electronic products and services support to individuals, businesses and e-file providers.

  2. EPSS support includes:

    • Electronic Filing (e-file)

    • Electronic Federal Tax Payment System (EFTPS)

    • Electronic Services (E-Services)

    • Filing Information Returns Electronically (FIRE)

    • Acceptance Agent Application

    • Foreign Account Taxpayer Compliance Act (FATCA) online registration and International Compliance

    • Affordable Care Act (ACA) Acceptance Form

Roles and Responsibilities

  1. All employees will complete duties in accordance with Policy Statement 1-236, Fairness and Integrity in Enforcement Selection; see IRM 1.2.10.37.

  2. All duties will be done in accordance with the Taxpayer Bill of Rights as listed in IRC 7803 (a)(3). Additional information may be found on the irs.gov website at www.irs.gov/taxpayer-bill-of-rights.

  3. Director of Electronic Products and Services Support (EPSS) is responsible for the development and delivery of policy and guidance that impacts assistors.

Acronyms and Terms

  1. For a list of acronyms used in EPSS, see Exhibit 3.42.8-1.

Taxpayer Advocate Service

  1. The Taxpayer Advocate Service (TAS) is an independent organization within the IRS. TAS provides assistance to taxpayers who are experiencing economic harm, who are seeking help resolving tax problems the IRS has not resolved through normal channels, or who believe an IRS system or procedure is not working as it should be.

  2. In general, the e-help Desk does not answer account-specific questions (e.g., calls received regarding individual tax accounts). If the e-help Desk assistor cannot resolve an inquiry, referring the issue to TAS may be appropriate. Refer taxpayers to TAS (see IRM Part 13, Taxpayer Advocate Service) when the contact meets TAS criteria (see IRM 13.1.7, Taxpayer Advocate Service (TAS) Case Criteria) and you cannot resolve the taxpayers issue the same day. The definition of "same day" is within 24 hours. "Same day" cases include cases you can completely resolve in 24 hours, as well as cases in which you have taken steps within 24 hours to begin resolving the taxpayer's issue. Do not refer these cases to TAS unless they meet TAS criteria and the taxpayer asks to be transferred to TAS. Refer to IRM 13.1.7.4, Same Day Resolution by Operations. When referring cases to TAS, use Form 911, Request for Taxpayer Advocate Service Assistance (and Application for Taxpayer Assistance Order), and forward to TAS in accordance with your local procedures.

  3. There is a Service Level Agreement (SLA) between TAS and the Commissioner, Wage and Investment (W&I) Division, as well as SLAs between TAS and the other Operating Divisions. These agreements outline the procedures and responsibilities for the processing of TAS casework when either the statutory or Delegated authority to complete the case transactions rests outside of TAS. The W&I SLA is available at http://tas.web.irs.gov/policy/sla/default.aspx.

  4. TAS emphasizes the polite and respectful treatment of taxpayers and practitioners by IRS employees. See IRM 3.42.7.14.2, Telephone Etiquette, for e-help Desk policies.

  5. Congressional inquiries are referred to TAS.

Disclosure

  1. The Office of Disclosure administers the provisions of IRC Section 6103, "Confidentiality and disclosure of returns and return information." All IRS employees are responsible for ensuring taxpayer confidentiality is protected, and tax records are properly safeguarded and disclosed only as provided by law.

  2. E-help Desk assistors must prevent unauthorized disclosure of prohibited information when providing support to e-Services users. When giving information, confirm the identity of the person you are speaking to on the telephone. Verify that the caller is authorized to receive the information. Disclose only what is necessary when giving information to third parties.

  3. See IRM 3.42.7.3.1, Office of Disclosure, for additional information on e-help Desk disclosure procedures. In addition, see IRM 3.42.7.14.5, Authentication and Authorization Guidelines. This section and the subsections that follow provide specific guidance for authenticating customers calling the e-help Desk including e-Services users.

  4. Complete information on disclosure, the Freedom of Information Act (FOIA), and the Privacy Act, may be found in IRM 11.3, Disclosure of Official Information. For questions or additional information use the Disclosure Contacts Link https://portal.ds.irsnet.gov/sites/vl003/Lists/DBasicsContacts/LandingView.aspx. The Disclosure Help Desk number and e-mail address are for internal use only.

Authorized Users

  1. E-Services products can be accessed by five categories of authorized users:

    • Principal - a sole proprietor, a partner who has a 5 percent or more interest in a partnership, or a corporate officer (e.g., a President, Vice President, Secretary, Treasurer). A Principal for an entity that is not a sole proprietorship, partnership or corporation is an individual authorized to act for the entity in legal and/or tax matters.

    • Responsible Official - an individual designated by a Principal to perform specific duties of a Principal. In TIN Matching, this includes modifying an existing TIN Matching Application.

    • Delegated User - an individual authorized by a Principal or Responsible Official to perform duties for which they have been granted authority.

    • Authorized Agent - an individual that, with a payer's written authorization, matches name and TIN combinations on behalf of a payer.

    • Reporting Agent - an accounting service, franchiser, bank, service bureau or other entity that complies with Rev. Proc. 2012-32 and is authorized to prepare electronically Form 940, Employer's Annual Federal Unemployment (FUTA) Tax Return; Form 940-PR, Planilla para la Declaracion Anual del Patrono de la Contribucion Federal para el Desempleo (FUTA); Form 941, Employer's QUARTERLY Federal Tax Return; Form 941-PR, Planilla para la Declaracion Federal TRIMESTRAL del Patrono; Form 941-SS, Employer's QUARTERLY Federal Tax Return - American Samoa, Guam, the Commonwealth of the Northern Mariana Islands, and the U.S. Virgin Islands; Form 943, Employer's Annual Federal Tax Return for Agricultural Employees; Form 943-PR, Planilla para la Declaracion Anual de la Contribucion Federal del Patrono de Empleados Agricolas; Form 944, Employer's Annual Federal Tax Return; and Form 945, Annual Return of Withheld Federal Income Tax, for a taxpayer. Reporting Agents sign all the electronic returns that they file with a single Personal Identification Number (PIN) signature.

Caller Authentication
  1. IRM 3.42.7.14.5, Authentication and Authorization Guidelines, gives procedures for authentication and authorization for different types of e-Services customers.

Compromised Secure Access Account
  1. Users cannot log in to an e-Services application (i.e., IRS e-file application, TIN Matching, TDS, etc.) using another person's username and password. If it is determined the caller has accessed the system using another user's login credentials, do the following:

    • Advise the caller that this is a security violation and that the login ID is a personal login, not a company login.

    • Ask to speak to the person who owns the login credentials. Advise owner of the security violation and advise them to change their password. Only after properly authenticating the caller, may you proceed with the call.

    • If the owner of the credentials does not come to the phone, advise caller that the call must be terminated. Request that the owner of the login credentials call the e-help Desk to enable the account. Determine what application the caller has accessed and document in the description. Do not disable the Secure Access Authentication registration account. Escalate to an incident and assign to e-Services Technical Level 2 provider group.

      Note:

      If the owner of the credentials calls in later to enable an account disabled by level 2 due to a security violation, complete High Risk Authentication (HRA) and enable the account. To enable an account, follow the instructions in IRM 3.42.8.4.6, Enable Account. Advise the caller that this is a security violation and that the login ID is a personal login, not a company login. After the account is enabled, resolve any other account issues such as activating any inactive applications.

  2. If the caller believes, or the assistor discovers through discussion and/or research that their account has been compromised, advise the caller to re-register and suggest using IRS2Go. Suggest their account be disabled. If the caller needs time to obtain a new mobile device (i.e., phone or tablet), they will need to call back to reactivate the account before they begin the re-registration process. If caller would like their account disabled, follow steps in IRM 3.42.8.4.5 (4), Disable Account.

Secure Access Authentication for Taxpayers

  1. The Secure Access Authentication application is a shared service that allows a user to register and create an account in order to access IRS Online Applications (e.g., Get Transcript ONLINE, Identity Protection PIN (IP PIN), Online Payment Agreement (OPA), e-Services, ePostcard). The information required to register and level of validation varies based on the Online Application being accessed.

  2. Users register for Secure Access by creating an account. By creating an account, the user establishes a Username/password combination which expedites future access to IRS online applications as their authentication information is retained. For more information see "Secure Access: How to Register for Certain Online Self-Help Tools" https://www.irs.gov/individuals/secure-access-how-to-register-for-certain-online-self-help-tools. Additional Secure Access Authentication Information as it relates to e-Services users can be found in IRM 3.42.8.

  3. EPSS provides limited support for the following Secure Access related issues for inquiries received after the initial registration:

    • Login issues (password, Username, locked out)

    • Customer believes they did not create account

    • Customer needs account disabled/enabled

    • Customer is experiencing problems with accessibility (508) software (Dragon, Zoomtext, etc.)

    • Technical difficulties

      Note:

      All other Taxpayer related SAA issues are out of scope. See IRM 21.2.1.58, Secure Access eAuthentication, for more information.

