IRS has implemented a Device ID field for electronic return filers and preparers

**kathyc2** · 06-12-2015, 12:30 PM

If I'm understanding this, it sounds like it will apply to all electronic returns, including the TubroTax type returns?

If so, it sounds like a good idea. Should cut down on people putting through mass numbers of fraudulent returns, and also "preparers" using TT to prepare returns w/o signing them.

Problem is the crooks are generally a couple steps ahead of those trying to catch them.

**FEDUKE404** · 06-12-2015, 04:50 PM

Good grief!

As my grandmother used to say. . ."Clear as MUD !!"

"...the software should request two specific pieces of unique information (i.e. SMBIOS UUID and primary hard drive serial number) of the device used to create an electronically filed return. These two pieces of information should be concatenated together and have no separators. The string of characters should be run through the SHA-1 algorithm and the resulting hash is the Device ID..."

And, somewhere, JohnH is exuberantly performing his own "happy dance."

FE

**DaveO** · 06-15-2015, 11:45 AM

So if I read this correctly a problem caused by loose IRS security and mandatory efile requirements is to be addressed by yet another requirement to be placed upon tax preparers. Sounds like a typical government response.

Not much information here. If you file through a server which device needs the ID? The server the work station or both?

**ATSMAN** · 06-15-2015, 12:12 PM

I believe it needs the device ID of the computer that was used to create and prepare the return. So if you use a commercial tax software it will be your computer device ID not that of the software vendor's e-file server.

**JohnH** · 06-15-2015, 01:45 PM

Originally posted by FEDUKE404

As my grandmother used to say. . ."Clear as MUD !!"

"...the software should request two specific pieces of unique information (i.e. SMBIOS UUID and primary hard drive serial number) of the device used to create an electronically filed return. These two pieces of information should be concatenated together and have no separators. The string of characters should be run through the SHA-1 algorithm and the resulting hash is the Device ID..."

And, somewhere, JohnH is exuberantly performing his own "happy dance."

FE

Thanks for the recognition.
As a matter of fact, I just now pulled out my e-flinging hardship exemption for the 2016 year and gave it a kiss.
I'm thinking of mounting the darn thing in a gold frame.

**Roberts** · 06-16-2015, 08:56 AM

Originally posted by ATSMAN

I believe it needs the device ID of the computer that was used to create and prepare the return. So if you use a commercial tax software it will be your computer device ID not that of the software vendor's e-file server.

and it's the sort of thing the software would produce automatically by accessing your computer's bios and hard drive.
Don't see the issue but I'm sure people will have a melt over it.

**taxea** · 06-17-2015, 04:38 AM

IRS is just telling us that they are implementing access to the origin of the return that was filed. They are also doing the following:

IRS Teams with Tax Prep Industry and States to Fight Identity Theft Tax Fraud

http://www.accountingtoday.com/news/tax-practice/irs-teams-tax-prep-industry-states-fight-identity-theft-tax-fraud-74879-1.html?utm_campaign=tax%20practice-jun%2016%202015&utm_medium=email&utm_source=newsletter&ET=webcpa%3Ae4574261%3A2481921a%3A&st=email

The Internal Revenue Service met Thursday with tax preparation and software companies, payroll and tax financial product processors, and state tax administrators to announce a sweeping new collaborative effort to combat identity theft refund fraud and protect taxpayers.

**David1980** · 06-17-2015, 11:22 AM

Originally posted by taxea

IRS is just telling us that they are implementing access to the origin of the return that was filed. They are also doing the following:

http://www.accountingtoday.com/news/...1a%3A&st=email

"• Reviewing the time it takes to complete a tax return, so computer mechanized fraud can be detected."

Some interesting data they're asking for. But at the end of the day it won't help at all if they don't use it. They've had the IP address for ages. They've obviously had the ability to see the reject and ack counts for any given EFIN. I would imagine large scale identity theft is easy to spot by high reject counts. Combined with IP address you'd think that would give them enough data to shut down most of those people. That they haven't suggests to me they don't have the resources to do so - in which case, collecting even more data won't help.

**TAXNJ** · 06-17-2015, 11:32 AM

You maybe right

Originally posted by David1980

"• Reviewing the time it takes to complete a tax return, so computer mechanized fraud can be detected."

Some interesting data they're asking for. But at the end of the day it won't help at all if they don't use it. They've had the IP address for ages. They've obviously had the ability to see the reject and ack counts for any given EFIN. I would imagine large scale identity theft is easy to spot by high reject counts. Combined with IP address you'd think that would give them enough data to shut down most of those people. That they haven't suggests to me they don't have the resources to do so - in which case, collecting even more data won't help.

Watching the news reports lately, You maybe right

**WhiteOleander** · 06-17-2015, 11:51 AM

Originally posted by David1980

"• Reviewing the time it takes to complete a tax return, so computer mechanized fraud can be detected."

Some interesting data they're asking for. But at the end of the day it won't help at all if they don't use it. They've had the IP address for ages. They've obviously had the ability to see the reject and ack counts for any given EFIN. I would imagine large scale identity theft is easy to spot by high reject counts. Combined with IP address you'd think that would give them enough data to shut down most of those people. That they haven't suggests to me they don't have the resources to do so - in which case, collecting even more data won't help.

I admittedly do not have much knowledge of these scenarios, but if they are logged into the WIFI at McDonalds, or Starbucks, or any major hotel, isn't that the IP address that would show up? It might be impossible to track down the actual user.

**David1980** · 06-17-2015, 01:30 PM

Originally posted by WhiteOleander

I admittedly do not have much knowledge of these scenarios, but if they are logged into the WIFI at McDonalds, or Starbucks, or any major hotel, isn't that the IP address that would show up? It might be impossible to track down the actual user.

True. However, if you have returns that you admit to filing and those that you claim someone else filed fraudulently using your EFIN and they all happen to come from the same IP address that's a little suspicious. And of course anyone using a normal internet connection.

With the new device ID, the IRS is in more or less the same place just replace IP address with device ID. Since they don't know what your device ID is, they can't confirm it's you - unless of course they get a court order to inspect your machine or something of that sort. And my guess is computers get "lost" when that happens. But again, if you have returns that you admit to filing with the same device ID they've pretty well established it was you. Same as with the IP address...

**JohnH** · 06-17-2015, 03:00 PM

I'm not following all of this, but does this mean they can catch an e-flinger who cheats and then admits his cheating if they ask, but they still can't catch a real criminal e-flinger who is probably already a technological step or two ahead of them anyhow?

IRS has implemented a Device ID field for electronic return filers and preparers

IRS has implemented a Device ID field for electronic return filers and preparers

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Disclaimer