US Treasury considers alternatives to ID.me biometrics for IRS online access

An Internal Revenue Service contract being served by ID.me for online tax returns is continuing to generate controversy based on the use of facial recognition and biometric authentication, prompting a search for alternative identity verification measures.

Now the U.S. Treasury Department is considering alternatives for securing online service access, according to comments from a department official reported by Bloomberg.

A spokesperson told Bloomberg that due to a lack of funding for modernization, the IRS is dependent on external capabilities to secure taxpayer accounts against unauthorized access. The Treasury official also noted that the IRS protects all taxpayer data and ID.me is legally barred from disclosing data to third parties.

ID.me has previously disclosed the use of Paravision’s biometric facial authentication and iProov’s liveness detection, and now says it also uses Amazon Rekognition to carry out one-to-many biometric checks for fraud prevention.

The fraud check process results in less than 0.1 percent of selfies being flagged as potentially fraudulent, the company says.

“The only time biometric information is shared with a government agency is when there is apparent fraud and identity theft tied to the account associated with the agency,” according to a company statement.

Senate Finance Committee Chairman Senator Ron Wyden told Bloomberg he will seek further information about identity verification systems used by federal agencies.

In addition to the IRS, ID.me is used by the Social Security Administration, Veterans Affairs, more than half a dozen other federal agencies, and 30 states.

Among them is the California Employment Development Department, which flagged and suspended 345,000 disability checks associated with almost 27,000 medical providers the state deemed suspicious. Claimants and providers were referred to ID.me for identity confirmation, and 485 out of the near-27,000 were found to have been legitimate, or victims of identity theft, StateScoop writes.

Joy Buolamwini, who gained fame as a preeminent advocate for demographic fairness in biometrics and other algorithmic systems, writes for The Atlantic that the company has obfuscated the relationship between one-to-one verification and one-to-many identification, and failed to cite an example when it wrote that academic studies have failed “to use precise terminology.”

Buolamwini argues that demographic differences in accuracy (or “bias”) has resulted in delays or denials of benefits, citing problems experienced by individuals in Colorado, including a man who was allegedly denied benefits he was entitled to for months because of failed identity verification.

When asked by Biometric Update what the company attributes the delays in identity verification to, ID.me referred to a previous company statement.

Federal and state governments should stop using ID.me for online tax return and unemployment benefits processes, according to Buolamwini.

ID.me may have been a victim of its own success, as it is now hiring to enhance the customer experience of its 70 million digital identity users.

The company has also announced a plan to hire 750 workers to handle the spike in video chat volume.

ID.me is also making its support available around the clock seven days a week, and launching a “come back later” option, support for new languages, and a dedicated escalations team.

Article Topics

biometrics  |  digital identity  |  face biometrics  |  facial recognition  |  facial verification  |  fraud prevention  |  ID.me  |  identity verification  |  IRS  |  U.S. Government