As part of today's meeting of the IRS Security Summit, Intuit Inc. (Nasdaq: INTU) announced additional security measures for its consumer and professional tax software products. These measures build on safeguards enacted in prior years and reflect the company's continued role in supporting industry and government's collaborative efforts to fight fraud and help protect taxpayer information. As a result of actions taken following last year's inaugural Security Summit, the IRS has reported that fewer people became victims of tax-related identity theft this past tax season. Government and industry protected more taxpayers from tax-related identity theft, stopped more suspicious tax returns and prevented more fraudulent refunds from getting into criminals' hands. In fact, from January through April 2016, the IRS stopped $1.1 billion in fraudulent refunds. "Protecting taxpayers and strengthening the integrity of the U.S. tax system is a team effort, and the progress we've made together over the past 18 months demonstrates our shared commitment to fight fraud," said CeCe Morken, executive vice president of Intuit's ProConnect Group. "There's still much work to do. Intuit is committed to doing our part to actively promote a set of best practices and standards for reporting suspicious behavior to the IRS and state revenue agencies to help them improve their ability to identify tax fraud." Expanded Security for Tax Professionals The IRS Security Summit has developed industry requirements for authentication for online and desktop professional tax products. In support of these standards, and as part of Intuit's continued commitment to lead the industry with new capabilities, Intuit ProConnect has implemented enhanced security measures for Lacerte, ProSeries and ProConnect Tax Online.
- End-User Authentication in Desktop Software: New this year, all individual users within a firm who login and access Intuit ProConnect desktop professional tax software must create and use a unique username and password. After 30 minutes of inactivity, re-authorization will be required.
- Stronger Passwords: Passwords must now be at least eight characters in length and include a combination of upper and lower case letters, numbers and special characters. Passwords will expire every 90 days.
- Captcha Technology: Captcha technology helps ensures a person is signing in, not a robot and has been enabled to help protect Intuit online products.
Expanded Security for TaxpayersIn addition to the multiple security measures Intuit introduced in prior years in its TurboTax® products, including expanded multi-factor authentication, Touch ID account authentication and customer notifications, this year, additional measures have been put in place, including:
- Trusted Phone Number: TurboTax is making it easier for returning customers to regain access to their prior-year account by logging in with a phone number. Anytime returning customers come back to log in to their TurboTax account, they now have the added option of using a verified phone number for a trusted device. Adding a trusted phone number - one that can be used to receive verification codes by text or call, provides an extra layer of security.
- Anti-Phishing: TurboTax is taking additional steps to fight phishing scams. In their account history, customers can now view security and account emails that come from TurboTax, helping them determine whether an email they received is from Intuit.
- Stronger Passwords: Consistent with IRS Security Summit requirements for all tax software products, TurboTax passwords must now be at least eight characters in length and include a combination of upper and lower case letters, numbers and special characters.