US Studying Ways To End Use of Social Security Numbers For ID (securityweek.com) 311
wiredmikey quotes a report from Security Week: U.S. officials are studying ways to end the use of social security numbers for identification following a series of data breaches compromising the data for millions of Americans, Rob Joyce, the White House cybersecurity coordinator, said Tuesday. Joyce told a forum at the Washington Post that officials were studying ways to use "modern cryptographic identifiers" to replace social security numbers. "I feel very strongly that the social security number has outlived its usefulness," Joyce said. "It's a flawed system." For years, social security numbers have been used by Americans to open bank accounts or establish their identity when applying for credit. But stolen social security numbers can be used by criminals to open bogus accounts or for other types of identity theft. Joyce said the administration has asked officials from several agencies to come up with ideas for "a better system" which may involve cryptography. This may involve "a public and private key" including "something that could be revoked if it has been compromised," Joyce added.
Step one and two. (Score:4, Interesting)
Re:Step one and two. (Score:5, Insightful)
Doesn't solve the problem though. You still have high-value information linked to the TID, which ultimately is the root of the problem.
Ultimately you need the TID to be unique to each taxpayer, and a subset/hash of the TID plus additional information to be linked for other (financial) purposes. The IRS should be the only ones able to re-associate you to a unique qualifier.
But, until you eliminate the profit motive for credit bureaus everything will end up being re-assembled. Back to square one.
Re: (Score:2)
Uh, it is.
Re: (Score:2)
"Ultimately you need the TID to be unique to each taxpayer"
Uh, it is.
Nope. SSNs are not unique. SSN+DOB is unique.
Re: (Score:2)
SSN's were intended to be unique to a person, but they aren't. A duplicate can occurs due to error. Adding DOB will certainly reduce the likelihood but it can't eliminate it.
Oh, it doesn't work the other way round either - some people have been assigned more than one.
https://www.computerworld.com/... [computerworld.com]
https://www.aol.com/2010/08/12... [aol.com]
Re: (Score:3)
Not recycling them doesn't prove that there are no dupes. Errors can happen, and they have.
https://www.nbcnews.com/techno... [nbcnews.com]
https://www.pcworld.com/articl... [pcworld.com]
Here's a fact - you suck at fact checking.
Re: (Score:2)
But, until you eliminate the profit motive for credit bureaus everything will end up being re-assembled. Back to square one.
Then you need to come up with a better solution for how borrowers can extend credit and assess risk. Credit bureaus don't collect and maintain this information for no reason, they do so because lenders can make better decisions with that information and they only care about that because people want credit for all manner of things. The information isn't profitable in and of itself, merely as a byproduct of helping lenders make better decisions. It can be used for all kinds of bad things, but that's true of m
Re: (Score:2)
With a compass, watch, and sextant - like they used to do before. Oops, sorry, wrong story.
I mean by doing it themselves, like they used to before.
Re: (Score:3)
Credit agencies can suck air. They have no business extending easy credit to anybody who knows my SSN at the cash register of a clothing store.
Credit agencies don't extend credit to anyone - they just keep a DB of creditworthiness. It's the banks that are the eternal villains in this story, and they should never escape blame.
I believe there's a very simple fix here: any time a bank issues fraudulent credit, they're fined 3x the amount of credit issued. If that turns out to not produce sufficient ID checking, up it to 10x or 30x, or keep going until it does.
Re: (Score:2)
Doesn't solve the problem though. You still have high-value information linked to the TID, which ultimately is the root of the problem.
Truth is that most places would also need other information like name, address, phone number etc. that's pretty good for linking up information. The issue is thinking that a SSN or any other ID number is a good secret when you constantly need to share it with people. It's the 21st century, you're issued an electronic ID and make digital signatures. That's what Estonia does through e-identity [e-estonia.com], it's what we do here in Norway through BankID [bankid.no]. I can show you my driver's license, but having my national ID number
Re:Step one and two. (Score:5, Interesting)
You can have a national ID system, but the way it likely will be designed will be a jackpot for all well-heeled attackers.
Instead, why not a national ID system based on certificates? For example:
When someone turns 21 here in the US, the country they were born in signs a certificate stating that the owner is over 21. This way, a bar owner has 100% cryptographic proof that someone is of legal age to drink... but doesn't need to know their name or any other info about the person.
