Thursday, October 5, 2017

US reviewing alternate solutions to using Social Security Number as ID

Photo of old Social Security cards

Photo credit: zimmytws/Bigstock


Rob Joyce, White House cybersecurity coordinator, has confirmed recently that the White House administration is consulting with officials from outside agencies to work out a better system for identifying Americans. The recent breach at Equifax, one of the nation’s top 3 firms collecting data for credit card applications, underscores the need for change.

When the Social Security Number system was created by the Social Security Administration in 1936, it was intended solely for keeping track of individual earnings. Due to convenience, SSNs were quickly adopted by the private sector. Now they’re used for everything from loans and purchases, to marriage licenses, job applications, medical forms and more. They are so widely distributed, they can hardly be considered private, and are highly susceptible to hacking.

Social Security Numbers are not hard for a determined hacker to decode. The first 3 digits are a geographical code for the area you lived when you registered. Your birth date is also used when creating your number. If there’s one piece of information that is more widely distributed than your SSN, it’s your birthday. With your location and birthday, your SSN becomes relatively easy to figure out.

Social Security numbers are difficult to get replaced. To replace it you would have to show proof of continued harassment, and have documentation to prove your identity You can’t have it changed just as a precaution. Actual biometric scan data also can’t be changed. Many are concerned that this information could also be stolen from the agency storing it.

So what’s the best solution? Rob Joyce told a forum at the Washington Post that the administration is considering “modern cryptographic identifiers.” This may involve “a public and private key,” and the ability to get a new identifier if one has been compromised. In addition, we may end up having more than one identifier, specific customer ID’s for different purposes, which would allow Americans more control over their data.



US Reviewing Better Tech Identifiers After Hacks: Trump Aide

By AFP on Oct. 03, 2017, Security Week


Your Social Security number may not be secure. But how could we replace it?

By Hayley Tsukayama, Sept. 20, 2017, The Washington Post




Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)