  4. The taxpayer can designate a representative to act for them in enabling or disabling the taxpayer’s Secure Access/Online Services Account by submitting Form 2848. On the form, the taxpayer must indicate specific-use and indicate Disable or Enable Online Services Account in the "Matter " column (tax form/years would be marked "N/A" ).

  5. Follow all EPSS procedures for Interaction/Incident creation, solutions and authentication found within IRM 3.42.7.

Login Issues

  1. Research IDRS CC INOLES or IMFOLE to determine if the Date of Death (DOD) indicator is preventing access to the online account. If the DOD is preventing access to the online account, refer the caller to the Social Security Administration.

  2. If you cannot determine why the taxpayer is receiving the error message, provide the customer with an alternative online and/or telephone resource depending on the product they need.

Password Problems

  1. The password must meet the following requirements:

    • Be between 8 and 20 characters

    • Be case sensitive

    • Contain at least one numeric and one special character (excluded characters are the colon, semi colon, single quote, quotations, less than, greater than, period, question mark, parenthesis, slash and brackets)

    • Have at least one uppercase and at least one lowercase letter

    • Password be entered twice

  2. If the customer does not remember their password or is unsuccessful after three attempts, have them use the ‘Forgotten Password’ link on the sign-in page. They will need to answer two questions, click continue and then select save. If the customer does not answer the security questions correctly on the fourth try, they must re-register.

    Note:

    If the taxpayer did not create an account, and previously entered as a guest, they will need to create an account.

  3. If the customer receives locked/re-register message, advise the customer to re-register or if they believe they have the correct password, they may re-enter it after waiting 24 hours.

  4. If customer cannot resolve their password issue, provide the customer with an alternative online and/or telephone resource depending on the product they need.

    Note:

    There are no limitations to using previous passwords.

Forgotten Username

  1. The Username is not case sensitive. Users who previously registered using the guest option cannot recover a Username, they must create an account.

  2. If the caller previously created an account and has forgotten their Username, direct them to the ‘Forgot Username’ link on the sign-in page. They will be asked to enter the last four digits of their SSN or ITIN, and the original email address they registered with, in order to get an email with their forgotten Username.

  3. If the caller did not receive an email with their Username after requesting it, their email provider may be blocking the message OR they may have made an error when entering the last four digits of their SSN (or ITIN)/original email address. Direct them back to the Forgot Username link and ask them to try and recover their Username again. If they still don’t receive the email with their Username, direct them to the re-register link on the Forgot Username page and have them click on the link to re-register.

  4. If the caller can no longer access the email address used during initial registration or does not remember their email address, they must re-register by clicking the “Forgot Username” link and then selecting the “reregister” link.

    Note:

    If user believes they may have registered using a different email address than first thought, they can try to recover their Username again by using the other email address.

Re-Registration

  1. Customers may need to re-register on occasion to gain access to online information.

  2. Customers can re-register with the same or different email address.

  3. When the customer re-registers, they will receive an email with a confirmation code, and their previous Username will no longer be valid.

  4. When the customer re-registers, they will receive an email at the email address used for their previous and new account.

  5. The customer must complete the required entries and follow the online guidance.

  6. The customer must completely re-register in one online session to eliminate problems.

  7. If the customer receives a message that they are already registered, direct them back to the Forgotten Username page and click on re-register. The system should allow them to re-register during the second attempt.

Disable Account

  1. Differences in security requirements for the online applications (Get Transcript, Get an IP PIN, OPA) result in different customer experiences. The customer may receive an email or letter (CP 301) indicating an account has been created, their profile has changed, or they passed IRS validation but were not eligible for an IP PIN or did not pass additional authentication.

  2. Explain the email/letter they received is related to IRS Online Services. Ask customer if they recall creating or updating an online account (did they self lock their OSA account or register for an online account to request a transcript, request an OPA, or obtain an IP PIN, but forgot)? If customer recalls creating an online account, close Interaction.

  3. If customer does not recall registering or updating their profile, or requests their account be disabled, advise the customer that you will disable the account.

    • If asked about how this account could have been used, explain we do not have the capability to research historical records associated with an online product.

    • If the caller is concerned that they may be a victim of identity theft (IDT) they can consider filing an Identity Theft Affidavit with the IRS (Form 14039/Form 14039SP) which is available online at irs.gov (keyword identity theft). If the customer requests assistance in completing Form 14039, you can help the customer navigate to the form. If asked about mailing address or fax number, advise the caller to follow guidance in Form 14039 instructions. Advise the customer to wait 90 days before contacting the Identity Protection Specialized Unit (IPSU).

  4. Access the Secure Access Authentication System and disable the account using the steps in Figure 3.42.8-1 below:

    Figure 3.42.8-1

    Steps to View/Enable/Disable Online Services Account
    1. Select Enable/Disable User tab
    2. Select eAuth Admin Tool
    3. Select Enable/Disable User tab again
    4. Select drop down to search/view user by SSN (no dash 123456789), Name (all upper case FIRST LAST), Login ID or e-mail address
    5. Once user information is displayed, click on "Select" to proceed.

    Note:

    If no user information is displayed, inform the customer that the account does not exist.

    6. Select Enable or Disable
    7. In the Comments section, manually enter the following then click Submit:
    • Date of contact

    • Interaction number

    • Notate the caller’s phone number. If the caller will not provide one, notate phone number not provided.

    Note:

    Do not use the drop-down menu in the OSA system to enter the reason for the call.

  5. Enter TC 971 AC 522 using IDRS Command Code REQ77 in customer’s individual account when disabling the OLS account due to possible Identity Theft or customer stating they did not request an Online Services Account. Include the following reason codes in the Miscellaneous field when entering TC 971 or TC 972:

    • WI EPSS DISABLE - Use when entering TC 971 AC 522.

    • PPDS OPIP IRSERR - Use when entering a TC 972 to reverse a TC 971 entered in error.

    • PPDS OPIP NOIDT - Use when entering a TC 972 to reverse a TC 971 previously input by EPSS and caller is now stating they were not a victim of identity theft.

    Note:

    Use the date of the CP 301 for the secondary date if known, or use the previous day of the account disable.

  6. Before closing the Interaction, you must select the appropriate disable problem type and enter required information on the internal spreadsheet.

  7. The customer may deactivate their IRS account through the ‘Update Security Profile’ link after logging in. The customer can also change their Username, email address, phone number, password, site image, site phrase, and security questions/answers using this link.

  8. First time and returning users who have concerns about identity theft (ID theft) or unauthorized access to their data are able to self-lock or disable their OLS account using the Lock or Disable Your Account link on the OLS sign in screen on irs.gov. Customers will be required to authenticate by answering questions used to establish on OLS account to use this feature. Once an account is disabled, a customer cannot re-register or access any of the associated applications.

Enable Account

  1. To enable an OLS account, follow the steps in Figure 3.42.8-1.

    Caution:

    The customer must pass HRA before you enable their OLS account.

Previously Disabled Account

  1. Customers who successfully complete authentication and lock/disable their account cannot re-enable access to their OLS account at this time. You will need to enable the customer's account in this situation.

  2. The customer will receive a message to contact us when they attempt to login to an account that was previously manually disabled by EPSS. The account must be manually enabled and the user has to re-register.

  3. Customers who were impacted by the Get Transcript or other IRS Incidents may not be able to establish an IRS Online Services Account (OSA). If the caller indicates they received a letter regarding the Incident, access the Secure Access Authentication System and follow the steps above to check the status of the account by viewing the comments section. If the comments show a “bulk disable message” do not enable the account. Inform the caller their OSA account was locked for their protection and they are unable to register for an online account at this time. Reassure them their account is protected from any further suspicious activity. Provide the customer with an alternative online and/or telephone resource depending on the product they need.

Technical Problems

  1. If the customer receives a "Technical Difficulties" message which is preventing them from successfully resetting their password or updating their profile, document which error message the customer is receiving. Advise the customer to try again later and if needed, provide the appropriate referral information based on the product they need.

Problems with Accessibility Software

  1. If customer states they are having trouble with their accessibility (508) software (software designed to enhance access to technology for people with disabilities e.g., Dragon, Text, etc.) interfacing with the Secure Access Authentication application:

    1. Document Interaction with customer’s first and last name, phone number (with time zone), Username, and indicate which software the customer is using and any details the customer can provide.

    2. Escalate Interaction to Incident and assign to e-Services Technical Level 2 Provider Group.

E-Services

  1. E-Services is a suite of web-based products that provides customers with electronic options for interacting with the IRS. Customers include tax professionals, financial institutions, state agencies, IRS employees, and other qualified business partners. These services are available 24 hours a day, 7 days a week from any computer with an Internet connection. The e-help Desk assistors are responsible for providing quality service to external customers who may encounter problems or need information about e-Services.

  2. The e-help Desk assistors provide support for the following e-Services products:

    • IRS e-file Application - permits users to submit a new or revised IRS e-file Application to become an Authorized IRS e-file Provider and to update their application as needed. See IRM 3.42.10, Authorized IRS e-file Providers, for information on adding a new location, closing an office, etc.

    • Taxpayer Identification Number (TIN) Matching Application - allows payers of income subject to backup withholding to apply for the TIN Matching Program.

