
Replacing Social Security Numbers Is Harder Than You Think - sohkamyung
https://motherboard.vice.com/en_us/article/pakwnb/replacing-social-security-numbers-is-harder-than-you-think
======
matheweis
> The problem underlying identity theft is not the existence of social
> security numbers, but rather, how little authentication is done for a person
> requesting credit.

> Why don't they do [stronger authentication] for credit card requests? At a
> guess, it's because these stronger schemes are too inconvenient, and will
> drive away consumers who are trying to apply for credit.

> If that guess is correct, it suggests that the real solution is regulatory:
> make credit providers liable for the full damages, including ongoing
> inconvenience, suffered by victims of identity theft. SSNs are not the
> problem; authentication commensurate with the risk to all parties, including
> especially individuals, is.

Doesn't sound that hard to me...

~~~
matheweis
I want to clarify that it doesn’t sound like a hard _technical_ problem.
Bending the will of our politicians is much harder than it should be, unless
you have a lot of money.

~~~
rokhayakebe
What kind of money are we talking?

~~~
colejohnson66
According to OpenSecrets[0] (MPAA PAC), it’s $100k - $200k, or about $1k - $5k
per politician. That’s actually a lot less than I expected

[0]:
[https://www.opensecrets.org/pacs/lookup2.php?strID=C00139519](https://www.opensecrets.org/pacs/lookup2.php?strID=C00139519)

~~~
keithb-
This latest article about Detroit developers seems to support that [0]. A
meager $300K dished out to politicians opened up the possibility of $700M-$1B
_plus_ the developers of these buildings can collect income tax from
businesses and folks who occupy them for the next 20 years.

What's the now?!

[0] [https://www.metrotimes.com/detroit/how-dan-gilbert-just-
scor...](https://www.metrotimes.com/detroit/how-dan-gilbert-just-scored-up-
to-1-billion-in-taxpayer-money-and-few-noticed/Content?oid=5981552)

~~~
throwawayjava
It's a bit more subtle than that, in the same way that the cost of an ad is
larger than the cost to place that ad somewhere. But on steroids.

If you just show up and dump $300k on some politicians laps, the effect isn't
likely to be particularly overwhelming. You need to cultivate relationships,
wait for a good moment (when the money is disproportionately valuable to said
politician), at least sell the perception that you're able and willing to dish
up more in the future, etc.

So the actual cost is a lot higher than the amount the politician actually
receives.

------
kwhitefoot
The equivalent of a social security number is used here in Norway
(fødselsnummer) as my ID for all sorts of things. I use it when I log in to my
bank, when I apply for a loan or credit card, when log in to the state run tax
web site, when I apply for my pension, if I am admitted to hospital I will
have a bracelet with my full name,and this number both as plain text and as a
bar code.

It's hardly a secret yet identity theft is not a major problem here.

~~~
kristofferR
It is used as the "username" for all those things, not as the "password".
That's the major difference.

To login to secure services like all government services, our banks, our
digital post box etc we mostly use BankID.

With BankID you enter your SSN, your personal password and a code from your
2FA key fob/phone app. [https://www.bankid.no/en/](https://www.bankid.no/en/)

~~~
JSONwebtoken
So what's stopping anyone from downloading the phone app and getting your
BankID and 2FA code? Is there a verification process to be able to use the
app?

~~~
snaily
There is a verification process: Only institutions capable of doing proper KYC
can hand out BankIDs.

~~~
kwhitefoot
For those, like me, who don't know what KYC is:
[https://en.wikipedia.org/wiki/Know_your_customer](https://en.wikipedia.org/wiki/Know_your_customer).

I wonder if I or, more likely, someone else could write a GreaseMonkey script
that would turn all these obscure abbreviations into explanatory tooltips.

------
jaclaz
More examples of other countries (and their solutions, not particulrly hard)
in this thread:

[https://news.ycombinator.com/item?id=15210634](https://news.ycombinator.com/item?id=15210634)

The "secrecy" of the SSN is seemingly an US only problem, that all the rest of
the word has already solved, one way or the other, so, no it it is not "harder
than you think", it is "not hard at all" ...

------
njarboe
Banks and other issuers of credit just need to have high penalties for
libeling people when then give false information to credit bureaus. $5,000 for
a wrongly reported debt might make the banks more cautious about libeling
people when fraudsters steal money from them by impersonating someone else.

