IRS Taxes. Security. Together. Tax Tip Number 8, December 12, 2016
As part of a wider effort to protect taxpayers, the Internal Revenue Service took steps this year to strengthen access to several IRS.gov applications, including adding requirements for the use of security codes texted to mobile phones to access certain tools.
This security code process is part of a two-factor or two-step authentication process that is becoming increasingly commonplace, especially in the social media, financial and tax areas. The two steps to access accounts are your credentials (username and password) plus a security code often sent as a text.
The IRS, state tax agencies and the nation’s tax industry – partners in combating identity theft - ask for your help in their efforts. Working in partnership with you, we can make a difference.
That’s why we launched a public awareness campaign that we call “Taxes. Security. Together.” We’ve also launched a series of security awareness tips that can help protect you from cybercriminals.
To protect taxpayers, the IRS developed a new process it calls “Secure Access” following efforts by cybercriminals to impersonate taxpayers. Criminals are amassing more and more taxpayer data stolen from sources outside the tax system. They use the data to file fraudulent tax returns or to attempt access to taxpayer accounts.
The more rigorous Secure Access process supports the IRS Get Transcript Online and Get an IP PIN tools.
Here’s what you need to be successful:
- An email address;
- Your Social Security number;
- Your filing status and address from your last filed tax return;
- Your personal account number from a:
- home mortgage loan, or
- credit card, or
- home equity (second mortgage) loan, or
- home equity line of credit (HELOC), or
- car loan
- A readily available mobile phone. Only U.S-based mobile phones may be used. Your name must be associated with the mobile phone account to complete the process in one session. If you have a Google Voice or similar virtual phones or a pay-as-you-go plan, you can opt for an activation code by mail, which will take five to 10 days for delivery. Landlines and Skype may not be used.
Each time you access your IRS.gov accounts, you must have your username, password and your mobile phone handy to receive a security code.
You may be familiar with similar two-factor authentication options. Social media and financial institutions use this option to provide additional protection. For example, these sites may send a security code should they fail to recognize your computer device, there’s an attempt to change your password or there’s an attempt to transfer money.
The purpose of two-factor authentication is to ensure that you and only you are able to access your accounts.
The IRS, state tax agencies and the tax industry joined as the Security Summit to enact a series of initiatives to help protect you from tax-related identity theft. You can help by taking these basic steps.
To learn additional ways you can take to protect your personal and financial data, visit “Taxes. Security. Together.” Also read Publication 4524, Security Awareness for Taxpayers.