If a degree from an accredited school is required, the school signs the ID with a cert showing the degree. That way, it doesn't matter who the person is... but the cert is valid.
Going into short-lived certs, one can have a cert signed by the FBI stating that there are no priors on the RAP sheet. This cert can be valid for a few days. Again, it solves the purpose and gives no data out.
Even credit records, Equifax or whatnot can sign a certificate stating someone's FICO score is over 700, ensuring they have an easy track for qualifying for a house. Since all this requires is a HSM to do the signing, it can be made well secured, with the actual scores being on an air-gapped database.
If we go with certificates, it means that one's privacy is kept, but the legal needs for stuff (age, no criminal history) are met. Add an option for the ID card holder to only show certs that are relevant, and this makes for an extremely private ecosystem.
Secure as well, since the only real points of attack are the cryptosystem (good luck), endpoint cards (which would only compromise users singly), and a signing cert holder (which only affects them). The only real single point of failure would be the physical ID card itself.
Virtual SSN - White House Petition ? (Score:5, Interesting)
Virtual Social Security Numbers
Single use numbers that are aliases for your real number.
To protect consumers from fraud and theft many banks now offer Virtual Credit Card Numbers. They are aliases, pseudonyms, for a real credit card number. They “lock” to the first merchant to use them. If a merchant’s database is compromised and a virtual credit card number is exposed, it is unusable. All charges not originating from the first merchant are declined.
The Social Security Administration could use a similar scheme to protect employees and consumers. A Virtual Social Security Number could be given to an employer or financial institution and the number “locked” to that organization when they verify the number with the government, submit information to the government, etc. If a different organization then tries to verify or use the number the government will fail to verify, reject the submission, etc. This would help impede identity theft and financial fraud as employers and financial institutions inadvertently expose employee and consumer information.
Virtual Credit Card Numbers are generated as needed using a credit card issuer’s online services. Virtual Social Security Numbers could similarly be generated as needed by the Administration through its online services.
The Internal Revenue Service could employ a similar scheme for their various taxpayer identification numbers.
and to effectively voluntarily change your SSN (Score:2)
To avoid disruption of existing users of the real social security number the real number would remain valid for all users prior to the use of the first virtual number. After the use of the first virtual number existing users of the real number are “grandfathered” but any new organization using it will be disallowed. A consumer may have the option to disallow all use of the real number, requiring
Re: Virtual SSN - White House Petition ? (Score:4, Funny)
The underlying reason: they wanted a unique identifier in their database.
Dear gas utility, my SSN is: select sys_guid() from dual;
Re: Virtual SSN - White House Petition ? (Score:2, Funny)
Little Bobby Tables is always up to something.
Re: (Score:2)
Hey look, a DeVry grad!
Re: (Score:2)
SSNs aren't used as authorization, they're used as identification. You have no grasp of the issue.
Re: (Score:3)
SS number should be treated like a publicly known database key for the Social Security Administration's use. It should not be treated as an ID nor for authorization. Those should be independent of the SSN.
Re: (Score:3)
Wat?
There's no problem with using SSNs as your username in a system. The problem is using them as a password. They're fine to use as an identifier, but not as a proof of identity.
Re:Step one and two. (Score:4, Informative)
US Studying Ways To End Use of Social Security Numbers For ID
Am I the only one who's immediate reaction to that is "Well, no shit, Sherlock".
Re: (Score:2)
Unlink SSN from healthcare
If a SSN is not linked to healthcare, what is its use really??
Re:Step one and two. (Score:4, Informative)
Uh, Social Security (AKA OASDI). Duh.
Re:Step one and two. (Score:5, Insightful)
Re: (Score:2)
Step three (Score:5, Insightful)
Re: (Score:2)
The problem isn't the SSN, the problem is that it's not used in a proper way to assert identity.
Use the SSN to look up additional infornation to validate the identity of the person like biometric data and full name and match that to the person that's trying to get some service.
Then also use capital punishment for ID theft, that would make offenders to think twice before they mess up things.
Re: (Score:2)
Why? Simply eliminate the TID. The government doesn't need more than one key to use in a database. The issue here isn't the fact that these numbers are used, it's the fact that any single identifier is used for identification and authentication.
