Karachi, December 26, 2024 – The Pakistan Tax Bar Association (PTBA), the premier tax advisory body in the country, has strongly recommended that the Federal Board of Revenue (FBR) adopt Two-Factor Authentication (2FA) for securing taxpayer accounts on the IRIS portal.
In a letter to FBR Chairman Rashid Mahmood Langrial, PTBA President Anwar Kashif Mumtaz underscored the urgent need for enhanced security measures. He noted the current system’s requirement for taxpayers to update their IRIS passwords every 60 days, a practice fraught with inconvenience and vulnerability to cyber threats.
Mumtaz expressed concern over the misuse of the IRIS portal by malicious actors, who exploit security gaps to submit falsified documents. Such fraudulent activities not only result in significant revenue losses but also tarnish the portal’s credibility.
The PTBA acknowledged FBR’s ongoing efforts to digitize its operations, emphasizing the potential benefits of such initiatives. However, it also highlighted the challenges posed by low literacy levels and limited internet access, particularly in rural regions and on the outskirts of major cities. The association warned that the bi-monthly password update requirement could exacerbate these challenges, increasing the cost of doing business and deterring compliance.
To mitigate risks and align with international best practices, the PTBA proposed the adoption of 2FA or Multi-Factor Authentication (MFA). Both mechanisms enhance security by requiring additional layers of verification before granting access. The association noted that 2FA is widely regarded as a user-friendly and effective method.
“Under the 2FA system, users first enter their passwords and then provide a One-Time Password (OTP) sent to their mobile devices or generated by an authenticator app,” the PTBA explained. “This ensures robust protection against unauthorized access, even if the primary password is compromised.”
The PTBA stressed the necessity of implementing such measures to safeguard taxpayer data and bolster trust in the digital platform. “Incorporating 2FA will align the IRIS portal with global standards, enhancing both security and user experience,” the association stated.
In conclusion, the PTBA urged the FBR to prioritize this matter and swiftly integrate modern authentication protocols into the IRIS portal, enabling Pakistan’s digitalization efforts to meet the benchmarks of advanced economies.