|Received:||8/3/2007 11:31:11 PM|
|Agency:||Federal Trade Commission|
|Rule:||Private Sector Use of SSNs|
Comments:The use of Social Security Numbers has become the de facto standard for personal identification despite intended restrictions upon its use. Since any common scheme would suffer from exploitation by those who seek to defraud, replacement of the SSN as a national identifier will not solve the problems inherent in the system we know today. Several issues need to be addressed in order to accomplish a more secure system. SSNs provide a fair amount of knowledge through inference alone. Infants are routinely issued SSNs at birth and the issuance of numbers is both regionalized and virtually sequential within a region. By analysis of these numbers, the age of an individual and area in which they were born is easily inferred. This scheme has been manipulated by those who have taken the identity of deceased individuals, a practice further facilitated by the demonstrated incompetence of the Social Security Administration in verifying SSN holder status. The sequential numbering scheme also simplifies the potential of short term fraudulent use. Randomization of number issuance would be a step forward in reducing inferred knowledge from encroaching upon privacy rights, but randomization alone will not stop fraud. Perhaps a more technological approach is necessary in conjunction with replacing the existing numbering system. Consider the tools offered by many credit card numbers that allow one time use credit card numbers. There is no reason that secure internet access or key generators could not be created that would use secure encryption algorithms to generate numbers that individuals could provide to a single creditor, insurer, or other entity requiring identity validation who would then verify identity using the one-time use number against a central repository, much the way that American Express Blue or Shop Safe work today. Such a number would not be subject to re-use and would harbor no value to a third party who later compromised such data. Under this concept, this is not a true one-time use scenario like credit card number generation; rather it defines a unique relationship of the individual identified by the number and the party to which the number is provided. This concept may be further extended by time of valid use, limiting such use to days, months, or years within the unique relationship. Furthermore, such a scheme could also allow citizens to restrict the data permitted to be verified through the use of a one-time number by selecting options to verify date of birth, place of birth, state of residence, citizenship, etc. Even employers could secure their records using such information for tax filing and payment purposes, preventing the misuse of employee records. Only two entities need know the true number and that could be easily reduced to one, the government clearinghouse. The citizen need not even know their own number; rather their account which they manage could potentially be yet another one-time use number which they use to access their own information. Creating such a system would further privacy protection in a computerized age by preventing data aggregation, warehousing, and mining efforts from using a common identifier collected from a multitude of sources from conclusively building a profile of an individual verified by a single number alone.