    • TIN) Matching Program - allows authorized users to match TINs and names directly against IRS records.

    • Transcript Delivery System (TDS) - allows users to electronically request and receive transcripts, wage and income documents for a taxpayer's account, and verification of non-filing. Tax preparers using TDS must have an unmodified Power of Attorney (POA) on file.

    Note:

    Registration is no longer an e-Services product. E-Services users must register using Secure Access Authentication.

  3. Products and Services Support (PSS) is responsible for the e-Services Technical Level 2 Provider Group and works e-Services issues that the e-help Desk cannot resolve on first contact.

    Reminder:

    Document the Interaction per IRM 3.42.7.6.8.1, Writing Descriptions for Level 2, when escalating to e-Services Technical Level 2. Escalate the interaction to obtain an Incident Management (IM) case number and provide the IM case number to the customer.

Accessing E-Services

  1. The e-Services system is fully compatible with Internet Explorer versions 9.0 and above. Users may experience problems with pages not populating correctly when using other browsers.

  2. Employees access e-Services via the Employee User Portal (EUP).

  3. Customers access e-Services via the Integrated Enterprise Portal (IEP). Access e-Services applications by one of the following:

    • www.irs.gov > "Tax Pros" > "Access e-Services" button > select application

    • www.irs.gov > Keyword search "e-Services" > "e-Services" > select application

Employee User Portal (EUP)
  1. The Employee User Portal (EUP) is a Web hosting infrastructure. It supports an Intranet portal that allows IRS employees to access business applications and data [e.g., e-Services and Modernized e-file (MeF)]. The EUP communicates with MeF via Application Message and Data Access Service (AMDAS). The EUP infrastructure is located on the IRS Intranet.

  2. Employee registration and authentication is required for the EUP. An OL5081 is not required for EUP access but is required for access to individual applications within EUP. To access the EUP, you will need the following information:

    • Standard Employee Identifier (SEID). If you do not know your SEID, locate it using the Discovery Directory at http://discovery.directory.enterprise.irs.gov/discovery/.

    • Appropriate e-Services roles. Obtain these from your manager. Request the roles through the Online 5081 at https://ol5081.enterprise.irs.gov/.

Integrated Enterprise Portal (IEP)
  1. The IRS Integrated Enterprise Portal (IEP) (previously referred to as "Registered User Portal (RUP)" ) allows registered individuals, third party users and self-authenticated individual taxpayers access to selected specific tax information and other sensitive applications and data. User interactions are encrypted from the user's workstation or system to the portal. The IEP also supports the exchange of bulk files of information with the IRS. The IEP communicates with the backend modernization application system.

Clear Cache
  1. Customers may receive an error such as "URL not found" , "Target not found" or "Response empty" when accessing and using e-Services because they need to clear their cache. Recommend the customer do the following:

    • completely close their web browser, clear the cache, and sign in again

    • set www.irs.gov as their only shortcut/favorite

    • get to login page by clicking on Tax Professionals and then e-Services for Tax Pros or searching using "e-Services" to get to the e-Services for Tax Pros link

  2. If the customer does not know how to clear the cache, determine which version of Internet Explorer (IE) the customer is using and provide the following assistance. E-Services will only support Internet Explorer (IE) 9.0 and above.

  3. For Internet Explorer (IE) 9.0 or above:

    • Go to Tools

    • Select Internet Options

    • Under Browsing History, select Delete. Make sure the Preserve Favorites Web site data check box is not checked, and the Temporary Internet Files and Cookies check boxes are both checked.

    • Click OK

    • Close and reopen the browser

Secure Access Authentication Registration for Tax Professionals

  1. Secure Access Authentication (SAA) Registration is the first step to access e-Services products. E-Services Registration migrated behind SAA in December 2017. As a result, new and existing users must complete the SAA registration process by creating an online account using personal information before they can access e-Services https://www.irs.gov/e-services.

  2. The following alternatives are available when a new user cannot pass authentication:

    1. Paper returns may be filed. EROs required to file electronically must attach Form 8948, Preparer Explanation for Not Filing Electronically, to paper filed return. Form 8944, Preparer e-file Hardship Waiver Request, is not required. This qualifies as an administrative exemption; therefore, Form 8944 should not be filed. Large Taxpayers mandated to electronically file must file the appropriate e-file waiver.

    2. For transcript alternatives, refer caller to irs.gov, search "transcripts" .

  3. Existing e-Services users (users with active registration accounts or inactive registration accounts and associated to an active application) will use their existing username to login as a returning user. Users will be required to:

    • Re-register by completing the new registration process and pass basic ID proofing, financial verification, and mobile phone validation (or have ability to receive activation code by mail).

    • Change their password. Users must keep their existing username.

    • Create a site image and phrase.

    Existing e-Services users who have not completed the new registration process in eAuthentication cannot recover their username. If they do not remember the username they created prior to the migration, their username will be pre-populated when they create their user profile. Existing e-Services users are not required to create a new PIN or modify their existing PIN. Existing e-Services customers who cannot pass the new registration process may qualify for an exception process, see IRM 3.42.8.6.2, Exception Processing.

  4. To become a registered user, the customer must provide personal information to establish their identity. The user must pass:

    • Basic Identity (ID) Proofing

    • Financial Verification

    • Mobile Phone Validation including Activation Code by mail

    The user will finish by creating a profile by selecting the following:
    • Username

    • Password

    • Site Phrase

    • Site Image

    Note:

    Some users may be prompted to update their username if it does not meet Secure Access username validation criteria.

  5. To successfully verify their identity, first time users will need the following:

    • Readily available email address

    • Legal Name**

    • Taxpayer Identification Number (Social Security Number (SSN) or Individual Taxpayer Identification number (ITIN))**, taxpayers on a joint account should use their own SSN and financial information

    • Date of Birth (DOB)**

    • Filing status and address (from their most recently filed tax return, unless a non-filer then they should enter their current address) and

    • Active account number from one of the financial services listed in (6) below

    • U.S. based text enabled mobile phone linked to their name or ability to receive an activation code by mail.

    **Verified using Social Security Administration (SSA) and/or IRS records

    Note:

    Due to system limitations, customers with a foreign address may be unable to successfully register online and should be instructed to use the alternative options.

  6. An acceptable financial service account number includes one of the following:

    • last 8 digits from a credit card (no American Express, Barclay, debit or corporate cards)

    • auto loan account number

    • mortgage or home equity account number

    • Home Equity Line Of Credit (HELOC) account number

    • student loan account number (Unable to verify Nelnet student loan accounts)

  7. A foreign individual with a SSN or ITIN may not meet all the registration requirements; and therefore, may not be able to complete the registration process. If they are unable to pass Secure Access Authentication (SAA), inform the caller they can use a third party to process returns electronically. Advise them to check the e-Services landing page for updates.

  8. If user calls and requests their registration be disabled follow steps in IRM 3.42.7.15.4.5 (4), Disable Account.

    Note:

    Once the account is disabled, the user will not be able to access e-Services.

Recertification

  1. A Secure Access user will be required to complete recertification when they have been inactive in the system for two years or more.

Exception Processing

  1. An exception process may be available for new and existing e-Services users who cannot pass Secure Access Authentication. This exception process allows users to be manually authenticated when they are unable to pass the online registration requirements (financial verification or mobile phone validation).

  2. Assistors should determine the point of failure for the customer and always try to resolve the issue before completing the exception process. For example: If the customer is unable to pass the phone validation, advise the caller to request the activation code by mail.

Existing E-Services Users
  1. This exception process provides most existing users an alternative path to pass the authentication process and continue to use e-Services products. Once authenticated, in order to pass the exception process, they must meet the trusted customer criteria and pass High Risk Authentication (HRA).

    Note:

    You are required to use the EPSS Authentication and Authorization Job Aid prior to determining trusted customer criteria.

  2. After authenticating the caller, you must complete two required steps before you can manually complete the caller’s registration process.

  3. The first step is determine if the caller is a trusted customer by verifying the caller is listed on an e-Services application in an authorized role of Principal, Responsible Official, Delegated User or Affordable Care Act (ACA) Contact or ACA Responsible Official.

    Figure 3.42.8-2

    If caller is ... Then ...
    Electronic Return Originator (ERO), Transmitter, Large Taxpayer or Software Developer
    • Research the e-file application to determine the Provider Status is accepted for one or more years and Electronic Filing Identification Number (EFIN) status is active.

    • Research EFIN status page to determine if at least one accepted IMF or BMF return was filed.

    • Software Developer only- with no returns filed must have passed software testing within the last two years.

    • Special Circumstances

      • If the customer closed their office in error, use their previous status to determine if the caller is a trusted customer

      • If the customer had to submit a new application because of business structure, you may use the previous EFIN to determine their provider status and return filing history. For the new application, the EFIN must be active and the provider status must be accepted or applied. If the callers EFIN was compromised, assign a new active EFIN and determine if all other trusted customer criteria is met.

    Circular 230 Participant
    • Research the e-file application to determine the Provider Status is accepted for one or more years and EFIN status is active.

