kba esign provider recommendation needed

Software. Marketing. Training. Running your business.
#1
Posts:
886
Joined:
26-Feb-2016 10:14pm
Location:
Oakland CA
recently switched to Go Systems from UTax. GSTax considers it beneath them to offer esigning.

(kba = knowledge based authentication)

Not that UT esigings was so smooth, but it worked.

For GST I've been using CPAperless SignatureFlow which piggybacks off of Adobe/EchoSign cloud.

Easy enough to use (though it doesn't remember contacts and can's save templates so you have to drag and drop signature fields to the same forms every time)

But maybe 1 out of 10 clients have technical problems with it. CPAperless suggests telling clients to clear caches, history. change browsers, check blocking etc. all those things you don't ask a client to do just to sign something when they already suspect it's just to make it easier for the tax preparer.

CpaPaperless knows the issues and expects to have their own app in unknown future.

If you're not a Lacerte user, DocuSign only provides kba esigning to "enterprise" large accounts. DocuSign allows templates which I assume eliminate repetitive signature field placing?

HelloSign doesn't do kba but looks nifty.

The ShareFile kba product is both pricey and mediocre and confusing to both client and accountant.

There's a co out of Tenn, SignX which mentions they have a product for tax preparers but no info. Await info.

Funny thing is that Go Systems Tax has an efiling instruction option telling clients to email their signed efile authorization to your email address.

The IRS rules on esigning seem to be "honored in the breach" with many practitioners deciding it's ridiculous to require wet signatures or even kba when you are sure of the client's email address and access or you send and receive via secure portal.
 

#2
makbo  
Posts:
6840
Joined:
23-Apr-2014 3:44pm
Location:
In The Counting House
lenraphael wrote:The IRS rules on esigning seem to be "honored in the breach" with many practitioners deciding it's ridiculous to require wet signatures or even kba when you are sure of the client's email address and access or you send and receive via secure portal.

Not sure I agree with that. However, it is a confusing area with subtle definitions.

All efiled returns are signed electronically, via one of two PIN methods. Form 8879 is the authorization for the ERO to enter the PIN (the electronic filing signature). Form 8879 can be signed on paper and then returned any number of ways, including hand delivery, U.S. mail, private delivery service, fax, email or an Internet website. These are not considered "electronic signatures via remote transaction", even if email or a portal is used.

A true electronic signature of 8879 is where KBA comes in.

What I think you are going to lose, by no longer using UT's built in e-signature option, is that the efiled return won't contain the extra security info indicating what type of authentication was used. I strongly suspect, but can't prove, that the IRS gets certain data elements such as "AuthenticationReviewCd" and "TrustedCustomerGrp" (elements in the XML file transmitted) that allow it to treat the return as less likely to be based on ID fraud. In other words, I'm proposing that the IRS actually treats a return from an UltraTax user that has gone through UltraTax's KBA validation as more trustworthy than one that hasn't, although I don't think they can come out and state that publicly.

Incidentally, if a customer takes the PDF of the Form 8879 I send them, and they use Adobe Acrobat signature features to insert a graphic signature image, and then sends it back to me, I don't think it meets requirements for remote electronic signatures, since I am capturing only some, not all, of these:

• Digital image of the signed form;
• Date and time of the signature;
• Taxpayer’s computer IP address (Remote transaction only);
• Taxpayer’s login identification - user name (Remote transaction only);
• Method used to sign the record,(e.g., typed name); or a system log; or other audit trail that
reflects the completion of the electronic signature process by the signer.
 

#3
Posts:
886
Joined:
26-Feb-2016 10:14pm
Location:
Oakland CA
Do you remember the IRS doc where it listed acceptable methods for returning wet signed efile authorizations?

my impression only, is that IRS allowed prepared to accept only 1040 ext and return authorizations that were not wet signed, and only if kba was used. so a faxed wet signed 8878/8879 was not acceptable, nor was a scanned wet signed 8878/79.

for all other income tax returns, only wet signed efile authorizations were acceptable.

But if IRS does allow faxed or scanned copies of wet signed authorizations, I don't see how those carry any more indicia of authenticity than same form with signature drawn on it via Adobe Acrobat, Paint, etc.

I'll ask CPAperless whether they or Adobe/EchoSign provide any data to the irs when a form is signed. I doubt it because one doesn't give CPAperless or Adobe any info about the signer(s) other than email address. They don't know form number, year etc unless they are ocr'ng the document and transmitting to IRS without disclosing.
 

#4
makbo  
Posts:
6840
Joined:
23-Apr-2014 3:44pm
Location:
In The Counting House
lenraphael wrote:Do you remember the IRS doc where it listed acceptable methods for returning wet signed efile authorizations?

my impression only, is that IRS allowed prepared to accept only 1040 ext and return authorizations that were not wet signed, and only if kba was used. so a faxed wet signed 8878/8879 was not acceptable, nor was a scanned wet signed 8878/79.

for all other income tax returns, only wet signed efile authorizations were acceptable.

But if IRS does allow faxed or scanned copies of wet signed authorizations, I don't see how those carry any more indicia of authenticity than same form with signature drawn on it via Adobe Acrobat, Paint, etc.

It's in Pub 1345 and also at the IRS web site.

The taxpayer may return the completed Form 8878 or Form 8879 to the ERO by hand delivery, U.S. mail, private delivery service, fax, email or an Internet website.

I've never heard of Form 8879 audits, but I suppose they happen occasionally. Some wet signatures are totally undecipherable anyway, and we all know that some taxpayers probably forge their spouse's signature.

I do think the PDF file contains enough metadata to determine if the signature was added as a graphic image, vs. being part of a single page scan image. However a fax would completely lose any metadata.
 

