IRS Commissioner John Koskinen wants Americans to know that as they cram to file their tax forms before the mid-April deadline, the security of their information is top-of-mind.
“At the IRS, there’s no argument about how to balance convenience and security, because security is now our highest priority, and that’s how it has to be,” Koskinen said Wednesday at the National Press Club in the nation’s capital.
Earlier this decade, the IRS became overwhelmed with “the problem of stolen data being used to file fraudulent returns,” particularly between 2010 and 2012, the commissioner said.
“Since then we’ve been making steady progress against identity thieves, and the progress accelerated in 2015 thanks to the collaborative efforts of what we call the Security Summit Group,” Koskinen explained. “In 2016, the number of people who identified themselves to us as victims of identity theft was down by 46 percent from the year before. That’s a stunning number and shows that we’ve improved our ability to stop criminals from filing returns using someone else’s personal information.”
The Security Summit Group brings together the IRS, state tax agencies and industry partners to improve taxpayer security and fight identity theft. The group, created earlier last year, has since been made a permanent part of the service.
Despite that, Koskinen acknowledged that identity thieves are upping their game, trying new ways to file fraudulent returns as more and more Americans — roughly 87 percent, he said — elect to file their taxes electronically.
“The fraud filters on our processing system is still catching a large number of false returns,” Koskinen said. “That shows that identity theft continues to be a major threat to tax administration and taxpayers.”
Last year the systems stopped $6.5 billion in fraudulent claims on nearly 1 million tax returns, he told the audience.
And just last week, the IRS acknowledged identity thieves may have used its data retrieval tool to obtain taxpayers’ sensitive information connected to the Education Department’s federal student aid application. It didn’t say how many people may have been affected by “questionable use” of the tool.
On top of that, the IRS deals with “more than 1 million attempts every day to maliciously attack and access” its systems, which are very, very old.
“Sixty percent of our hardware, and 28 percent of our software is out of date and needs an upgrade,” Koskinen said, adding that in some cases systems are more than 50 years old and run on programming language “more outdated that COBOL or Fortran.”
“That’s a problem because we’re losing people who understand those languages,” he said.
The IRS continues to explore new ways to serve Americans in the digital economy with the limited resources it has. One topic of much recent focus, Koskinen said, is allowing user to access their tax information online and engage with IRS representatives digitally.
But the associated security concerns have the IRS taking things slow.
“Before we offer a fully functioning online account, we must have and are committed to having a strong authentication process built in to protect taxpayers from identity theft,” Koskinen said.
“This may mean some added time and steps for people, but it’s worth it to keep those accounts secure.”
Federal income taxes are due April 18.