    • Verify credentials for Circular 230 Participants:

      1. Certified Public Accountant (CPA) search: CPA Verify https://www.cpaverify.org/

      2. Attorney search: PublicRecordCenter.com http://www.publicrecordcenter.com/lawyers.htm

      3. Enrolled Agent (EA): Return Preparer Office http://irweb.irs.gov/AboutIRS/bu/rpo/default.aspx

    For ACA (TCC) Issuer, Transmitter or Software Developer.
    • Research the ACA Application for TCC to determine the TCC is active.

    • Research the Affordable Care Act Information Returns (AIR) Management Console (AMC) to determine if at least one AIR transmission has been accepted, accepted with errors, or partially accepted.

    • Use ACA Application for TCC to verify that the Software Developer has passed testing.

    For State (TDS and/or EFIN)
    • Verify the caller has an application on file.

      Note:

      These users are credentialed by the state and covered by Memorandum of Understanding (MOU).

    Income Verification Express (IVES) User
    • Research IVES application to verify participant number.

    TIN Matching User
    • Verify the caller is listed as a Principal, Responsible Official, Delegated user or Authorized Agent on the TIN Matching Application by researching TIN Matching Application (EUP>eserv-ESAM-Applications> Search TIN Matching Application.)

    1. If the caller meets Trusted Customer Criteria, continue to High Risk Authentication.

    2. If the caller does not meet Trusted Customer Criteria, refer to the Taxpayer Assistance Center (TAC) appointment line to make an appointment to visit a TAC for in-person identity proofing. Refer to TAC referral procedures in KM003708 Secure Access Authentication Tax Professional (Existing e-Services User).

  4. The second step is "Use the EPSS Authentication and Authorization Job Aid to perform High Risk Authentication (HRA)" .

    Note:

    The caller must pass the trusted customer criteria before HRA is performed.

    1. Follow the guidance in the table below:

      If HRA is Then ...
      "Met" Create the user’s profile by entering the following information in the eAuthentication module:
      • TIN

      • Name

      • Address

      • Filing Status

      • Date of Birth

      • Email address - User will receive a temporary password via email.

      • Temporary Site Image/Name

      Mail activation code to caller.
      Add comment in the applicable application indicating the caller’s name who passed exception processing.
      "Not Met" Refer caller to the Taxpayer Assistance Center (TAC) appointment line to make an appointment to visit a TAC for in-person identity proofing. Refer to TAC referral procedures in KM003708.
      Add comment in the applicable application indicating the caller’s name and reason for not passing the exception process and referred to the TAC.

  5. If the caller does not qualify for exception processing, for example a foreign user, advise the caller of the following:

    • They cannot have access to e-Services.

    • They can use a third party to transmit returns electronically.

    • Paper returns may be filed.

      Note:

      EROs required to file electronically must attach Form 8948, Preparer Explanation for Not Filing Electronically, to paper filed return. Form 8944, Preparer e-file Hardship Waiver Request, is not required and should not be filed as this qualifies as an administrative exemption.

    • Large Taxpayers or ACA filers mandated to file electronically must file their return(s) using an approved e-file provider.

    • For transcript alternatives, refer caller to irs.gov search "transcripts"

New E-Services Users
  1. The new user exception process allows individuals to be authenticated at a TAC when they are unable to pass the online SAA process (ID proofing, Financial Verification or Mobile Phone Validation).

  2. Assistors should determine the SAA point of failure for the customer and always try and resolve the issue before completing the exception process. For example, if the customer is unable to pass the phone validation, advise the caller to request the activation code by mail.

  3. Determine if the customer is an existing e-Services user before completing the new user exception process.

    • Ensure the caller has access to their email while they are on the phone and has their return information to complete HRA. If they do not have that information advise them to call back. Do not refer them to the TAC or update ENMOD.

    • Ensure caller’s address matches Integrated Data Retrieval System (IDRS) CC INOLES. If the address is different, the caller must complete Form 8822, Change of Address, and wait for the change to take place (up to six weeks) before they can complete the exception process.

    Note:

    If the caller files a joint return and that address is not reflected on the secondary taxpayer’s account on CC INOLES, refer the caller to Accounts Management (800-829-1040) to have the secondary taxpayer’s address corrected.

  4. Complete the following steps if the new user needs to be exception processed:

    1. Research Online Services Account (OSA) to determine if the caller already has an existing e-Services flag (eSvc) in OSA.

    2. Use the EPSS Authentication and Authorization Job Aid to perform High Risk Authentication (HRA). If caller does not pass HRA advise the caller of alternatives, otherwise continue.

    3. Refer the caller to the Taxpayer Assistance Center (TAC) to complete ID proofing. Follow TAC referral Procedures in IRM 3.42.8.6.10, Taxpayer Assistance Center (TAC) Exception Processing Support..

  5. Once the caller has completed the TAC process and called back, complete the following:

    • Access OSA to complete their SAA profile:

      1. Click on System

      2. Manage Users

      3. eAuth Send Confirmation for e-Services (new user)

      • Ask the caller for his/her First Name, Last Name, SSN/ITIN, and email Address, and enter it into the fields. SSN/ITIN (no hyphens) and Email Address will need to be entered twice to confirm they are entered accurately

      • Click submit to email the confirmation code to the address provided

      • If an error is returned because the user has already attempted an account under the SSN, then send the confirmation code using: eAuth Send Confirmation Code for eServices.

        Click on EAuth Create User for eServices:

        • Search by TIN without hyphens and click select

        • Have the caller read the confirmation code from their email and verify this against the email confirmation code field

        • Once the confirmation code has been verified, complete all the necessary fields. If the caller previously completed some of the SAA process some fields may be pre-populated

        1. Login ID - A username must be created. Ask the user to create one according to the rules (between 8-10 characters long; it cannot be an email address, SSN, or contain a space or special character); you may then enter it into the Login ID field. Upon successful submission, it becomes their permanent Login ID. If the username is already in use the system will return an error message and the user will need to select another username

        2. Username - If the username pre-populates, you may need to remove unneeded spaces at the end of the username or retype the username before the system will accept the username

        3. Password and Password Confirm - This is only a temporary password, examples: Password1!, Abcd123!, Greatday17!

        4. First and Last Name - As it is on their last tax return.

        5. Date of Birth - must be in yyyymmdd format

        6. Address - The address must match what is on IDRS INOLES. If it does not, the caller must complete Form 8822, Change of Address and wait for it to process up to 6 weeks before they can exception process.

        7. Level of Assurance - Select F from the drop down

          Reminder:

          This step is important and can cause the user to need to re-register if the field is not updated to F.

        8. Email Address - This field should pre-populate but if it does not the assistor will need to complete

        9. Mobile Phone - Should be left blank

        10. Site Phrase - 5 character minimum, the assistor will request this information from the caller

        • Click submit. A CP 301 with an activation code should arrive within 15 business days. The caller will need to enter this code in the system to complete their profile.

  6. Advise caller of the following:

    • Sign in to SAA and change the temporary password. Assistor should attempt to have the caller change the password during the call. If the user is unable to change the password and locks the account or is unable to update the password, advise the caller to wait 24 hours to update the password.

    • Once the Activation Code is received, the caller will need to sign in to complete the Secure Access Process. This includes registering the mobile phone, using Voice One Time Password (Voice OTP) or downloading the IRS2Go app to receive their recurring security code.

    • Advise the caller they need to wait 15 business days before contacting us if they did not receive their Activation Code by mail.

Secure Access Registration Issues

  1. Some e-Services customers request assistance with registration because they have been unsuccessful completing the process on their own. Be aware of lockout conditions and associated time frames when assisting customers with registration issues, see Figure 3.42.8-3 below.

  2. If the customer is having difficulty passing basic ID proofing, verify the customers SSN/ITIN, name, and DOB using command code INOLES. If the SSN, name, and/or the DOB of the customer do NOT match the information the customer provides, advise the customer to contact the Social Security Administration at 800-772-1213 to resolve the discrepancy.

    Note:

    Do NOT tell them what information is showing on the system.

    The filing status and address must match their most recent tax return. If their tax return was recently filed:
    • For e-filed returns: The caller should wait at least two weeks after they have received acknowledgement of an Accepted Return.

    • For paper filed returns: The caller should wait at least six weeks after they have mailed their return.

      Note:

      If the system doesn't match the address they entered, advise the user to try using their old or new address instead.

  3. If the customer does not receive their email confirmation, advise the customer to check their spam or junk folder. If needed, provide the caller with the email address IRS.online.services@irs.gov so they can have it removed as spam. The caller may need to contact their service provider or use an alternate email address. The confirmation code is only valid for 24 hours. If the 24 hour time frame elapses, advise the user to click on the link try resending the email. Remind the caller they should not close the browser window. If needed, they should open their browser page, or tab to receive email. If they closed their browser, they will need to start the process over.

  4. The caller may have trouble passing financial verification because their credit report contains little or no information about them. If they have one of the required pieces of financial information and they are unable to pass validation, advise them to try a different account number if they have one. If they continue to experience difficulty, advise the caller to contact the credit bureau to correct the information. If the caller is using a debit card, corporate card, Barclay card, American Express card or Nelnet Student loan account, advise the caller to use another financial account; the IRS is currently unable to verify these types of cards or accounts.