Any system built on this basis is too easy to abuse.
Re: (Score:2)
> relatively hard to forge
We have 50+ relatively hard to forge ID cards, but there's millions of kids in college with tons of disposable income that want to get beer with one of those ID cards, so they're pretty regularly forged. Replacing the 50+ cards with one card solves the problem of a guy at Washington State trying to pass off his Arkansaw driver's license as valid, at the cost of having 50 times the resources going into cracking it. Meanwhile, I have to hand out my Social Security Number to ever
Re: (Score:2)
That is the problem which needs to be fixed. Why should a phone company need your social security number? They don't have anything to do with social security. An employer might need it to pay their contributions, a doctor might need it if your medical care is paid for by social security, and bureaucrats who deal with social security obviousl
National ID? (Score:5, Insightful)
Sounds like another attempt at a national ID. I am sure it will go as well as all the past efforts.
Re:National ID? (Score:5, Insightful)
We already have a national ID - it's called Social Security - so what's the objection to another one?
Re: (Score:3)
Re: (Score:2)
The first one leaked out onto the internet.
Re:National ID? (Score:5, Insightful)
Re: (Score:2)
Comment removed (Score:5, Insightful)
Comment removed (Score:4, Interesting)
Re:National ID? (Score:5, Interesting)
So, use the driver's license as the identifier. You have to physically go into the DMV and prove your identity to get one -- just like now. Nothing's perfect for this step, but this is one of the more workable and accurate systems so far.
Change the cards to be PIV/CAC/HSPD-12-style smart cards, so they can store a private key unique to the individual. These can be used for legally binding digital signatures.
You end up with 56 or so "certificate authorities" -- the 50 States, the various U.S. possessions and territories, and the Federal Gov't themselves. States already can validate each other's DL numbers and records in real time.
This deals with the concerns of having the big, bad central government in charge of everything yet still provides for a workable, federated system.
Re: National ID? (Score:3)
Uh, what? Did you reply to the wrong message?
Re: (Score:2)
Sounds like another attempt at a national ID. I am sure it will go as well as all the past efforts.
One problem isn't that the details of your identity are not a secret and actually can't be a secret or it would be pointless to maintain. The problem is that the institutions that ask for your identification, SSN, phone number etc, are getting that information from whoever is making the application and the institution really has no way to verify that the you are the person you claim to be holding the documents for.
What I want to do is indeed have something like a national ID, and in an accessible database t
Re: (Score:2)
From TFA:
This may involved "a public and private key" including "something that could be revoked if it has been compromised," Joyce added.
This problem has already been solved many times already. A randomly generated private key, and an associated public key for validation. That's all that's needed. The private key stays secret from *everyone*. The number never leaves the enclave in your card, and can't be extracted. A simple USB-based reader can perform authentication via a computer or smartphone. There's no need for anyone to EVER have access to that number, since all they need is the public key for validation. Thus, the risk
Re: (Score:2)
If your card is stolen and you need a replacement, how do the authorities know that you are the legitimate card holder and not the guy who stole a card and then, pretending to be you, requested a replacement?
It seems to me the only way to absolutely identify a specific individual is to use some hopefully unalterable biomarker, if there is such a thing, such as a DNA sequence. Imagine the protests that would ensue when everyone is ordered to hand over DNA samples to the authorities so they can issue new gov
Re: (Score:2)
Well technically a SSN has been used because, for many developers, it's the only well documented, truly unique identification that each US citizen has that is universally used throughout the US.
SSNs weren't really a problem until the banks tied the numbers to individual's credit or debt that is causing the problem.
Re: (Score:3)
No the problem is really simple, the problem is using the SSN both as identification and authentication. You should think of your SSN the same way you think of your name. The only difference is SSN is more uniq.
If anything the government should issue cards with private keys associated with your existing SSN. The proof of your identity would be your ability to cipher (nonce + SSN + timestamp) or something similar and the bank, SSA, IRS, etc would determine its really you by deciphering with the public key
The cool thing is (Score:5, Funny)
You'll be able to conveniently use your social security number to get your new id number.
Re: (Score:2)
Which is fine actually if it's a one time thing. Everything is always bootstrapped from something else, you can't generate trust or identity any other way.
