US Social Security numbers could soon be a thing of the past. At the Washington Post’s Cybersecurity Summit on Tuesday, White House cybersecurity coordinator Rob Joyce said that the US government was looking into more secure replacements for Social Security numbers.
Joyce went a far as to say that he believed “the Social Security number has outlived its usefulness.” He added: “Every time we use the Social Security number, you put it at risk.”
The biggest issue with traditional social security numbers, Joyce said, is that they cannot be changed if they become compromised. He also said that he believed his own Social Security number had been compromised at least four times in his life.
SEE: Identity theft protection policy template (Tech Pro Research)
The current Social Security numbering system got its start in 1936. However, it hasn’t necessarily evolved to fit the needs of modern life. As such, Joyce said he believes it needs to be updated.
To remedy these issues, Joyce said that the White House is looking into modern alternatives. These could include a “modern cryptographic identifier” Joyce said, which could power a private key-based system, for example. What exactly this could turn out to be, though, remains up for debate.
One possibility could be the use of the blockchain ledger technology, which underpins cryptocurrencies like bitcoin. Microsoft and Accenture have already partnered to create a blockchain solution that acts as a digital identification for refugees, which could set an example for the direction the US government could go in.
Another option could be the use of biometrics like a fingerprint, iris scan, or face scan. A federal program called Biometric Exit already uses facial scanning to track visa holders, and it could potentially be altered to support identification of US citizens as well.
However, biometric security has its fair share of critics, especially regarding its potential privacy concerns. There are also concerns over how secure it can be, with Apple noting that its Touch ID fingerprint scanner has a 1 in 50,000 chance of working for some other random fingerprint.
Joseph Lorenzo Hall, CTO for the Center for Democracy and Technology, said in a Bloomberg interview that a private key attached to a physical token could provide another alternative. Users would then have to verify ownership, like a chip and pin credit card, he said.
Whatever happens, it’s becoming clearer every day that Social Security numbers are difficult to secure. Former Equifax CEO Richard Smith shared this sentiment in his recent testimony before the House Energy and Commerce Committee, regarding the massive Equifax breach that compromised some 145.5 million users.
“The concept of a Social Security number in this environment being private and secure–I think it’s time as a country to think beyond that,” Smith said. “What is a better way to identify consumers in our country in a very secure way? I think that way is something different than an SSN, a date of birth and a name.”
The 3 big takeaways for TechRepublic readers
- The White House is investigating modern replacements for Social Security numbers, in an effort to keep citizens more secure from data breaches and other events.
- The replacement could include the use of blockchain technology, biometric security, or some other form of identification.
- Former Equifax CEO Richard Smith also testified that he believed the US was beyond seeing Social Security Numbers as “private and secure,” and that they need to be replaced.