  5. The caller may have trouble validating their mobile phone. Advise the caller that a text-enabled U.S. based mobile phone is required for the SAA process. Their name must be associated with the mobile phone account. Landlines, Skype, Google Voice, or similar virtual phones will not work. Participating carriers include AT&T, T-Mobile, Verizon Wireless, Sprint, Boost, U.S. Cellular, MetroPCS, Virgin Mobile, and Cricket. During initial registration, the six-digit activation code is received by text and is only valid for 15 minutes. If the code was not received or the 15-minute time frame has elapsed, advise the customer to click the "Try Again" link to resend a new activation code. Callers cannot copy and paste activation codes into the system. If caller does not receive the activation code by text it may be because the mobile phone could not be verified with the caller’s name. After two attempts of requesting the activation code, the user will be prompted to request the activation code by mail. If unable to complete in a one-time session or the caller does not have a text enabled mobile phone in their name:

    • The caller may choose the alternative verification option of "activation code by mail" . The code can take 15 business days to arrive. The activation code is valid for 30 days.

    • A text enabled mobile phone, Voice One Time Password (Voice OTP) or the IRS2Go app will still be needed for the recurring security code. This security code is needed for the login process.

  6. To receive the recurring security code, users will choose one of the following:

    • Mobile phone - The caller may register a mobile phone (not in their name) so they can receive the recurring security code. The number must be a U.S. based phone that is text enabled. Users who have successfully registered for e-Services will receive a six digit security code via text message each time they log into e-Services. The code is only valid for 15 minutes. If the code was not received or the 15 minute time frame has elapsed, advise the customer to click the "Try Again" link to resend a new security code. Requesting the security code multiple times may cause a lockout.

    • IRS2Go Application - The caller must select "Set up a security code using IRS2Go mobile app instead" on the "Add your mobile phone number" screen in Secure Access and download the IRS2Go mobile app. In the App, have user click on the "Security Option" and enter their username and key from the SAA page and click "Add" . A security Code will be generated every 60 seconds and the caller will need to enter the code into the Secure Access Screen. This will syncronize the Mobile App and system together. Once IRS2Go is configured, the mobile device does not require data or an Internet connection. Only one user per device is allowed.

    • Voice OTP - Users who have successfully registered for e-Services and selected Voice OTP for the recurring security code will receive a six-digit security code via voice message each time they log into e-Services. The code is only valid for 15 minutes. If the code was not received or the 15-minute time frame has elapsed, advise the customer to click the "Try Again" link to resend a new security code. Requesting the security code multiple times may cause a lockout.

      Note:

      Currently the Voice OTP is not fully implemented in Secure Access and the system will send a recurring security code by text message. The user can still request the Voice OTP recurring security code but the user is required to select the link for Voice OTP within Secure Access at each login attempt.

  7. If the customer requested but did not receive their activation code by mail and it has been more than 15 business days since they created their account, advise the caller the activation code is mailed to their address of record. If the user has moved and has not notified the IRS of their address change, they can submit Form 8822, Change of Address ; however, they will need to wait until the address change has been updated (up to six weeks) before they request a new activation code. If the customer’s address has not changed, advise the user to request a new activation code. The old activation code will be disabled when the user clicks the link to request a new activation code. The user will need to create their user profile after entering the 6-digit activation code by text or after they request the activation code to be mailed. Failure to create their user profile will result in the customer not being able to login when the activation code arrives by mail.

  8. If the caller has an "x" for a site image and a ‘blank’ site phrase, after entering their username, it means the caller did not complete their profile. Advise the caller to re-register. They will need to request a new activation code. Advise the caller to create their profile before exiting.

  9. Multiple attempts to complete the steps above may cause the user to lock their SAA account, see Figure 3.42.8-3 for lockout conditions and time frames.

    Figure 3.42.8-3

    Step Attempts Lockout Period System
    Unsuccessful Login Attempts 3 24 hours eAuth
    Text Activation Code 3 24 hours eAuth
    Request Activation Code by Mail 5 Rolling 12 months (12 months from last attempt) eAuth
    Basic ID Proofing Integrated Customer Communication Environment (ICCE) 3 24 hours eAuth
    Financial Verification Lockout 3 24 hours eAuth

    Note:

    Lockout Periods apply to all OSA accounts.

Invalid Username or Password

  1. The customer may have trouble selecting a username or password and receive a message that states, The Username or Password is not valid.

    Note:

    Existing e-Services users who have a registration account and have not completed the new registration process in Secure Access Authentication cannot recover their username. If they do not remember the username they created prior to the migration, their username will be pre-populated when they create their user profile.

  2. If caller receives the error message "Username cannot contain a space, an @ sign or a Social Security Number" , escalate to an incident, provide the incident number to the caller and assign to the e-Services Technical Level 2 provider group.

  3. See IRM 3.42.8.6.8, Username Rules/Inquiries, and IRM 3.42.8.6.7, Password Rules/Inquiries, for username and password rules.

Modify an Existing Password

  1. If the caller wants to update their existing password, they need to do the following:

    • Go to IRS.gov > Keyword "Get Transcript" > "Welcome to Get Transcript" > click "Get Transcript Online" . They will then be redirected to the Get Transcript system.

    • Sign into the system and click the Profile link.

    • Enter their existing password, then enter a new password and then re-enter the new password.

    • Click on the update button to save changes.

      Note:

      If the user receives an error when modifying the password, have them try inputting a new password.

Update Profile

  1. If the caller would like to update their profile or add/remove IRS2GO to receive the recurring security code, explain the following:

    • Go to irs.gov > Keyword Get Transcript > Welcome to Get Transcript > Get Transcript Online

    • The caller will be sent to the Get Transcript system and the caller will need to sign into the system to see the Profile link

      Note:

      Explain to the caller when IRS2Go is set up, it becomes the default method for the security code.

  2. The user can update the following profile settings:

    • email address

    • mobile phone number for recurring security code

    • site image

    • site phrase

    • password

    The user will receive an email notifying them of the profile change.

    Note:

    If the caller needs to make changes to their name, they must re-register.

Password Rules/Inquiries

  1. The password must meet the following requirements:

    • Must be between 8 and 20 characters

    • Is case sensitive

    • Must contain at least one numeric and one special character (excluded characters are the colon, semi colon, single quote, quotations, less than, greater than, period, question mark, parenthesis, slash and brackets)

    • Must have at least one uppercase and at least one lowercase letter

    • Must enter password twice

  2. Assistors cannot obtain the caller’s password. The user will need to click the forgot password link. The user will be required to provide their date of birth. A temporary password will be sent to their email address. The user will be required to change the password at login. If the customer cannot access the email account they used to register, they will be required to register as a new user and complete the registration process again. The user will receive an email notifying them of the password change. If the customer fails three times, their account is locked for 24 hours. For additional lockout conditions, see Figure 3.42.8-3 Lockout Conditions in IRM 3.42.8.6.3, Secure Access Registration Issues.

    Note:

    There are no limitations to using previous passwords.

Username Rules/Inquiries

  1. The username must meet the following requirements:

    • Must be between 8 and 10 characters

      Note:

      E-Services users will be limited to 8-10 characters while other SAA applications can use between 8-24 characters. If the caller has an existing SAA profile for another product and the username is over 10 characters, they will be prompted to change their username.

    • Cannot be an email address

    • Cannot be the user’s TIN

    • Cannot contain a space or a special character (!@#$%"&")

    • Must be a unique username; it cannot be the same as another user’s username.

  2. Assistors will not provide the customer’s username. The user will need to click the forgot username link. The user will only be able to recover their username if they completed the registration process. The user will be required to provide:

    • Their email address as listed on their SAA profile

    • The last four digits of their TIN

  3. The username will be sent to their email address. If the customer cannot remember or access the email account they used to register, they must click on the re-register link and complete the registration process again.

Registration Error Codes

  1. If e-Services User is receiving an error code 114, assign incident to e-Services Technical Level 2 Provider Group.

  2. If e-Services User, is trying to complete the Terms of Service (TOS) and the page is not appearing, the page is looping or the page takes the user straight back to the e-Services page on irs.gov without offering the user a chance to sign the TOS, assign incident to e-Services Technical Level 2 Provider Group.

Taxpayer Assistance Center (TAC) Exception Processing Support

  1. Taxpayer Assistance Center (TAC) employees provide in person identity proofing for individuals registering or re-registering for e-Services. TAC employees assist individuals referred by EPSS who cannot successfully register for an e-Services Secure Access Account.

  2. To refer an e-Services user to the TAC, complete the following:

    • Open an IDRS Control Base on ENMOD using EPSS_SAA activity code and update the control base with "SENTTOTAC" .

      Note:

      Do not update a previously opened ENMOD control base (i.e., from the Revalidation project (Letter 5903).

    • If the caller has not tried to complete the online Secure Access process, have them try before making an appointment with the TAC.

