A year after outcry, IRS still doesn't offer taxpayers alternative to ID.me:
When the IRS announced last year that it was working to roll out a government-administered tool to securely grant taxpayers access to online services, it seemed like a triumph for critics calling on the agency to end its controversial partnership with ID.me, a service that largely uses automated facial recognition to verify a taxpayer's identity.
But a year and another tax season later, the IRS still offers ID.me exclusively with no alternative vendor or in-person options. The lack of progress raises questions about the federal government's slow rollout of Login.gov and its reliance on a growing industry of private vendors to verify Americans' identities in order for them to access public services online.
Launched in 2017 to offer the public an easy way to securely log in to federal websites, Login.gov was supposed to streamline the way Americans interact with the federal government. Five years later and more than $187 million in government investment later, however, it still hasn't been widely rolled out.
As someone who has integrated Login.gov into services, I’m here to tell you that whatever the problems are with ID.me (I know what they are, I’m being rhetorical), Login.gov is not the answer. At least not without MAJOR changes to what it sees as its mission, and how it understands the imperative to achieve that mission.
As it stands today, it is a service that cannot validate the identity of >0 Americans, and has no process to handle when that happens. It’s embarrassing.
No joke — among the failures I personally have seen are two of my (security-cleared!) staff, and Login.gov’s response was “you will have to provide an alternate method of authentication and identity validation for your applications for these users, integrate it alongside Login.gov, and have users choose which IDP to use at login time.”
I don't doubt that login.gov is a clown car of fuckery and corruption, but "fixing" that by outsourcing to techbros cannot possibly make things better.
Like I keep saying: There are many ways to prove who I am to the State of California, and giving my biometric information to some third-party for-profit data-harvester with a Montenegro domain is not an acceptable one.
1000%. Just wanted to lay the marker down that when the IRS says they’re solving the ID.me problem by moving to Login.gov… now they have two problems. (*ducks* 😂😂)
And California specifically, too. Fuckers are still holding my vax QR code hostage (granted, I was only ever asked for it at two places - one of which was DNA Lounge). Glad I don't need to do anything DMV-related for years.
To be Scrupulously Fair, the IRS suffers from having one major political party that never stops trying to starve it to death, so it's not like there were any resources made available to deal with this.
Really, probably the only reason login.gov got off the ground at all was that it was Trump time and somebody got on some grift by letting it go forward with only id.me offered for authentication. login.gov is a scam IOW.
One of the more infuriating things about this for me is that Login.gov seems to work very well for the Social security administration. Easy to set up, easy to use, even for the less-than-tech-savvy 70+ year old relatives I've helped with it.
That it's not ubiquitous now? I find it very hard to believe it's because the technology isn't ready.
The Biden administration just published an executive order requiring that any executive-branch agencies have to support login.gov, but it's a little unclear (at least to me) whether this is going to cover the IRS:
https://www.whitehouse.gov/briefing-room/presidential-actions/2021/12/13/executive-order-on-transforming-federal-customer-experience-and-service-delivery-to-rebuild-trust-in-government/