Safely wielding a +10 SSN.
Everyone agrees that SSNs are overused and overexposed today, both as unique identifiers and as authenticators, but nobody is able to step up and tell J. Random Corporation how to stop using them. You can’t—not when there is no other immutable, unique identifier for an individual in these here United Snakes. There’s nothing that follows you from state to state, from birth to death, through marriage and divorce ... except taxes. (Yep, and taxes follow you even after death.) This is why the IRS is the best tracker on the planet. There’s nothing like a government’s incentive to make sure it is getting its hands on as much money as legally permitted ... but I digress.
Please don’t bleat “federated identity management” at me. There’s no economic incentive to make that work (except of course for the vendors selling it). People won’t buy it and use it until it becomes a political necessity (read: economic, imposed by politicians). And that won’t happen until enough people are outraged by identity theft to pressure legislators into doing something about it. Just telling organizations to “protect personal data” won’t work when they don’t know how to stop using it like monograms on towels.
But there are a few guidelines you can offer your particular organization.
First, teach them the difference between identification (telling two individuals apart) and authentication (verifying that they are who they claim to be for the purpose of granting them access to something).
Next, teach them the difference between registering an individual (that is, authenticating them once and then assigning them a unique identifier in your systems) and tracking them thereafter. You might need an SSN for the first part—that is, assuming you even bother to validate that SSN, which most organizations don’t, even if they’re reporting payments to the IRS—but you don’t need it every time you reference that individual later on.
Tell them that if they’re only using an SSN as a unique identifier, and it’s only for the purposes within your organization, they should generate and assign a new ID to that user instead of being lazy and indexing on the SSN in the database and everywhere else. There’s no reason why you can’t tell a customer to reference a customer ID in correspondence with you rather than making him provide his SSN every time. You’re doing a lookup either way, and the strings don’t matter as long as they match.
Unfortunately, if you have to track individuals between organizations that don’t share any common IDs, you’re stuck with the SSN, especially if you’re crossing state lines. I just don’t see any way around that today, and if you can think of one, please speak up.
Either way, for Bog’s sake, tell them NOT to use the SSN or any other personal data just to create a unique login name for a user. And they don’t need to display the SSN for that user every time he logs in. There are SOME braindead practices we can start eradicating right here, right now.
(This post is dedicated to LonerVamp, who poked me at just the right time while I was feeling ornery about this very issue.)
on 09/09 at 02:28 PM:
yay!
SSN’s are a necessary evil, but they get used way too often for things they shouldn’t be used for. Having worked with a company that provided e-learning to large corps and even the government, it was disheartening how often an entity’s HR records would get sent to us and their unique identifier was an SSN. *smacks forehead* A number is a number, if it is unique and tracked, it is just as good as an SSN, and helps limit the leakage of SSN-to-name mappings if that entity suffers a data loss incident.
An SSN is supposed to somehow be a holy number, something you keep secret. A unique number assigned to each person on birth. It is like joining a large company, being assigned a unique login (UID string) which is your ticket to doing anything during your life in the company. Of course, we’re not even given a password for this ID…
There is something inherently wrong with an assigned ID, both in network systems and in practice in our government: they can be stolen.
So what to do? Well, let’s talk biometrics.
Fingerprints have been used for a very long time to positively ID someone. But if we’re going to pimp fingerprints as the means to ID people across the nation, what about people with no hands, or missing fingers? And really, is it still possible to fake fingerprints? Temporarily, yup.
So, let’s dig deeper…unique…highly unforgable…everyone has it…aha! DNA.
Now, one problem with DNA is that it is SO sensitive and unique that privacy advocates will drop dead at the thought of using DNA so actively as an identifier. It might just contain many secrets such as your propensity to developing illnesses, intelligence capacity, mental issues, etc. I don’t know many people who would like to think of the government or secretive third party entities housing and analyzing huge masses of state-collected DNA. But what if you could trust the collection process as being 100% throw-away and run the DNA through an algorithm to generate a unique, irreversible hash?
Of course, DNA is a little harder to control. Me having a meal at a local restaurant might leave behind some DNA that can be collected and used to access anything my DNA might have been able to use. It can be reproduced en masse. Granted, someone else can’t really pose as me, but they can use it as limited identification.
So maybe we also keep an assigned SSN and that acts as more of a password? Something we have and something we know…that sounds kinda familiar…
Anyway, all of this is well and dandy, but in practice, DNA is a bear of a privacy issue. However, I think in the coming 100 years, we’ll end up seeing it as a basis for identification and something else as a means for authentication. I think identity management and loss will, over a long period of time, outweigh the privacy advocates (much to the glee of corps who would be unethical with our DNA).
The only other catches in all of this? Clones. And simplicity…whatever is used, it must be usable by old, young, poor, rich, mentally aware, mentally absent…
Anyway, that’s my faux sci-fi journey for the day. United Snakes? Hehe!