My SS Card (Score:2)
Clearly says "not to be used for identification purposes" on it. I guess its an oldie.
Re: (Score:2)
It's probably seen as a historic artefact, similar to the phrase "I promise to pay the bearer on demand the sum of [...]" as seen on paper money, since nobody in authority is actually enforcing it.
String (Score:2)
So, like, you'd go to the SSA website, and they'd give you a string of digits. And you take this string and give it to banks or whatever, and they type it into the SSA website and that brings up who that is associated with. And the owner can revoke their string at any time and replace it with a new one. Better yet, make them all one-time-use, it's not like I REALLY need to use my SSN very often.
Re: (Score:2)
Ooooh, I know! (Score:5, Funny)
Blockchain. All the cool kids are doing it! Say it with me... Blockchain!
Re: (Score:2)
NoSql.Blockchain.node.js is so last year, keep up!
About friggin' time! (Score:5, Informative)
About friggin' time! I've been doing my best to avoid giving out my SSN where it's not required by law since the '80s.
One big hole that has been going on for decades is Medicare:
* Once you're old enough to be on it, you can't get regular health insurance to pay for the portion of your medical work (often all or the bulk of the cost) that Medicare pays for. Regular health plans turn into cover-the-difference supplements. You must sign up for Medicare or pay the charges yourself. (And if you don't have the government imposing price levels or the insurance companies negotiating deep discounts you get to pay the drastically inflated "regular price" that makes up for their discounts.)
* But if you DO sign up for Medicare, what do you get for an ID? Your SOCIAL SECURITY NUMBER with a single letter appended after it. They won't provide any alternative (though they have "been thinking about it" for years). You have to give this to ALL your medical providers. Get a prescription or an immunization at a pharmacy, hand in your Medicare ID. Go to a doctor, hand in your Medicare ID. Get a lab test, hand in your Medicare ID. Go to a specialist, hand in your Medicare ID.
Dozens, or even hundreds, of medical billing paperwork operations, with unknown numbers of clerks doing data entry (often offshore) and unknown competency of IT people configuring their databases, get your name and SS#. Some have even been CAUGHT selling them. Oops!
* So then we get stories about how people over 65 have a much higher rate of identity theft - typically trying to imply that these oldsters are lax in guarding their SS numbers. Well, DUH!
Re: (Score:3)
Re: (Score:2)
Reporting credit issues to any of the 3? That's libel (deliberate, you should know better) without that proof.
Nice idea.
But truth is an absolute defence against claims of defamation (libel or slander). Seems to me you have a case if, and only if, the information reported is wrong (and the burden of proof for that would be on you).
I like it: A raft of libel suits could make the cost of doing business as a credit reporting agency high enough that it might finish off the business model. (And the time to hit
Re: (Score:3)
No it wouldn't. That would require proving a negative.
If a newspaper printed a story about you fucking goats could you prove you don't?
Time to implement? (Score:4, Interesting)
Practically half of us are already hacked NOW.
When would something be implemented even if a standard were already agreed upon and mandated? I get the feeling this will be treated like Android security where if you don't invest in X flagship, which is optional and expensive, you're just not covered. 140 million is nearly half of all US citizens. I'm pretty sure we can't just reprint all our forms, reprogram all our websites, rework all our databases and change the mentality towards accepting the new name and (hardest of all) technical requirements of the new setup.
All in all, we need a solution (whatever it is) Yesterday, but even in 1, 3, 5, 10 or 15 years I can't see it really in place (there is failure inertia of British / Metric conversion proportions here). Reminds me a bit of the stupid job we've done when it comes to the spirit of the law for chip&pin Credit cards, being optional and all and totally backward compatible to the old insecure method when the card gets stolen to pay for something online without you there (which is the point).
Re:Time to implement? (Score:4, Insightful)
Practically half of us are already hacked NOW.
Let me fix it for you.
Practically half of us know we are already hacked now. The rest will learn soon.
Someone doesn't understand the problem (Score:5, Insightful)
There's nothing wrong with using SSNs for ID. A unique number for each person in the country? Perfect.
The problem is when it gets treated as a secret, and abused for "authentication". It's not a secret, any more than your date of birth is a secret. It should be treated as publicly available information. Merely "knowing an SSN" should not be sufficient information to do much of anything, except possibly "give someone money".