#5
Posts:
886
Joined:
26-Feb-2016 10:14pm
Location:
Oakland CA
IRS seems to accept esigned 2848's. CA FTB rejected all 3520BE because " POA declarations cannot be processed with an electronic or digital signature. Please have the Taxpayer physically sign the declaration and resubmit." Go figure how scanning a secure digitally signed poa to the FTB is any less reliable than a wet signed CA poa scanned or faxed to the preparer who then scans it to the FTB. Or for that matter how or why should it matter if the taxpayer manually signs the poa pdf using a mouse or stylus as compare to printing out, signing with a pen, scanning to the preparer.
 

#6
makbo  
Posts:
6840
Joined:
23-Apr-2014 3:44pm
Location:
In The Counting House
lenraphael wrote:IRS seems to accept esigned 2848's.

But not KBA-based like a Form 8879 efile authorization, correct? I'm not sure I use the term "esigned" in the context of a wet ink signature that is digitized (including fax) along with the rest of the form in one pass. Now if the signer applies a digital signature into the PDF using Adobe Acrobat features, for example, I'd still call that "digital signing", not "esigning".

Reminiscent of a recent discussion thread about handwriting, perhaps the usefulness of the wet ink signature is becoming less and less all the time? I think I've mentioned previously that CA FTB is trying to develop pure paperless POAs but is having some bumps in the digital road, in terms of rejects and length of processing time.
 

#7
Posts:
886
Joined:
26-Feb-2016 10:14pm
Location:
Oakland CA
not KBA, but I don't think the CA FTB distinguishes between KBA or not for purposes of POA signatures.
 

#8
Hunter  
Posts:
40
Joined:
5-May-2014 10:01pm
Location:
Charlotte
KBA is such a pain. I wish there was an easier method. Like using 2FA for a portal sign in and then e-signing a return through that portal. Why is that not enough? Sheesh.
 

#9
Posts:
82
Joined:
1-May-2014 2:47pm
Location:
Southern California
KBA is not the requirement....identity verification is.

"Taxpayers may e-sign and e-file their tax returns after they verify their identity with the ERO. If the taxpayer is completing an in-person transaction, and the ERO and the taxpayer do not have a multi-year business relationship, then the ERO must perform the steps to identify and authenticate the taxpayer. If a taxpayer is completing an in-person transaction, and the taxpayer and the ERO have a multi-year business relationship, the ERO should, but is not required, to take the steps to verify the taxpayer's identity." -https://www.irs.gov/e-file-providers/new-electronic-signature-guidance-for-the-irs-efile-signature-authorization

Sounds like your solution would be appropriate, assuming that you'd previously met with and confirmed identity.
 

#10
makbo  
Posts:
6840
Joined:
23-Apr-2014 3:44pm
Location:
In The Counting House
Hunter wrote:KBA is such a pain. I wish there was an easier method. Like using 2FA for a portal sign in and then e-signing a return through that portal. Why is that not enough? Sheesh.

Because anyone could tell you they are Joe with email joe@anyolddomain.com, and 2FA could be set up at a portal using this login. How does that confirm that the person is really Joe? 2FA only helps confirm that one login password hasn't been compromised, not that the person is who they say they are. On the other hand, a picture ID card, such as passport or driver's license, can be used to verify the identity of someone you are facing in person. KBA performs much the same role for a remote transaction.

KBA only applies to remote transactions where the Form 8879 is not wet-ink-signed. If you are not doing remote, or are still using a wet-ink sig (optionally scanned and stored digitally), then KBA does not really apply.

Here is the actual requirement.

* Taxpayer’s computer IP address (Remote transaction only);
* Taxpayer’s login identification — user name (Remote transaction only);
* Identity verification: taxpayer’s knowledge based authentication passed
results and for in-person transactions, confirmation that government picture
identification has been verified; and,
* Method used to sign the record, e.g., typed name; or a system log; or other
audit trail that reflects the completion of the electronic signature process by
the signer.
 

#11
Hunter  
Posts:
40
Joined:
5-May-2014 10:01pm
Location:
Charlotte
It seems like its the "Identity Verification" that's the hang up. A tax portal could easily keep track of a computer ID address, taxpayers login identification and method to sign. Is there any known remote way to do "Identity Verification" besides the soft pull credit question/answer session that accompanies KBA? It's totally geared towards the big companies that are the only ones capable of pulling this off.
 

#12
makbo  
Posts:
6840
Joined:
23-Apr-2014 3:44pm
Location:
In The Counting House
Hunter wrote:It's totally geared towards the big companies that are the only ones capable of pulling this off.

I get what you're saying about about how only the "big companies" can set up a robust online KBA application, using the credit report soft inquiry questions. But the fact is, it is very accessible to the littlest of little guys. I pay for UltraTax on PPR basis, I use e-sign on a PPR basis (upon successful completion of fed & state including bank acct verification, $5). So my small practice can still offer this very easily, and the majority of my clients use it.

It's like efiling your Form 941 or 1099-MISC -- hard to do directly with the IRS as an individual, but dozens of firms offer an affordable fee per-filing to efile these.
 

#13
Hunter  
Posts:
40
Joined:
5-May-2014 10:01pm
Location:
Charlotte
For sure. It would just be nice if I could initiate it myself instead of having to go through ANOTHER provider. I'm pretty OCD and hate having to send my clients through 5 different vendors to complete a tax return. It's confusing for them and hard to keep track of for me. I've been able to successfully complete my own online portal (built by myself) and it encompasses most of all the steps needed to complete a tax return. Just can't figure out how to get KBA for e-filing.
 


Return to Business Operations and Development



Who is online

Users browsing this forum: FLAcct and 41 guests