IRS proposal could turn taxpayer facial verification into long-term fraud database

The Internal Revenue Service (IRS) is considering a proposal that would authorize ID.me to retain taxpayers’ biometric data for years, a change that would deepen the role of facial recognition in federal tax administration and revive privacy concerns that forced the IRS to retreat from a similar controversy four years ago.

Under the proposal, biometric scans collected during identity verification for IRS.gov accounts could be kept by ID.me for as long as an account remains active and then for up to 36 months after the account is deleted.

The retained data could be accessed by government officials only as part of law enforcement or IRS inspector general investigations and through legal process.

The proposal reflects a growing concern inside the federal government that identity fraud is becoming harder to detect as criminals use stolen personal information, synthetic, and AI-generated images to impersonate taxpayers.

The proposed action has raised questions about how much biometric information Americans should be expected to give a private contractor to access government services online.

ID.me says biometric retention depends on the customer agency and that some customers require biometric information to be purged within 24 hours after a successful verification, while others require longer retention.

The company says it will not retain biometric information for more than 36 months unless there is a subpoena, warrant, or other legally compelling justification.

The new IRS proposal would move the agency toward the longer end of that retention model.

ID.me’s public privacy policy, updated May 7, says personal information provided in connection with a public sector agency verification may be retained for up to three years after account closure unless regulations require a shorter period.

The policy also says ID.me may retain data tied to high-risk transactions, particularly in government and health care settings, for fraud prevention and government audit purposes.

That language is important because the IRS proposal appears to turn what had been presented as a tightly limited identity-proofing process into a longer-term fraud investigation archive.

Instead of deleting biometric scans soon after verification, ID.me would preserve the material so investigators could later determine whether a taxpayer account was created fraudulently or whether the same biometric identity was used across multiple suspicious accounts.

The proposal also appears to involve one-to-many biometric matching, a more expansive form of facial recognition than simple identity verification. In a one-to-one match, a system checks whether a selfie matches the face on a driver’s license or other identity document.

In one-to-many matching, the system compares a face against a database of other faces to determine whether the same person appears elsewhere. Privacy advocates have long viewed that distinction as critical because one-to-many matching moves a system from identity confirmation toward biometric searching.

For the IRS, the appeal is obvious. If fraudsters are using the same face, altered face, synthetic identity package, or AI-generated image to create multiple accounts, database matching could help detect patterns that would not be visible in a single transaction.

The Department of Treasury Inspector General for Tax Administration reported this month that the IRS continually adjusts its identity theft filters to respond to emerging fraud schemes and that the agency selected roughly 7.5 million tax returns through identity theft filters in calendar years 2024 and 2025.

The IRS selected those returns for additional identity theft screening before issuing refunds or continuing normal processing. The filters flagged the returns because they showed indicators of possible tax-related identity theft, such as a return filed using a stolen Social Security number or other taxpayer information.

The IRS has been here before. In 2022, the agency faced bipartisan criticism after announcing that taxpayers would need to use ID.me facial recognition to access certain IRS online services. Lawmakers and privacy advocates objected to requiring Americans to submit biometric data to a private vendor to interact with the tax agency.

The IRS later said it would transition away from requiring biometric data and allow taxpayers to verify their identities through a live video interview instead.

That reversal did not end the government’s reliance on ID.me, but it changed the politics around it. The 2022 controversy established a baseline expectation that facial recognition would not be mandatory and that biometric data would not be retained indefinitely.

ID.me has maintained that it uses biometric and identity verification tools to prevent fraud and protect access to government services. Its public materials say biometric information is collected and processed to verify identity and help prevent fraud, and that disclosure beyond ordinary processing requires a legally compelling justification such as a subpoena or warrant.

Still, the proposal raises oversight questions that Congress, inspectors general, and privacy officials are likely to press. Among them are whether taxpayers will be clearly told how long their biometric data will be retained; whether they will have a fully functional non-biometric alternative; how one-to-many searches will be logged and audited; how often investigators will seek access to retained data; and whether false matches will be tracked.

The IRS’ proposal also raises a broader policy question about the future of digital identity in government. The IRS is under pressure to stop identity theft and fraudulent refunds, and the rise of deepfake tools gives agencies a legitimate reason to revisit old verification models.

But using a private biometric database as part of that defense risks normalizing long-term facial-recognition retention for access to public services.

If adopted, it would mark a significant expansion of the biometric footprint around IRS online accounts. It would give the government and its contractor a longer window to investigate fraud, while giving taxpayers less assurance that the face scan used to prove their identity will quickly disappear after the transaction is complete.

Article Topics

biometric identifiers  |  data protection  |  digital identity  |  fraud prevention  |  ID.me  |  identity proofing  |  IRS  |  U.S. Government