SSN is not unique (Score:3)
You sound like those idiots that say "MAC addresses are unique, let's use them as an identifier."
Neither your MAC address nor your SSN is a unique identifier.
In fact, identity confirmation is quite difficult, and as an AC I can say that you are totally clueless when it comes to the various issues of identity.
Maybe you should let the adults talk and keep your head down.
Re: (Score:3)
This.
A Social Security number is a username, not a password.
Having a mere SSN should not be enough to authenticate a person is who they say they are, it's just a way to tell me from you. Any person or system using a SSN as proof of identity is just plain lazy - especially since SSN is now practically public domain information. (Thanks Equifax!)
Re: (Score:2)
Because they're too stupid to know what a surrogate key is and/or too lazy to create one.
Lemme see... (Score:2)
Banks and businesses require customers to hand over their SSN, despite it being tagged "Not for use as identification", and then subsequently lose them in breaches. Government says let's replace SSN with something else - let's call it SSN2. What do you think will happen next?
Re: (Score:2)
Lose Them In Breaches 2, Electric Boogaloo
Guessing works (Score:2)
Since the SSN only has 10 digits and there are 300 million citizens it means (ignoring any restrictions on numbers) that
one-third of the possible values [and possibly effectively many more] are used up. All you need do if you need an SSN and expect it
will not be checked by the Social Security Admin is... guess. And someone will get tagged with that data. With a high probability. That's not good.
Re: (Score:3)
Well, except that with the checksums eliminate half the valid numbers off the bat. So, you're looking at 60% off the bat. Except there are 337M citizens, so 67.2% gone . Then, you get into dead people who had SSNs (with imperfect recycling). And there may be other restrictions, but even without those the odds that any well-formatted SSN was ever issued has to be at least 70%.
Get people to show different ID's (Score:2)
The start to request banks, building societies show the same person exists. Driver licence? Education institution?
Got a mortgage? Credit card? Utility bill? Who is renting a home?
The best way to work out who is illegal, using fake ID or just treaded a social security number is to request layers of other photo ID.
City, state, federal and private sector documents have to start to match going back years.
Does the life story go back to a lot of other valid US id? Doe
Re: (Score:2)
Other nations would not allow fictional numbers to stay and get used over many years in their systems.
Re: (Score:2)
Which is a real pain to re-bootstrap after a house fire.
Start by breaking systems that shouldn't use it (Score:2)
A simple solution for now would be just to add 4 or 5 digits to the new SSNs that are issued. That would break so many systems that others would have to address the real problem.
Decades ago AT&T had a payroll system that couldn't cope with two employees having the same SSN. It turns out that the SSA has stated that the numbers aren't unique, only unique combined with a last name. If Mary marries Mr Smith and there is a Mary Smith with her SSN, they will reissue her a new SSN. There are millions of
User name equivelant (Score:5, Interesting)
Re: (Score:2)
> social security number
> unique
Pick one. Even if you ignore the millions of illegals aliens sharing a few thousand stolen SSNs, they still aren't unique.
Re: (Score:2)
One's Birthday (Score:2)
Works for the Medical field.
About damned time... (Score:2)
The card I received from them decades ago says it's not to be used for identification. Right there plain as day. But... some time between when I got my card and my daughters got theirs, the SS cards stopped saying that. How long before this new ID will get commandeered for use by businesses and we start the whole game over again?
Re: (Score:2)
Maybe I'm wrong... (Score:2)
Re: (Score:2)
That a life story has to match from birth, to school, to education, to renting, to home ownership, driving a car and full time work. In the same name and with dates that seem real with real sounding decades.
Lots of retroactive digital database alterations get messy and expensive decades later. Depending on the decade some locations still have actual paperwork for the past generation too. Once one o
Re: (Score:2)
Define the problem, then fix the problem (Score:3)
Re: (Score:2, Insightful)
Good start.
Just stop at asking the question: what do other countries do. Presumably, Sweden, Great Britain, Japan, France, Germany, Kenya, Brazil, Canada, and may others have been in the same situation. Let's not find out how they did it. Presumably, the solution is separate numbers for a Financial/Tax ID, Social Security Number, Medicare Number, and the like.
