The Trump administration is exploring ways to replace the use of Social Security numbers as the main method of assuring people’s identities in the wake of consumer credit agency Equifax Inc.’s massive data breach.
The administration has called on federal departments and agencies to look into the vulnerabilities of employing the identifier tied to retirement benefits, as well as how to replace the existing system, according to Rob Joyce, special assistant to the president and White House cybersecurity coordinator.
“I feel very strongly that the Social Security number has outlived its usefulness,” Joyce said Tuesday at a cyber conference in Washington organized by the Washington Post. “Every time we use the Social Security number, you put it at risk.”
Joyce’s comments came as former Equifax CEO Richard Smith testified before the House Energy and Commerce Committee, the first of four hearings this week on Capitol Hill. Lawmakers from both parties expressed outrage over the size of the breach as well as the company’s response and grilled Smith on the timeline of the incident, including when top executives learned about it.
Smith said the rising number of hacks involving Social Security numbers have eroded its security value.
“The concept of a Social Security number in this environment being private and secure — I think it’s time as a country to think beyond that,” Smith said. “What is a better way to identify consumers in our country in a very secure way? I think that way is something different than an SSN, a date of birth and a name.”
Joyce said officials are looking into “what would be a better system” that utilizes the latest technologies, including a “modern cryptographic identifier,” such as public and private keys.
“It’s a flawed system that we can’t roll back that risk after we know we’ve had a compromise,” he said. “I personally know my Social Security number has been compromised at least four times in my lifetime. That’s just untenable.”
Joseph Lorenzo Hall, chief technologist at the Center for Democracy and Technology in Washington, said one possibility could be giving individuals a private key, essentially a long cryptographic number that’s embedded in a “physical token” that then requires users to verify that the number belongs to them. It could work like the chip in a credit card that requires the owner to enter a pin allowing use. He pointed to Estonia where they have deployed such cards that people use to validate their identity.
“Your pin unlocks your ability to use that big number,” he said. The challenge is how to create the identifiers and how to distribute the keys. “It’s very promising” and “it’s possible to technically design something like this” but it could be expensive to design and disseminate such material to each American, he said. “This is a pretty big endeavor.”
The administration is also participating in discussions Congress is having about the requirements of protecting personal data and breach notifications for companies.
“It’s really clear, there needs to be a change, but we’ll have to look at the details of what’s being proposed,” Joyce said. In the response to the Equifax hack, though, he said, “we need to be careful of Balkanizing the regulations. It’s really hard on companies today” facing local, state and federal regulators as well as international rules, he added.
The U.S. government began issuing Social Security numbers in 1936. Nearly 454 million different numbers have been issued, according to the Social Security Administration. Supplanting such an ingrained apparatus would not happen over night. The original intent was to track U.S. workers’ earning to determine their Social Security benefits. But the rise of computers, government agencies and companies found new uses for the number, which gradually grew into a national identifier.
Over the decades, the Social Security number became valuable for what could be gained by stealing it, said Bruce Schneier, a fellow at Harvard’s Kennedy School of Government. It was the only number available to identify a person and became the standard used for everything from confirming someone at the doctor’s office to school.
Akin to Infrastructure
“They appeared at an age when we didn’t have other numbers,” Schneier said in an interview. “Think of this as part of our aging infrastructure” from roads and bridges to communications. “Sooner or later we as a society need to fix our aging infrastructure.”
He pointed to India’s wide-scale rollout of the Aadhaar card, a unique number provided to citizens after collecting their biometric information — fingerprints and an iris scan — along with demographic details, to almost 1.2 billion people. In the U.S., a more secure system could be designed, “but magic math costs money,” he said.
Making any changes to the current system, including replacing numbers entirely or restricting who can use them, would likely require an act of Congress, according to Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington, which advocates for limiting the use of Social Security numbers.
“You’d need to change a lot of existing public law," Rotenberg said. “There would need to be extensive hearings and study about the consequences. It’s a complicated issue."
