I've gotten into so many arguments about how the first five digits of an SSN for nearly everyone born before 2011 (!), when they switched to a more pseudo-random algorithm, is reverse engineer-able and thus you should never, ever show the last four digits as that really is the only "secret" part of an SSN. This argument is a "fun" circular argument that typically goes "Well, but if we only show the first five, many families can't tell which social is whose because they all look so similar..." "Yes, because it was an algorithm! We should use something other than SSN to identify different people." "But how will people <i>know</i> which SSN their account is connected to?" "Why is their SSN connected to the account at all?" "So they can identify their account!" /facepalm
This strikes me as a pretty difficult problem, since it touches on personal privacy, information security, and identification all at once...<p>The simplest solution would be a disassociated ID card with a 2 or 3 factor identification (eye scan, fingerprint, etc.). Except this requires everyone to register and isn't going to gain widespread support in the U.S. for privacy reasons.<p>Info security just needs multiple factors, so require SSN and then an RSA-type second-factor to authenticate. This would make it about as secure as GMail, except for when you lose your PIN generator. I have backup codes for my GMail... How do we handle lost PINs when it's personal ID at stake?<p>Identification could be as simple as a personal e-mail address... Except we have all kinds of things tied to SSN as ID, including credit history, bank loans, etc. that require proof of <i>individual</i> identity, not just "unique identification".<p>Is this a solved problem?
IMO, the idea anyone can resell dubious debt, use collections, or put something on a credit report is the real issue. If you first needed to say mail something to the address with the DMV then simply having random info becomes a lot less useful.
As far as I know, the USA doesn't have identity cards. That's probably why the SSN is often used as an identifier there: it's the closest thing to a "unique identifier" they have. (Of course, treating it like a password is madness: as an identifier, it <i>should</i> be <i>public</i>.)
It's amazing where they are asked for, too, and how easily people give them out. Get Comcast cable? They ask for SSN, but it's not a showstopper. I just told them I didn't have one, and that was that.<p>But a prepaid T-Mobile, recharging via CC over the phone? Asked for SSN and insisted. When I said I was Canadian, they insisted on the Canadian equivalent. Had to hang up and get another rep.<p>Why do Americans just go along with it and give their SSN out? Just say you don't have one. Canada does it right. Upon getting a SIN, the government is very clear that you are not obligated to give it out and that companies cannot refuse service if you do not provide it.
>People affected by SSN-related tax fraud can apply for an IRS-issued IP PIN or identity protection PIN.<p>So I have to be a victim already to add security to my SSN? Why can't I just opt-in before I get my identity stolen?
You know what's really scary? Gmail is held up as the pinnacle of email security, but they let you reset your password by proving ownership of <i>just a phone number!</i><p>So much for 2FA. So much for strong passwords. All I have to do is obtain your SSN, call up your cell phone provider and hijack your phone number, and initiate a password reset with Google. That gets me into your Gmail, which in turn gets me into all your other accounts.<p>Ridiculously easy. Google should be ashamed.
I have written a little bit about this topic[0], describing that ideally we'd have a much better system that relied on keypairs and cryptography rather than keeping a short, predictable number secret. I really really hope to see a movement towards better meatspace authentication in my lifetime, but I have a fear that SSNs are here for good.<p>[0] <a href="http://ece.rocks/alex/2015/02/01/generated-at-birth.html" rel="nofollow">http://ece.rocks/alex/2015/02/01/generated-at-birth.html</a>
American bureaucracies have a bizarre obsession with them. My school issued student IDs with unique numbers, which should have been the end of all such issues.<p>Unfortunately, they made a bizarre system where US students had their student ID be their SSN with a fixed prefix, and international students got a random number with other prefixes. They refused to give up on using SSN even when they knew it wouldn't work for a good portion of students.<p>Heaven forbid someone just add an SSN to student ID lookup table to the database.
As technologists, and as an industry, we are failing our customers by not having developed a credible alternative to SSNs. They're only used because literally everything else is an even worse fit for access control.<p>Let's not also forget that in year 2015, we still use <i>passwords</i> as primary access control guards. That's technology that was invented shortly after the development of speech in humans, circa 100,000 BC.
I can't remember the link to the article, but a few years back a researcher had published a paper on the security of SSNs.<p>It outlined how the first 3 numbers are kind of based on your location of application (like a 3 digit code for a county). next 2 are kind of related to your date of birth.
The only hard part was the last 4 digits which are random but easy to get as thats the first thing most companies ask for.