~~~
KekDemaga
If I was a bank opposed to this plan here is how I would kill it. I'd say
(well, I'd pay people with bullhorns and signs to say) the new requirements
for 'wrongly reported debt' require banks to have greater ID requirements,
greater ID requirements have been linked to less minority representation thus
that plan is a racist plot.

It would be dead in the water before you could draft the bill.

------
giberson
Seems to me like SSN is missing an open free (as in paid for by taxes) 2FA
service.

When I obtain a drivers license or passport (or some other process to confirm
my identity at a government facility) that I should be able specify my 2FA
medium (email address or phone number [text or call]).

Any organization that wants to prevent identity theft should be able to do a
2FA challenge. As an individual I would receive a phone call or text or email
"Acme Co. is processing a request to open up a new line of credit under your
SSN. Did you initiate this action?"

There should then be regulatory requirements on banks, insurance, etc that
require 2FA confirmations before associating an SSN to your account.

------
peteretep
Somebody should warn all the countries that don't have them or an equivalent

------
makecheck
Ten years ago, maybe. Today though, most people have devices that are both
portable and computationally powerful. This has the potential to finally make
secure keys that are actually convenient to use.

~~~
noncoml
How do you authenticate yourself when you need to rekey the app?

------
aneutron
I wonder if public-key crypto enabled ID-cards for example would be a good
idea to solve this problem.

~~~
gruez
So... national ids? Not a politically popular option.

~~~
nkristoffersen
Aren’t we treating SSN cards like national IDs already? What make national ids
not popular politically?

------
DennisP
It'd be really hard to change SSNs as database keys. But we could stop using
knowledge of SSNs as authorization. Make a public database, put all the SSNs
on it, and associate each with a public key.

------
lisper
It's only hard because PHBs (and Vice reporters, apparently) are willfully
ignorant of public key cryptography.

~~~
rev_null
The author acknowledged the existence of cryptographic solutions, but points
out that what they lack is the ability to be memorized.

~~~
lisper
Anything that can be memorized can be trivially compromised. There's nothing
special about an SSN in this regard. It's the _protocol_ that's broken. To
prove you know the secret you have to reveal the secret. PKE is the only
solution to this problem that works remotely.

------
bsder
There are two inherent problems with SSNs:

1) No check digits--every number is valid. Adding a couple of extra digits
would help tremendously

2) No ability to retire/change the number--this is the big one. Once the
criminals get your SSN--game over. You can't change it and shut the old one
down. If you simply changed this, a lot of the issues with SSNs would _go
away_.

Then there are the usage issues:

SSNs have two tasks which need to be separated:

1) Identification for "blocking" or "association" tasks. SSNs are fine for
identity on a blocking task--ie. trying to shut something down, taxation
identification, etc.

2) Identification for "allowing" tasks. SSNs are _BAD_ for allowing tasks--new
credit card, new bank account, etc. These kinds of tasks should always require
SSN _plus_ something else. This is where the primary failure modes are.

~~~
JumpCrisscross
> _No ability to retire /change the number_

You can change your SSN in certain situations [1].

[1]
[https://faq.ssa.gov/link/portal/34011/34019/article/3789/can...](https://faq.ssa.gov/link/portal/34011/34019/article/3789/can-
i-change-my-social-security-number)

~~~
siberianbear
Well, even that has its problems. Consider the case of Rachel Yould [1], who
obtained a second SSN with her married name claiming abuse and stalking from
her father. She was convicted of falsely using the second SSN and name as an
originator and cosigner for hundreds of thousands of dollars in student loans
in both her married and maiden names under false pretenses.

[1] [https://www.newyorker.com/magazine/2010/10/04/the-scholar-
je...](https://www.newyorker.com/magazine/2010/10/04/the-scholar-jeffrey-
toobin)

~~~
throwawayjava
That's a rather special case; the nature of the HALE program means that you
can't allow someone to ask "do SSNs X and Y belong to the same natural
person?". Whereas such a question would be entirely reasonable for the SS
issuing authority to answer under more normal circumstances.

(as for whether this case was actually a case of fraud, well, "the heart of
Yould’s defense was that she thought she was allowed, under the hale program,
to use the new Social Security number to apply for the loans above the
lifetime cap and to use one name as a co-signer for loans to the other" pretty
much sums it up for me... who would think that?!)

