Rep. Barry Moore Introduces Bill to Strengthen VA Call‑Center Security and Protect Veterans From Fraud

WASHINGTON, D.C. - February 25, 2026 - Congressman Barry Moore (R‑AL‑01) has introduced new legislation aimed at closing a critical security gap in the Department of Veterans Affairs' call‑center operations. The VA Call Center Multi‑Factor Authentication Act would require the VA to implement modern identity‑verification safeguards for high‑impact actions conducted over the phone, protecting veterans from increasingly sophisticated impersonation and benefits‑theft schemes.

Moore said the bill responds to a growing threat landscape in which scammers target veterans by posing as them during phone interactions with the VA. While the agency already requires multi‑factor authentication (MFA) for online access to benefits and medical records, no comparable protections currently exist for sensitive transactions conducted by phone.

"Our veterans have sacrificed for this country, and the last thing they should have to worry about is a scammer stealing their hard‑earned benefits," Moore said in announcing the bill. "As impersonators grow more sophisticated, we must ensure the VA keeps pace by securing high‑impact actions with modern multi‑factor authentication. My legislation protects veterans' personal information and benefits without creating red tape for everyday interactions."

A Targeted Fix for a Known Vulnerability

The legislation focuses specifically on high‑impact actions-transactions that, if performed by an impersonator, could cause serious and lasting harm. These include:

- Diverting or rerouting benefit payments

- Altering account access or contact information

- Requesting or obtaining confidential records

- Authorizing changes that affect long‑term eligibility or financial status

Under current VA procedures, these actions can be completed over the phone using only basic identity‑verification questions. Moore's bill would require the VA to add a second authentication factor-such as a one‑time passcode, callback verification, or another secure method-before completing any high‑risk transaction.

This approach mirrors cybersecurity standards already used across federal agencies and private‑sector institutions, where MFA is considered a baseline protection against fraud and unauthorized access.

Why Phone‑Based MFA Matters

Veterans are frequent targets of identity‑theft schemes, and call‑center impersonation has become a growing vector for fraud. Criminals often use stolen personal data-such as Social Security numbers, dates of birth, or service records-to convincingly pose as veterans during phone calls.

Moore's office emphasized that while online MFA has significantly reduced unauthorized digital access, phone‑based vulnerabilities remain a weak point. The bill aims to close that gap without burdening veterans who are simply calling for routine questions, scheduling, or information requests.

The legislation is intentionally narrow: MFA would apply only to actions that could materially harm a veteran if performed by someone else. Routine calls-checking appointment times, asking general questions, or requesting mailed forms-would not require additional authentication.

How the Bill Changes VA Policy

The VA Call Center Multi‑Factor Authentication Act would amend Title 38 of the United States Code, the statutory framework governing veterans' benefits, privacy, and security. The amendment would:

- Require the VA to implement MFA for high‑impact phone transactions

- Align call‑center authentication with existing online security standards

- Establish a risk‑based model that avoids unnecessary burdens on veterans

- Modernize the VA's privacy and identity‑protection requirements

The bill has been referred to the House Committee on Veterans' Affairs for further consideration.

Support and Rationale Behind the Legislation

Moore framed the bill as a necessary modernization step, noting that impersonation tactics have evolved rapidly in recent years. Fraudsters now use spoofed phone numbers, AI‑generated voice cloning, and stolen personal data to bypass traditional identity‑verification questions.

"As impersonators grow more sophisticated, we must ensure the VA keeps pace," Moore said. "This legislation protects veterans' personal information and benefits without creating red tape for everyday interactions."

Cybersecurity experts have long warned that knowledge‑based verification-questions about past addresses, service dates, or personal history-is no longer sufficient to prevent fraud. MFA adds a layer of protection that is far more difficult for criminals to bypass.

A Growing Legislative Focus on Veteran Security

Moore's bill joins a broader congressional effort to strengthen protections for veterans' data and benefits. Recent years have seen increased scrutiny of:

- Fraudulent claims filed using stolen veteran identities

- Scams targeting VA disability and pension recipients

- Unauthorized access to VA medical and financial records

- Weaknesses in call‑center and customer‑service authentication systems

By focusing on high‑impact actions, Moore's legislation attempts to strike a balance between security and accessibility-ensuring veterans can still easily reach the VA by phone while preventing criminals from exploiting the system.

Next Steps in the Legislative Process

The bill's referral to the House Committee on Veterans' Affairs marks the first step in the legislative process. The committee may:

- Hold hearings

- Request testimony from VA officials

- Propose amendments

- Advance the bill to the House floor

If passed by the House, the legislation would move to the Senate for consideration.

Given the bipartisan nature of cybersecurity and veteran‑protection issues, the proposal is expected to draw interest from lawmakers across the political spectrum.

What This Means for Veterans

If enacted, the VA Call Center Multi‑Factor Authentication Act would:

- Reduce the risk of benefit theft

- Strengthen protection of sensitive personal and medical information

- Bring phone‑based interactions in line with modern cybersecurity standards

- Provide veterans with greater confidence when contacting the VA

For many veterans-especially older veterans or those in rural areas who rely heavily on phone communication-the bill could significantly improve the safety of their interactions with the VA.

A Legislative Push Rooted in Alabama's Veteran Community

Moore, who represents Alabama's 1st Congressional District, has frequently emphasized the importance of protecting veterans' benefits and ensuring the VA keeps pace with modern threats. Alabama is home to more than 400,000 veterans, one of the highest per‑capita veteran populations in the country, making the issue particularly relevant to Moore's constituency.

The bill reflects ongoing concerns raised by veterans' groups about fraud attempts targeting retirees, disabled veterans, and surviving spouses.

Conclusion

Rep. Barry Moore's VA Call Center Multi‑Factor Authentication Act represents a targeted, modernized approach to protecting veterans from fraud at a time when impersonation schemes are becoming more sophisticated. By requiring multi‑factor authentication for high‑impact phone transactions, the legislation aims to close a major security gap while preserving easy access for routine calls.

As the bill moves through Congress, it highlights a growing recognition that safeguarding veterans' benefits requires constant adaptation to evolving threats-and that the systems designed to serve veterans must be as secure as they are accessible.