The government’s own record of protecting Social Security numbers has its blemishes. Medicare, the federal health-care program for senior citizens, has long used the numbers on identification cards recipients must carry. After years of criticism by the agency’s inspector general for the risks that creates, new cards with different numbers are currently being rolled out.
The failure of the Social Security number is that there’s only one for each person, “once it’s compromised one time, you’re done,” Bob Stasio, a fellow at the Truman National Security Project and former chief of operations at the National Security Agency’s Cyber Operations Center.
Public and private keys — long strings of code — could help validate identities. For instance, the government could issue each person a public key and private key. If people were to open a bank account, for instance, they could provide their public key — instead of a Social Security number — and the bank would send a message that could only be decrypted using their private key. If the private key gets compromised, the government could easily issue another one.
Saved by Math
Stasio also cited emerging blockchain technology as another potential tool. It could create a kind of digital DNA fingerprint that’s “mathematically impossible” to duplicate. In place of a Social Security number, each person could receive a blockchain hash — a kind of algorithm unique to an individual — that is stamped on every digital transaction or action.
That type of technology “could be used as a much more efficient and mathematically sound method of transaction, identification and validation,” Stasio said.
While lawmakers were unanimous in criticizing Equifax’s response to a breach that compromised information on 145.5 million U.S. consumers, they were divided on how to fix the underlying issue. Democrats on the panel have reintroduced legislation imposing requirements for when companies have to report data breaches, while Oregon Republican Greg Walden noted the company’s human errors, saying “you can’t fix stupid.”
Smith said the Equifax employee responsible for communicating that the vulnerable software needed to be patched didn’t do so. That failure was compounded when a scan of the company’s systems didn’t find that the vulnerability still existed, the former CEO said.
Joyce’s comments helped take some of the focus off Equifax’s blunders, analysts at Cowen Inc. said in a note Tuesday.
The “White House may be indirectly coming to Equifax’s rescue,” they wrote. “This reduces the risk of business-model-busting legislation such as a requirement that consumers opt-in to a credit bureau collecting their data.”
More From this publisher : HERE
If you like our content help us with a share… or two …
Also - I have some free stuff for you .......
Nr 1. In This FREE Report you can Discover:
Secrets to acquiring the freshest, hottest leads via YouTube In-Stream ads quickly and easily! Best secret tips for the most effective targeting for your ads! Totally legal, but little-known method for literally stealing traffic from your competitors! Get more traffic to your videos and landing pages without spending a fortune! And much more - all within this special FREE report!
Nr 2. Did you know you can Absolutely EXPLODE YOUR EMAIL LIST FOR FREE with UNTOUCHED offline sources?
Nr 3. The #1 secret to becoming an affiliate superstar - Earn your first $100 online – without a dime to invest.
If you’re still looking to “make it online – I have just the thing for you. It’s a video series that shows how to make your first $100 online – even if you don’t have a dime to invest. Yes – nothing. Free. Nada. Is this possible? You bet. It’s the most powerful system used by those “in the know”. Good things don’t have to be difficult. And they don’t only come to those who wait. Have A Look
Nr 4. Top 10 Email Marketing Mistakes. Which of these mistakes do you make?
Nr 5. You can learn about : The hottest social networking site that will send an unlimited stampede of traffic to your site - for FREE! How to quickly locate a swarm of hungry buyers using "information portals"! The fast and easy way to use simple images to siphon targeted traffic, on command! Learn how to get the most possible traffic from Instagram, and make sure that traffic converts! And much more ...
Nr 6. It’s no secret… Facebook is an incredible place to get tons of free, viral traffic. But… most people are going about it all wrong. How many of these mistakes are you making? Download the free report to find out.
Nr 7. Special free report . It's called "Operation Midas Touch" and you can download it here...
The report features a surefire method for generating at least $1000 per week online,without a website or product of your own!
Nr 8. Instagram is still one of the hottest ways to get a LOT of traffic fast. All by sharing images. Sounds easy enough, yeah? Well, yes and no. If you want to really start driving a lot of traffic and making sales using Instagram then you should download this report.