      Refer domestic callers to the TAC Appointment Line at 844-545-5640 to make an appointment. Inform the caller of the following:

      • The caller must tell the TAC representative they were referred to make an appointment because they were unable to verify their identity for Secure Access Authentication (e-Services).

      • The caller must bring a government-issued photo ID and Social Security Card or an original or certified embossed birth certificate to the appointment.

      • After completing the in-person ID proofing at the TAC, the caller must call the e-help desk again to complete their profile. They must have their ID proofing documents readily available when they call back.

    • For international callers who cannot complete their Secure Access Authentication account, provide them with the alternatives based on the product they are accessing.

  3. After successfully identity proofing a customer for e-Services, TAC personnel will document the action in Accounts Management Services (AMS) as a history item with the following information:

    • E-Services Identity Proofed

    • The type of identification presented and the last 4 digits of the ID number from one form of identification

    • Date the identity proofing was completed

    The TAC will then advise the customer to contact the e-help Desk toll free at 888-841-4648 for assistance in establishing their Secure Access account profile.

  4. When the caller contacts us after they’ve ID Proofed with the TAC, complete the following:

    • Use AMS Narrative History Item to compare TAC comments/documentation used to ID proof customer. Follow the guidance below to determine if the caller completed TAC Validation.

    • If the narrative states "e-Services Identity Proofed" , verify the last four digits of the customer’s ID they used to ID proof. After verifying, complete the caller’s profile. Close the IDRS EPSS_SAA Control Base on ENMOD with "TACPASSED" activity code.

    • If there is no ID number entered in AMS and the caller went to the TAC within the last 30 days, verify the city and state of the TAC location they visited. After verifying, complete the caller’s profile. Close the IDRS EPSS_SAA Control Base on ENMOD with "TACPASSED" activity code.

    • If customer states they completed ID Proofing and there are no comments in AMS, document the username, date of TAC visit, TAC office and location and escalate the interaction to an incident, provide incident number to the caller and assign to SAA Tax Pro provider group.

TAC Referral Procedures

  1. Complete the following to refer a caller to the TAC:

    1. Open an IDRS Control Base on ENMOD using EPSS SAA activity code and then updating the control base with SENTTOTAC. Follow guidance in the Secure Access Authentication Desk Guide.http://serp.enterprise.irs.gov/databases/portals.dr/epss/secure-access-authentication/secure-access-authentication-desk-guide.pdf .

    2. If the caller has not attempted to complete the online Secure Access process online, suggest they attempt this process before making an appointment with the TAC. If they are successful, the caller will not need to go to the TAC.

    3. For domestic calls, refer to the TAC Appointment Line at 844-545-5640 to make an appointment.

      Note:

      Inform the caller they must bring a government issued picture ID and Social Security card or an original or certified embossed birth certificate.

Taxpayer Identification Number (TIN) Matching

  1. The e-Services TIN Matching Program is intended to assist those members of the Third Party Payer community, and their authorized agents, with meeting their obligation for filing accurate and complete annual information return documents. In addition to financial institutions, other eligible entities are credit card companies, state agencies, third party settlement organizations, and third party network transaction companies. The system allows authorized users to match TINs and names directly against IRS records. The TIN Matching system allows for a proximal match for SSN’s, meaning the first letter of the name control must match, the second and third letters can be swapped, the third and fourth letters can be swapped, and any valid character in the second, third, or fourth position will create a proximal match (example: AXCD, ABXD, and ABCX would all be valid proximal matches for name control ABCD).

  2. TIN Matching does not divulge a taxpayer’s SSN or a business’s EIN. It only verifies whether or not the TIN and name combination which the user submitted matches IRS records. To participate in this program, authorized users must complete a TIN Matching Application through e-Services and meet the following eligibility requirements:

    • Applicant must be a payer of income subject to backup withholding submitted on Form 1099-B, Form 1099-DIV, Form 1099-INT, Form 1099-K, Form 1099-MISC, Form 1099-OID or Form 1099-PATR.

    • Payer must have filed Form 1096, Annual Summary and Transmittal of U.S. Information Returns, reporting income paid on Form 1099, or use the Filing Information Returns Electronically (FIRE) system to submit information returns electronically, in one of the last two years.

  3. Use IDRS CC PMFOL to research Payer Master File and verify payer is eligible to participate in TIN Matching.

  4. TIN Matching Roles:

    1. Principal - a partner or an individual who owns at least five percent of the firm that is applying to participate in the TIN Matching Program. The "Principal" may also be a corporate officer of a publicly traded firm, such as President, Vice President, Secretary, or Treasurer. The "Principal" must be the person who can legally bind the firm in matters before the IRS and must complete the original application to TIN Match on behalf of the firm. Principals may modify any section of the application. They may add and/or remove locations and authorized users and change the firm/organization information.

    2. Responsible Official - an individual who holds a supervisory position within the firm. A "Responsible Official" has the authority to update an application on behalf of their listed firm and firm "Principal" . The "Responsible Official" may change the firm/organization information, assign/disable "authorized agent" and "Delegated user" roles, add and/or remove locations and perform TIN Matching. Responsible Officials may modify any section of the application.

      Note:

      Only a Principal or Responsible Official can add another Principal or Responsible Official. It is a good practice to list a second person. The Responsible Official can be a different individual from the Principal. More than one Principal and/or Responsible Official can be listed.

    3. Authorized Agent - a person or firm that, with the payer’s authorization, transmits specific information return documents to the IRS on behalf of the firm and may match name/TIN combinations on behalf of the payer.

    4. Delegated User - an individual who will utilize the TIN Matching session options on behalf of the firm. A "Delegated User" may not assign or disable users or update applications on behalf of their assigned firm. A "Delegated User" may only perform TIN Matching on behalf of their assigned firm.

  5. Many users forget to resubmit the application after making additions or changes. Unlike an IRS e-file Application, the TIN Matching Application requires a PIN entry only at the initiation of the application, not after each subsequent change. If the authorized user (as outlined in paragraph 4 above) fails to submit the application, the assistor will submit the application in the interest of good customer service. Remind the caller that the application must be resubmitted after any changes to avoid future problems.

  6. Guidelines for the TIN Matching Program can be found in Publication 2108A, On-Line Taxpayer Identification Number (TIN) Matching Program.

TIN Matching Access Inquiries

  1. When the customer (payer) indicates that they cannot access TIN Matching even though their employer has named them as an authorized user, take the following steps:

    1. Verify the user has completed Secure Access Authentication and is Level of Assurance F.

    2. Verify the caller is using the correct link on irs.gov.

    3. Verify the caller is listed on the TIN Matching Application.

      Note:

      If they are not listed on the application, explain they will need to contact the Principal to be added. If the application is not in Completed status explain the principal must submit the application before they can see their links.

    4. If the caller is still receiving the error after trying all o the above, escalate incident to e-Services Technical Level 2 Provider Group.

Delete/Revoke/Restore a TIN Matching Application

  1. If the customer inquires about the ability to remove a firm's TIN Matching Application from the system or is requesting that a previously deleted application be restored, determine their role on the application. If they are not the Principal, advise the caller that only Principals can make such a request.

  2. If the caller is the Principal and still needs assistance with revoking, deleting, or would like to restore a previously deleted TIN Matching Application, advise the customer that their request will be referred to the e-Services technical staff for resolution. Escalate Interaction to e-Services Technical Level 2 Provider Group. Document Interaction with the following information:

    • Name of Principal

    • Username of Principal

    • Telephone number (with time zone) of Principal

    • Position in the company (president, vice president, owner, etc.)

    • Company name as shown on the TIN Matching Application

    • Company TIN as shown on the TIN Matching Application

    • Reason for revoking, deleting or restoring the application

Replace a Principal

  1. If there is only one Principal or Responsible Official on the application and they are no longer with the company or the application was started without a Principal or Responsible Official, advise the caller that only an owner, officer, or partner of the company can replace/add the new Principal. If the caller qualifies as a Principal, make the necessary changes and have the new Principal submit the application.

Bulk TIN - Valid Response

  1. When submitting a Bulk TIN Request (up to 100,000 TIN and name combinations), as well as an Interactive TIN Request (up to 25 TIN and name combinations), there are nine possible result codes. If the customer calls in for an explanation of these codes, offer the following definitions:

    1. 0 - Name/TIN combination matches IRS records

    2. 1 - Missing TIN or TIN not a nine-digit number

    3. 2 - TIN not currently issued

    4. 3 - Name/TIN combination does NOT match IRS records

    5. 4 - Invalid request (e.g., contains alphas, special characters). Must have TIN Type, TIN, Name (Name field is limited to 50 characters).

    6. 5 - Duplicate request

    7. 6 - Matched on SSN, when the TIN type is (3), Unknown

    8. 7 - Matched on EIN, when the TIN type is (3), Unknown

    9. 8 - Matched on SSN and EIN, when the TIN type is (3), Unknown

  2. If customer does not see the result code they were expecting, and asks for the correct TIN, explain we are not authorized to disclose that information and they will need to verify with their client.