I know what we can do! We can give a $10 million contract to Equifax for them to find the solution for us! No-bid contract, of course.
Money (Score:2)
oh, and it won't work
Which means someone else will also need to make a lot of money, and they will get to blame the last President of the USA.
I am fighting (Score:2)
for years to avoid using my SS# for identification purpose - tuff luck.
Argument against my wish is that the "company" has the right to choose what kind of identification they can demand.
It is sooo MF convenient, to have a whole population of a country tracked by ONE key!
Guess who benefits most from it?
Key pairs (Score:2)
Give everyone a private key on their birth certificate, and publish a public key as the new SSN.
Anonymity (Score:3)
Please note that this doesn't solve a equally big problem- you shouldn't HAVE to identify yourself for doing most things. A good example would be if you have to prove your age to do something. Age verification doesn't mean that establishment should be allowed to know WHO you are, and even worse, record that fact somewhere. Such acts erode privacy, freedom, and could be used later to frame, manipulate, or harass people.
Burden of proof system (Score:2)
Why not adopt a burden of proof system like many other countries have. If you want to identify yourself you need to accumulate a certain number of points. Certain points are required for certain things (e.g. 100 points to open a bank account, 200 to apply for citizen ship etc).
Different items provide different points e.g. drivers license or government ID document with photo 50 points, bank issued document or card 25 points, internationally identifying document like passport 75 points, letter posted to your
Government issued ID (Score:2)
The SSN was never intended to be an ID number. Any organization that ever said "if you know this number, we accept that as proof of identity" was stupid, and frankly should be legally liable for any fraud that they enabled.
The simplest form of identity check is to require a physical government-issued ID with a picture. This could be a driver's license, or a passport, or something similar. These are (a) reasonably difficult to fake, and (b) faking them is a crime. Those may be low barriers, but just knowing
National ID card with residency registration (Score:2)
Won't that be fun? (Score:2)
This may involve "a public and private key" including "something that could be revoked if it has been compromised," Joyce added.
Or if you piss off the wrong person. Or if the system fails, or malfunctions. Or...
Good luck. (Score:2)
Even if the country mandates it, employers will still use it.
Because, at this point, EVERYONE does.
Re: (Score:2)
Many organizations have already addressed this problem by not using the SSN as an authenticator, but instead using only the last four digits of the SSN as the authenticator.
They also use these same four digits as a stand-in for the full SSN in a lower-security context, thereby killing two birds with one stone.
It's brilliant.
Re: (Score:2)
Trump will have started a Nuclear war and you will be dead long before they implement another system.
But the GOOD news is, all the dead people will make the problem much much smaller, saving the (remaining) tax payers billions.
AND the world will be back to the Stone Age anyways so who needs and ID, you will all looking for something to eat, making fires, and sharpening sticks.
Re: (Score:3)
Turned out that she came from the 5th circle of hell.
Re: (Score:2)
Re: (Score:2)
Only if the font is Olde English! We should have standards!
Re: (Score:3)
everyone gets to have the number tattooed their forehead!
This should not even be a problem. The problem is not SSN security. The problem is the way that people think it's some kind of secret password.
On my foreign passport, my SSN equivalent is printed on the same page as my name and photo. It's not a secret because we expect banks and similar businesses to verify identity using photo ID, not knowledge of a random 9 digit number associated with my person.
And that is the problem. That somehow, knowledge of a 9 digit number does not prove that you actually are
Re: (Score:2)
Wrong, you need to read the book The Number of the Beast [wikipedia.org]. It states that the true number is 6^6^6.
Re: (Score:3)
I try to avoid late-era Heinlein. His stuff got so bad.
Re: (Score:3)
Revelations 13, KJV
"Here is wisdom. Let him that hath understanding count the number of the beast: for it is the number of a man; and his number is Six hundred threescore and six."
A score is 20. Do the math.
Re: (Score:2)
Trivia: while the link to Nero is POSSIBLE, that's speculative. Nero is actually never mentioned directly in the bible, but the number 666 most certainly is.
King James Version (I reference that as it's one of the older English translations)
Revelation 13:18
"Here is wisdom. Let him that hath understanding count the number of the beast: for it is the number of a man; and his number is Six hundred threescore and six."
As said the "man" being referred to may be Nero, but it doesn't explicitly state that anywhere