Nr 9. When it comes to creating a product online there are so many ways to approach it. Wouldn’t it be great to just get the meat of it all so you can get started faster? Well, the good news is, today you can download a guide called the Product Creation Formula Quickstart Guide. It’s as the title suggests - a Quickstart guide. You’ll get a list of action steps to take right away. Download your copy today !
Nr 10. Would you like to finally USE all of that dusty PLR you have sitting around on your harddrive? Or maybe find the resources for the best PLR available - at the best prices? What about how to use that PLR to make you money with just a few minutes of work. Well, you’re not going to want to miss this!
Nr 11. Buzzfeed’s top post has more than 21 million views. Think about that for a sec… ONE of their articles has had over 21 million people who have read it! And they have thousands of articles... what would you do with that kind of traffic? A friend of mine hacked their method and was able to use it to get 11,592 targeted new subscribers in 2 weeks on their very first attempt!
Nr 12. Push notifications are one of today's hottest trends in website traffic and conversions, and for good reason. Studies have shown that as many as 40% of people will opt-in for push notifications, which is about TEN TIMES the rate of people who opt-in for emails! That’s huge! Not only that, but they're also highly effective at pulling clicks, as well. Some studies have shown CTR at an average of around 40%, with highs of as much as 80%! Again, that’s huge!
Nr 13. Would you like to know how to get more money from the exact same number of website visitors you’re currently getting? Even if you’re website is getting as few as 1-2 visitors a day, this report will show you how to increase your profits using these few handy hacks.
Nr 14. People have now realised that it's not the size of the list which matters, it's the quality. ... and the only way to create a quality list is by launching your own products. Let it be $7 ebooks, $17 info products, $27 video training product or software's... all of these work. My good friend Kevin Fahey has is revealing how he's launched over 20 products in the past 4 years, many of them top sellers. Needless to say he's banked a handsome amount in this time.
Nr 15. Do you ever feel that the man you like or even love, just doesn't see you or desire you in way you want him to? Or... maybe you're able to get a man's attention though not the right kind of attention? Or... maybe you're still single because you wait and wait for men to approach you first? What you may not know is that the way we flirt will either attract the "wrong" man for us or the "right" man.
Nr 16. When it comes to getting sales and leads online, there is ONE thing that 95% of marketers use... it's called a LIST. My friend Jimmy just released a free book that explains WHY a list is important and how YOU can build your own list. It's available right here (and it won't cost you a penny)
Nr 17. If you have tried everything, and still aren't able to get your Ex back, then you need to pay attention.
Nr 18. What if I told you that you could make ANY woman WANT to do ANYTHING for you? Would you think I'm crazy? Well... what If I told you that you could also make her LOVE every minute of it and come back for more?
Nr 19. I have a special free plugin for you today. It's called "Covert Hover Mini"
This plugin will triple your blog traffic by compelling your visitors to share your images on social media. This is some really clever stuff and it works like a charm. After you grab your free plugin, don't forget to read the free bonus report as it will show exactly how and why this strategy works like crazy.
Nr 20. The days of being able to get away with a basic WP theme and a pic or two are gone, your site needs to look good. Even Google are looking for you to have engaging graphics on your site. But getting good quality graphics made for your site is a pain, AND it will cost you both time and money (if you outsource it). But I have a special free download for you today. A virtual treasure chest of over 21K profit pulling graphics you can start sing today to generate more traffic & sales!
Nr 21. 20 professional full HD background videos. These background videos are perfect for giving your videos that extra kick they need to stand out from the crowd Oh yeah they are in full 1080p HD too, I hope you'll enjoy them.
Nr 23. No doubt, you've seen all of the video launches lately! There is a reason for it... Video marketing is a GREAT way to make money, and with the recent creation tools making it super accessable for anyone to get started... It's no surprise that more people are making videos. However... there is a missing element to most video marketing products...
Nr 24. For the first time ever... You can get the straight scoop on how someone is selling over $1,000,000/year of t-shirts on Facebook!Use them .... and have fun !