Bulk TIN - No Response

  1. When a customer submits a Bulk TIN request, they will receive an acknowledgement page with tracking number. The customer will receive a response within 24 hours. If a customer calls because a response has not been received, or the results are illegible, ask the customer to resubmit their Bulk TIN request. Have them record the tracking number and the date/time stamp of their submission. If they still have not received a response after an additional 24 hours have passed, they should call the e-help Desk again.

  2. When the customer calls back because they still have not received a response, escalate Interaction to e-Services Technical Level 2 Provider Group. Include tracking number and date/time stamp provided by customer, username, and company EIN in Interaction documentation.

TIN Matching Suspended and/or Locked Out

  1. When the customer is suspended and/or locked out while performing Interactive TIN matching, they will receive a pop-up message indicating they are locked and the reason (e.g., Results Code 5 - Duplicate). Inform customer:

    1. The TIN Matching program contains a built-in security feature that detects when a taxpayer EIN, SSN or ITIN is being researched using different names.

    2. Account access is blocked for four days (96 hours).

    3. They will have to wait for the system to unlock them.

  2. When the customer is locked out while performing Bulk TIN Matching, the system will generate a tracking number for the submission and a message referencing this tracking number is sent immediately to their Secure Mailbox. The bulk lockout does not return result codes.

  3. General Services Administration (GSA) is the organization responsible for the System for Award Management (SAM) web site. If a GSA customer is locked out:

    1. Verify customer information (customer name, telephone number, firm name and EIN) in e-help Support System (EHSS). If not correct, document correct information in Interaction description along with the username and EIN.

    2. Escalate Interaction to e-Services Technical Level 2 Provider Group.

TIN Matching Error Messages

  1. Sometimes the customer will receive an error message when attempting to use TIN Matching. The two most common errors are:

    • Line %1 contains invalid data or has more or less semicolons

    • 96 Hour Lockout

  2. If the customer receives "Line %1 contains invalid data or has more or less semicolons" error message, they must correct and resubmit file.

  3. If the customer receives "96 Hour Lockout" error message, they must wait for the system to unlock them.

Transcript Delivery System (TDS)

  1. Transcript Delivery System (TDS) allows specific tax professionals, Reporting Agents, Low Income Tax Clinics (LITC), state and local governmental agencies, and internal IRS users to request and receive transcripts electronically. Large Taxpayers are not entitled to use TDS even though they may have submitted five or more accepted returns electronically. Tax professionals and LITC representatives must have a Form 2848 or Form 8821 on file to access client transcripts. Reporting Agents need a valid Form 8655, Reporting Agent Authorization.

  2. The e-Services product is available to:

    • an ERO who has successfully submitted five accepted e-file returns.

    • Circular 230 Participants, CPAs or attorneys that do not e-file and are applying only for TDS access.

      Note:

      The EUP user must select the "Do Not Cleanup" button on the "Summary" page to prevent these EFINs from getting inactivated during the EFIN Cleanup process.

    • Reporting agents with no minimum number of returns needed to gain access.

      Note:

      TDS can be manually assigned by an IEP EUP user if necessary. Prior to accessing TDS, a user must have or create an online account using Secure Access Authentication. See IRM 3.42.8.6 Secure Access Authentication Registration for Tax Professionals for additional information. The TDS link defaults to principals, responsible officials and Principal consents but must be manually assigned to a delegated user.

    • Low Income Tax Clinics (LITC) - the LITC Program Office inputs these e-file applications and can also make any necessary updates through the IEP EUP.

      Note:

      The "Do Not Cleanup" button must be selected for these applications.

  3. The following Individual Transcripts are available through TDS:

    • Account Transcripts show the information posted on the account, including payments, adjustments, etc., and are available for any account that is active on the IRS Master File.

    • Return Transcripts include most lines from the original return, including attached forms and schedules, and are available for returns filed during the current and three prior years.

    • Record of Account Transcripts are a combination of the account and return transcripts, and are available for returns filed during the current and three prior years.

    • Wage and Income Documents show income reported by payers on forms such as Form W-2 and Form 1099. Available for the current and nine prior tax years.

    • Verification of Non-Filing generates a letter when a taxpayer needs verification that a tax return was not filed, and is available for the current and three prior tax years.

    • Additional information on Transcripts is available in http://serp.enterprise.irs.gov/databases/irm.dr/current/21.dr/21.2.dr/21.2.3.dr/21.2.3.3.1.htm

  4. The following Business Transcripts are available through TDS:

    • Account Transcripts are available for any account that is active on the IRS Master File.

    • Return Transcripts are available for the current year and returns processed during the prior three processing years. BMF forms are available for Forms 1065, 1120, 1120-H, 1120-L and 1120-S.

    • Record of Account Transcripts are a combination of the account and return transcripts, and are available for returns filed during the current and three prior years.

      Note:

      Wage and Income Documents are NOT available for Business.

Access to Client Information

  1. Client information via e-Services cannot be accessed without a Form 2848, Power of Attorney and Declaration of Representative or Form 8821, Tax Information Authorization (TIA), on file. This authorization can be viewed on IDRS using CC CFINK and the taxpayer's TIN. Review the CC CFINK response screen for the following:

    • The Powers field must contain a "U" for Unmodified.

    • The information must be complete. If the information is not complete, the customer must mail or fax the Form 2848 or Form 8821 to the Centralized Authorization File (CAF) Unit.

  2. If the customer is using TDS and receives a CAF Failure error, research and provide the CAF number as follows:

    1. Request his/her name and address to research IDRS CC RPINK or CC CFINK.

    2. Verify the name control on IDRS matches the name control on the eFile Application.

    3. Confirm there is an existing CAF number(s) for the caller.

    4. Authenticate the caller's identity by following probes found in IRM 21.1.3.3, Third Party (POA/TIA/F706) Authentication.

    5. If the caller is using the wrong CAF number, you may provide the correct CAF number ONLY after verifying the practitioner's name and address match what is shown on the CAF database.

    6. If they DO NOT match and the practitioner is actively working with their client to resolve a tax account issue as outlined in IRM 21.3.10.2 (2)Practitioner Priority Service (PPS) Overview, they may call the Practitioner Priority Service (PPS) at 866-860-4259 to secure transcripts. PPS is a nationwide toll-free, account related service for all practitioners and serves as the first point of contact for assistance regarding their clients' account related issues.

    Note:

    Assistors will only look up and provide the correct CAF number when providing support for TDS rejects. All other requests are unsupported and will be referred to PPS.

Centralized Authorization File (CAF)
  1. The following forms must be mailed or faxed to the CAF Unit.

    • Form 2848, Power of Attorney and Declaration of Representative (POA) - A taxpayer can grant authority to representatives to receive tax data and represent them before the IRS. Form 2848 covers specific tax forms and tax periods.

    • Form 8821, Tax Information Authorization (TIA) - A taxpayer can grant authority to any individual or organization to inspect or receive the taxpayer's confidential tax information. Form 8821 covers specific tax forms and tax periods.

      Note:

      A signed copy of Form 2848 or Form 8821 must be retained in the authorized representative's files.

  2. The authorization must post to the CAF database prior to them submitting a TDS request for transcripts through e-Services.

  3. Direct customer inquiries regarding multiple CAF numbers, name change requests, etc. to CAF. Assistors will direct callers to the appropriate CAF unit for their state. CAF Unit mailing addresses and fax numbers are located on the CAF Unit Addresses, Fax Numbers, and State Mapping page of irs.gov, form instructions, and IRM 21.3.7.1.3, Processing Sites (CAF Function).

Rejected TDS

  1. TDS will reject requests for transcripts if any one of the following conditions is present on the taxpayer's CAF record:

    • Designation level under the column LV shows "X" .

    • Powers Code under the column AUTHS shows anything other than "U" (Unmodified).

    • Column RCTS shows "R" (authority to receive a refund), this is considered to be a modification for e-Services purposes.

  2. TDS will reject requests for transcripts if any one of the following conditions is present on the representative's CAF record in the CAF STATUS or STATUS field:

    • Undeliverable

    • Deceased

    • Disbarred

    • Suspended

    • Resigned

    • Ineligible

    • Inactive

  3. Programming changes were made to allow transcripts for tax years not impacted by identity theft. TDS does not generate transcripts for any tax year where there is an Identity Theft Indicator on the account. Programming changes in January 2017 stopped letters from going to clients when a transcript is requested by the POA and the account has been affected by identity theft for that year. The letter to the practitioner will direct them to call the Practitioner Priority Service at 866-860-4259 for assistance in obtaining a transcript for years affected by identity theft.

Married Taxpayers

  1. A valid POA or TIA is required for at least one of the joint filers for the following transcripts: Account Transcript, Tax Return Transcript, and Record of Account Transcript. However, a representative is only entitled to Verification of Non-Filing and Wage and Income Transcripts for the joint filer for which they have a valid POA or TIA.

IRS Employees

  1. Advise IRS employees who experience problems using TDS to contact the Information Technology Support Desk at 866-743-5748, to open a Knowledge, Incident/Problem Service Asset Management (KISAM) ticket.

