White House plan to nuke social security numbers is backed by Equifax's ex-top boss

Re: Once Upon a Time

You still do in the UK. You might be able to provide it electronically (by PDF), but that is as good as paper and being checked... and only in the US will your mortgage be resold to some other investor (in the UK this only happens when the original vendor goes pop)... :-)

Re: Once Upon a Time

Unfortunately, as I have just proved, it is possible in the UK to obtain a certified copy of a birth certificate with nothing more than the date and place of birth of the individual, and with no requirement to prove eligibility at all.

Following a house fire, I have just had to request new birth certificates for myself, wife and daughter, using the very convenient government website. At no point did I have to prove who I was. The new certificates were happily sent through the post to an address totally unconnected to me or any member of my family without any quibble.

And of course, once in possession of said birth certificates, I can now get a passport, driving licence, etc, using the birth certificates as proof of identity.

Now I have perfectly legitimate cause to have to do this, but it is obvious to me that this same process could be used to gain false documents, bank accounts etc with very little trouble.

Re: Once Upon a Time

You also had to be white, male and belong to the same church and country club as the local bank manager to get a mortgage.

You also had to pay the costs associated with all this personal attention, which is why only white male breadwinners were worthwhile as bank customers

Re: Once Upon a Time

In the modern computer age an individual has more time to work, play and enjoy life because of the time saved by the computer.

Re: Confused identification with authentication.

That is what the rest of the world does.

If I am, let's say in Bulgaria and I know your EGN (their equivalent of SSN) I can do you a favor - pay your local taxes, parking tickets or even traffic fines. I cannot, however, draw credit or in any other way impersonate you which results in me being given money or assets. For that you need a valid ID which is a choice of Eu biometric ID or passport (which has biometrics). Rest if Europe (except UK which continues with "utility bill idiocy") is the same.

However, what can we expect. It is USA - constantly moralizing and teaching everyone how we are supposed to live while forgetting to wipe their bottoms and flush the toilet.

Re: Confused identification with authentication.

At one point I was issued a Government Gateway ID.

It allows me to file tax returns, get a new passport, change the photo on my driver's license etc.

At the start it was a long random code and a key-pair.

Then it was just an identifier and a strong password.

Even businesses have such an ID to themselves, to file tax and various other information.

If the UK government has this kind of thing worked out for the last 10+ years, then I'm sure the US government can work it out, given our history of government IT projects.

The only thing is that we haven't rolled it out to ABSOLUTELY everyone (it's probably a bit early for that, while we still have pensioners that have never used a computer in their life), but it's there.

Re: Confused identification with authentication.

Same with the UK NI number...

Re: The Trumpcard!!!

Why have space to write religious affiliation when 'Christian' will be the only one allowed? Ditto for political, the only party you can select is 'Republican' but it isn't the republican party of pre-2016. It is 'Republican' as defined by Donald Trump at any given moment.

That's the only way you explain how overnight it went from the party of free trade to the party of tariffs and economic isolationism, and how it went from supporting Ukraine's independence from Russia to supporting Russia's annexation of Crimea. Next week it may be the party of socialized medicine, so long as a health care bill is passed and put on Trump's desk and he gets to claim it "repeals Obamacare".

Re: SSN needs to go

As a primary database key of sorts, changing an SSN is probably not practical. But there should be some other authenticator that *can* be changed. We should also consider modifying the SSN system going forward to include a check digit. A lot of issues with credit reports, identity theft, screwed-up government records, etc are caused by typos or transposed digits.

There's also that ironclad proof of identity, your mother's maiden name. I hate when forms ask for it because it's way too easy to find out. Why anyone thought it was any kind of secret, I can't imagine.

How often have you been asked for your NI number lately. Combine this with having all your relevant personal details on driving licences including home address and there really is no security on an individual level if someone gets access to this.

Re: Obscure number

Put it into a calculator then turn it upside down.

Re: Obscure number

Wut? They don't have calculators in the UK? BooBies...

Re: Obscure number

Really? Really?

Dial your sense of humour back to early schooldays and maybe it will be a little more obvious...as a clue it is also a large (Southern Hemisphere?) bird which tend to crash land rather than float gracefully down.

Re: Obscure number

That one stumped me, too, for about 8 seconds.

NINO checksummed ?

Not to my knowledge.

Staff at NI HQ always denied to me when I worked there that there was any such checksum. Not surprising for a system devised in the 1940's, long before computers. The first two (alpha) characters can give some indication of age, but that's more or less it, as far as I'm aware.

(VAT numbers are, however).

Re: Le roi est mort, vive le roi

My thought exactly. SOMETHING will take the SSN'S place as primary key (already does for aliens and others without a SSN). Plus with today's database and computing technology, tracking a hundred numbers may as well be as easy as tracking one.

I think a lot of the problem is we're using the same number as both an identifier and a form of authentication. I'm not sure how to solve that problem, because not's not just the government -- in fact, the worst parts of identity theft often don't involve the government at all, but the credit agencies.

I think mostly I'd like to see credit agencies regulated so heavily that they get a fine if their CEO so much as farts without filing paperwork authorizing it ahead of time.

Re: Canada, SIN uses

SIN was meant for only government, CPP, then Social programs and Income Tax use. Canadians were assured repeatedly that it would never become a universal identification number for business and government it is. Today it is part of many private and corporate databases. In Canada getting a new SIN, usually due to abuse, is all too often undone by a private company linking and referencing databases.

Often a person is only identified enough to find them on one of many databases and then that information is used to populate the new database, information that contains SIN and other data often in violation of provincial privacy laws. Seen that first hand. IMO If any Canadian thinks otherwise they need to ask more questions, pay more attention and stop thinking the government and industry has their best at heart.

In Canada any company dealing with any of your money in anyway, including just receiving it as payment, can claim a need for your SIN and avoid legal action. Some claim they need it because while they do not directly deal with an individual and their money the companies they work with do.

In Canada many private companies still have and use SIN as an identifier but things are better than a decade ago when there were more active SIN than Canadians. The government at the time was trying to reduce the most obvious abuses but the political climate has changed IMO we can expect increased abuse of the SIN and related government systems.

And of course we can expect more lies about the information being collected and stored on Canadians both by governments and businesses.