Compliant Electronic Signatures for Tax Forms through the IRS and IVES
In early 2013, the Internal Revenue Service (IRS) created a set of requirements for electronic signatures on 4506-T or 4506T-EZ forms through the Income Verification Express Services (IVES). You can read the full list of requirements here. SIGNiX meets or exceeds each of these requirements.
In addition to the requirements set by the ESIGN Act, the IRS gives a set of compliance requirements that electronic signature vendors must meet to be approved to electronically sign documents on 4506-T or 4506T-EZ forms.
The IRS requires all IVES participants to prove that signers are who they say they are. SIGNiX offers a robust suite of identity authentication options. Many clients choose to use two or more of the following options (a method known as multifactor authentication):
- Email Authentication: With SIGNiX's email authentication option, the signer proves their identity by clicking a link to show that they have access to a certain email account.
- Shared Secret Questions: With SIGNiX's shared secret question authentication, signers answer a question that the document's creator chooses when they send the document. Common questions can include the last four digits of a person's account number, the signer’s mother’s maiden name or any other questions that help verify the signer’s identity.
- Mobile Phone Authentication: With mobile phone authentication (also known as SMS authentication), SIGNiX sends a text message to the signer with a randomly generated pass code. The signer proves their identity when they enter the correct code into our signing interface. This method is great for customers looking for an inexpensive, multifactor authentication method that’s easy to use.
- Knowledge-Based Authentication (KBA): With SIGNiX's knowledge-based authentication, the signer is prompted to enter their date of birth or social security number. If they correctly answer that question, they will be asked a set of four questions based on a database of 30 years of public records. This is a well-known identity authentication method that pulls information from credit reports, public health records, town hall records and more.
The IRS also requires that signers consent to receive and sign documents electronically before they move forward to view and sign the documents. SIGNiX has a customizable consent page, which clients can edit to fit their unique compliance needs.
The IRS requires that signed documents be protected from tampering. SIGNiX offers a feature called "tamper evidence," which makes it easy to see if someone has altered a document. If someone changes any part of the signed document (even something as simple as capitalizing a word or adding a comma), there will be proof that tampering took place.
At SIGNiX, we've taken it a step further. Our documents are tamper-evident not just at the end of the signing process, but from the moment the transaction is started. This provides evidence that the document wasn't altered between signing events, and can even show what the document looked like at each point in the signing process.
The IRS requires that electronic signature vendors record an audit log of the entire signing ceremony, and this information must be associated with the document for non-repudiation. The audit log must include:
- The date and time of signing
- The IP address of the signer
- Document lifecycle notifications
- The result of authentication (whether they passed)
- The result of consent (yes or no)
- Each electronic signature in the document
- Transaction creation
- Documents viewed by each signer
- Transaction completion
- Document downloads after signing
- Cancellations and opt outs
- Changed party information
IVES Participant Retention of Documentation
The IRS requires that IVES participants retain the audit log and the associated 4506-T or 4506T-EZ for at least 2 years. With SIGNiX's Vendor FreedomTM technology, our digital signatures are embedded into each signed document and audit trails remain available in a variety of formats, including PDF and XML. IVES participants don’t need to be SIGNiX customers to verify documents. The signatures, tamper-evident seals and audit trails can all be viewed by opening the document in any free PDF reader software.