State Users

  1. Advise state users to contact the Disclosure Manager for their state to apply for the TDS product. IRS Disclosure offices may be found at the Disclosure Contacts Link https://portal.ds.irsnet.gov/sites/vl003/Lists/DBasicsContacts/LandingView.aspx. The Disclosure Help Desk number and email address are for internal use only.

Common TDS Problems

  1. Sometimes the user has problems transmitting and receiving their TDS information. The following subsections may help to resolve those issues. If the problem is still not resolved, escalate Interaction to e-Services Technical Level 2 Provider Group. Always include the username in the write-up when elevating to Level 2.

Bulk Request Upload Error Message
  1. When the customer is sending a bulk file, it should not contain more than one megabyte (MB) of information. If the customer calls because of the "Bulk file contains errors" message, follow the chart below:

    Figure 3.42.8-4

    If ... Then ...
    The file name is not lowercase and the extension is not .txt Advise the customer that their file name must be lowercase and the extension on the file must be .txt regardless of what software (Word, Excel, Notepad, etc.) was used to create the file. Save the file in Plain text using Notepad and the extension .txt. Then try to upload the file again.
    The file is larger than 1 MB of information Advise the customer to lower the size of the file and try to upload the file again.

Unable to Receive Business Master File (BMF) Return Transcripts
  1. Sometimes the customer will request BMF return transcripts that are currently not available through TDS. A limited number of BMF return transcripts are available through TDS. If the forms the customer is requesting appear to be available, look up the authorities in IDRS using CC CFINK. If the customer's POA is not posted for the year(s) and form(s), advise them to submit a POA in order to update the CAF authorities.

  2. For state users: if the product, form number, and tax period (year and month) are available on TDS, the product is within the years available through TDS, and the customer still cannot get the product, escalate Interaction to e-Services Technical Level 2 Provider Group.

TDS Letters Cut Off or Cannot Print
  1. Customers may experience problems with printing transcripts. If the transcript is cut off in part, or will not print at all, assist the customer based on the type of browser the customer is using.

  2. For the Internet Explorer (IE) browser:

    1. Determine the version of Internet Explorer.

    2. Select Help in the web browser.

    3. Select About Internet Explorer (the version number of the browser software will be listed in the window that appears).

    4. Determine which version is listed.

    5. If lower than 9.0, update Explorer; download a new version of Internet Explorer from the Web site at http://www.microsoft.com. If the printout drops off of the right side of the page, even though the browser window shows everything and the version is 9.0, change the margins by clicking on File, Page Setup, change the left margin to .25, then print.

  3. If another browser is used, advise the customer e-Services is designed to work in Internet Explorer version 9.0 or above.

Income Verification Express Service (IVES) Users

  1. IVES is a partially automated service that provides two to three business day processing and delivery of transcripts to participants who pay a fee for this service. Each company must complete Form 13803, Application To Participate in the Income Verification Express Service (IVES) Program, which is reviewed for suitability then entered into the EUP by IVES Coordinators in the Return and Income Verification Services (RAIVS) unit. IVES customers request transcripts by faxing Form 4506-T, Request for Transcript of Tax Return, Form 4506T-EZ, Short Form Request for Individual Tax Return Transcript to the appropriate RAIVS unit. Once an IVES Application has been established for them by the RAIVS unit, and they are given a Participants/Consolidator Number, they are treated the same as any other customer. Transcripts are delivered to the customer's e-Services Secure Mailbox.

  2. The Principal, Responsible Official and Delegated User assigned to use e-Services products must register individually to create and have access to a Secure Mailbox. Only the Principal can access the IVES Detail and Summary Reports.

  3. IVES users may maintain and revise their application by logging into e-Services and clicking on the IVES Consolidator Application link, which will bring up the Main screen showing all links within the application.

    1. Principals can make changes to the following screens: Firm/Organization Information, Firm/Organization Address, Business Point of Contact, Establish Location(s), and Authorized User(s).

    2. Responsible Officials can only update authorized user(s).

    3. Delegated Users cannot make changes to the application but can retrieve transcripts.

    4. All other application changes (including Principal Information changes) must be submitted on a revised Form 13803, Income Verification Express Service (IVES) Application, and faxed to the RAIVS unit.

      Note:

      Even though the "IVES Consolidator Application: Principal Information" page shows an edit button, changes to Principal Information will not be made using e-Services. These changes must be completed by submitting a revised Form 13803 to RAIVS.

    .

  4. If the customer received transcripts without an approved Form 4506-T or 4506T-EZ, refer the customer to the RAIVS Unit where their request was faxed.

  5. Refer the customer to the RAIVS Program office for the following issues:

    1. Application was previously sent to RAIVS and there has been no response.

    2. Customer has trouble accessing the reports (transcripts).

    3. Customer has questions about billing or is disputing a billed amount.

    Note:

    Disputes must be raised with the program office within 15 days from the date of the invoice.

  6. For more information about the RAIVS process see Income Verification Express Services page athttps://www.irs.gov/individuals/international-taxpayers/irs-income-verification-express-service-ives Assistors should also refer to KM000593 Income Verification Express Services (IVES).

Miscellaneous E-Services

  1. The following sections provide general information related to e-Services.

PIN Rules/Inquiries

  1. Once the caller has completed the SAA process, the new e-Services user will be prompted to create a PIN. This PIN will be used to electronically sign their e-Services applications.

  2. If a user already has a PIN, it does not need to be changed.

  3. The customer may voluntarily change their PIN by logging in and selecting the "Modify PIN" link. The customer will:

    • Be prompted to enter a new five-digit numeric PIN and re-enter the PIN

      Note:

      The PIN is five digits and cannot be all the same number and cannot be the same as the last PIN.

    • Click the "submit" button to save the changes

  4. Once the PIN is affixed to an electronic document, it indicates that the person making any changes is authorized to do so.

Secure Mailbox

  1. Each registered user has a Secure Mailbox where data is placed or deposited. They access this data by clicking the Mailbox link found in the navigation tool bar along the top of each e-Services page. For most of the products, an email is sent to the user alerting them data has been placed in their Secure Mailbox. Depending on the type of data, and whether or not it has been Read or left Unread, the system will automatically delete the files. The delete time frames are as follows:

    Figure 3.42.8-5

    Product Read Unread
    TDS 3 business days 30 business days
    TIN Matching 3 business days 30 business days
    Business Rule Changes 3 business days 30 business days

Missing Links

  1. To see links, the caller must have created a Secure Access Authentication (SAA) account and the Assurance Level Achieved must show "F" . If caller completed the SAA process today, have them log out and then log back in to the application or product they were attempting to access to see if this resolves the issue. To trouble shoot missing links follow the guidance below based on type of user.

  2. ERO

    • Verify the caller is using the correct link on IRS.gov.

    • Verify the correct Organization Link was selected. If they previously selected their Responsible Official (RO) (DBA name with Address) link, have them try their Principal link (Legal Name without Address).

    • In EUP, verify the "Services Authorized For" tab has Transcript Delivery System and/or Reporting Agent Transcript Delivery System checked.

    • Verify the caller has "Authorities" checked by selecting the View icon next to their Name on the "Authorized Users" page.

  3. Circular 230 User

    • Verify the caller is using the correct link on IRS.gov. The caller should select "Transcript Delivery System (TDS)" then "Access TDS" button and login.

    • Verify the e-File Application was created and documented correctly for Circular 230 access.

    • In EUP verify the "Services Authorized For" tab has Transcript Delivery System checked. If the box is checked and everything above is verified, toggle the checkbox next to Transcript Delivery System and have the caller log back into the system.

  4. TIN Matching User, TDS State User, or State EFIN User

    • Verify the caller is using the correct link on IRS.gov.

    • Verify the caller is listed on the appropriate application.

  5. Application for TCC user

    • Verify the caller is using the correct link on IRS.gov.

    • Verify the correct Organization Link was selected. The organization will have "(ACA)" in front of the Company Name.

    • Verify the caller is listed on a current ACA Application for TCC (RO or Contact) by completing either a Person or Application Search.

  6. To troubleshoot missing Organization Links:

    • Close browser and clear cache/cookies. See IRM 3.42.8.5.1.3, Clear Cache for more information

    • Verify the caller is a Principal, Principal Consent, RO and/or Delegated User with authorities. Only 14 organization links can be seen.

  7. If the caller continues to receive an error or cannot see the appropriate links or Organization links after following the guidance above, document the issue and what steps were taken to resolve the issue. Escalate to an incident, provide the incident number to the caller and assign to e-services Technical Level 2 Provider group.

Acronyms

ACRONYM MEANING
EFIN Electronic Filing Identification Number
ERO Electronic Return Originator
EUP Employee User Portal
FIRE Filing Information Returns Electronically
FPC Fingerprint Card
HELOC Home Equity Line of Credit
HRA High Risk Authentication
IEP Integrated Enterprise Portal
IVES Income Express Services
PIN Personal Identification Number
POPS Proof of Professional Status
PUB Publication
RO Responsible Official
SAA Secure Access Authentication
TAC Taxpayer Assistance Center
TDS Transcript Delivery Service
TIN Taxpayer Identification Number
Voice OTP Voice One Time Password