SARS announces big eFiling change for taxpayers
The South African Revenue Service (SARS) has implemented a change for individual income tax registrations for eFiling, which will now require biometric facial recognition.
The revenue service said that new eFiling registrations for Personal Income Tax may now require facial recognition for all individuals who register for eFiling using a valid South African ID.
This is a new measure being implemented, applicable to the eFiling website, the SARS MobiApp and the SARS Self-Service Kiosks.
According to SARS:
- The system will provide instructions e.g. required background setting, removal of head gear and glasses, facial position and distance from the camera, and online guidance to help users capture clear photos for the authentication.
- Individuals utilising the eFiling website or SARS MobiApp to register will require a device with a camera e.g. a Desktop with a webcam or a laptop with a camera feature or a smartphone with a camera.
- Individuals who do not have access to a device with a camera must book an appointment for a SARS official to assist with the eFiling registration.
- The existing eFiling registration, authentication and manual verification process will still apply to non-South African citizens.
The move to tighter security for new registration comes as the revenue service clamps down on eFiling fraud in the country, with scammers and criminal activity linked to eFiling profile hijacking escalates.
In August, the Office of the Tax Ombud (OTO) announced that it would launch a review of possible “systemic and emerging issues” at SARS related to eFiling profile hijacking.
SARS reported a rise in eFiling profile hijacking earlier in 2024, which involves criminals gaining access to taxpayers’ profiles through various methods.
Details are usually gained through vishing and other social engineering attacks, and the hijackers then gain control of profiles, changing banking details, creating other profiles and redirecting tax refunds.
The hijackers’ objectives are to redirect tax refunds to fraudulent bank accounts, which they set up specifically for this purpose.
The OTO said that SARS is an institution that should garner a high degree of trust, but the fact that its security protocols can be bypassed with such speed and ease raises serious questions.
SARS has previously refuted any indications that its staff could be involved with these activities—a denial it repeated in August.
However, the group said it was fully supportive of the OTO’s review and would cooperate with other authorities to mitigate any issues.
The latest update to its registration processes is thus ostensibly a new approach to help the taxman combat potential issues associated with this kind of fraud.
Read: SARS pulls the trigger on taxpayers – watch out for this notice