November 9, 2017

"Senators Push to Abandon Social Security Numbers in Favor of a More Secure, More Digital Form of Identification" -- Now What Might That Be?

Senators Push to Ditch Social Security Numbers in Light of Equifax Hack

November 8, 2017

[TechCrunch] - Eyeing more secure alternatives to social security numbers, lawmakers in the U.S. are looking abroad. Today, the Senate Commerce Committee questioned former Yahoo CEO Marissa Mayer, Verizon Chief Privacy Officer Karen Zacharia, and both the current and former CEOs of Equifax on how to protect consumers against major data breaches. The consensus was that social security numbers have got to go.

Rounding out the panel, Entrust Datacard President and CEO Todd Wilkinson offered some context and insight about why the U.S. should indeed move away from social security numbers — a step that the witnesses unanimously agreed was necessary if not wholly sufficient to protect consumers moving forward, in light of the Equifax hack.

"Over 145 million Americans’ insecure identities are now forever at risk, and they have limited ability to protect themselves," Wilkinson said. "A key question for this committee to consider is: What do we do now given these identities are forever compromised?"

Social security numbers are a privacy nightmare. While a consumer who gets hacked can replace credit card numbers and other account details, a social security number is permanent, linked inexorably to a real identity throughout a person's lifespan. In the hearing, Wilkinson and many of the Senators present argued that the U.S. needs to move to a dynamic system of personal identity, one designed with digital security in mind — a stark contrast with an inflexible legacy system that dates back to the 1930s.

"Some combination of digital multi-factor authentication... is the right path," former Equifax CEO Richard Smith said when asked about such a program.

Multiple times throughout the hearing, Brazil's Infraestrutura de Chaves Públicas system of citizen IDs through digital certificates came up as a potential model for the U.S. as it moves forward. In this model, a certificate lasts for three years at maximum and can be used to issue a digital signature much like written signatures are used now. Unlike its counterpart in the U.S., these identity accounts can be revoked and reissued easily through an established national protocol.

Members of the Senate committee also advocated for "rigorous" data security rules, expanding FTC authority to enforce them and stiffer penalties to motivate companies to protect consumers proactively.

"The parade of high profile data breaches seems to have no end," said ranking committee member Bill Nelson. "We can either take action with common sense rules or we can start planning for our next hearing on the issue."

Last month, White House Cybersecurity Coordinator Rob Joyce made it clear that the Trump administration is also interested in abandoning social security numbers in favor of a more secure, more digital form of identification, stating that the form of ID has "outlived its usefulness."

Comments at Yahoo:

Tamper proof, illegal proof hack proof and not to be shared with a company that could duplicate or abuse this form of I.D.666 here we come.


People do realize that social security numbers were never intended to be identifiers other than for things like, well, social security, right? If you're older and and have your original card that was printed between '46 and '72, it states ON the card itself that people should not use the number and card for identification.

The law WAS changed in the mid-70s to allow business and other organizations to use SSN for account identifiers, etc. Sorry folks it IS legal for businesses, etc. to require SSN for identification purposes.

Way back in 1976, I think it was, congress in its infinite wisdom made it legal for businesses to use a persons SSN as an account identifier...so long as they made reasonable effort to keep that number from the public. This was a boon for businesses because now they could more easily research a persons past for 'credit worthiness'. So blame congress, most of those people are dead or retired now however. Very soon thereafter SSN replaced the employee ID number... I know this was the case at AT$T...

The big banks that borrow money to the goverment needed more cash cows..They brought in the credit card to pull the money from there milkers..Then it wasn't enough for them they pushed the credit rating to get people to get cards for credit. In doing that they had your number to know where your from how much you make while managing your work and credit ratings. So being they get payed (bank loaning money to united states) They now have access by credit card to irs to manage you, to milk you dry. Everyone is working to take your money and it starts with that little ol number you give out now all the time, wondering why your having trouble saving.

Oregon requires SS numbers to obtain hunting and fishing licenses. They claim it's to locate deadbeat parents.

Like we had a choice. Here in AZ and, later, in KY the state automatically "seize" the SSNs to use for driver's license numbers. And others have done the same thing. Like it's too hard to come up with a list of numbers to use for such purposes! It's the government's fault from the very beginning!

Social security numbers are a privacy nightmare. That is because no good law prevents companies and landlords and medical from demanding and getting that number or no service/rental. STOP allowing any company/landlord ANY identification number. ALL of them abuse it.

Any new identification system should be ABSOLUTELY private, and should NOT be disclosed for any reason going forward. Not for medical records, credit cards, or anything.

If a different number is issued to every citizen and legal resident of the United States--one with more digits and claimed to be more secure--this number will, I assume, still be recorded in the files of corporations from Equifax to banks and credit unions to credit card companies to retailers . . . Not to mention held on file by one's employer, one's doctor, one's landlord, etc. etc. So what will prevent this number being stolen in a system-wide breach? would the number be encrypted before being stored? And the individual would be the only one to have the second step of breaking the encryption? Or what? And would a hacker be able to break the encryption? Just asking--because it seems to me that no records system could be entirely safe in this modern world, where hackers are proliferating and getting more adept daily.

How much did the credit bureaus pay to lobby our government, in the racket to force us to give them to private companies, in the first place?

Uh, just a word of caution. If anyone asks you to take a "mark", run like the wind in the other direction.

In the near future, we will move towards the implantation of microchips under the skin. It can't be duplicated. It is also the means by which the Book of Revelation's "mark of the beast" will be manifested.

Your data wasn't "hacked", it was sold. This is what happens when corporate executives are never punished for their crimes.

I can promise you it isn’t for our benefit. They will remove ssn’s then accidentally lose the money attached to them.

Next may come a chip embedded in forehead or hand. remember the bible verse?

Here comes that chip under our skin. We will all be like cattle soon. Perhaps a tag nailed to our ear.

The idea of implanting a micro-chip in every citizens forehead (or on the back of their hand) is gaining ground. The forehead is preferred by government security specialists as: 'the micro chip being close to the brain allows for signals to be sent from government security headquarters to any given brain and cause minor disruptions (like seizures) in that 'body', if the citizen target is acting in a 'non-government approved' way. The chip system will both 'identify' individuals, and, provide 'corrective' measures when and where needed...

What is not mentioned in this article is that a new ID number system is being issued by the US government in early 2018 that replaces the use of the social security number as identification. What is also not mentioned in this article is that "all" countries have had hacks of their data including Brazil. There should be separate ID's for Income Tax and Social Security versus one number for everything as our current Social Security number is now used. The way the Social Security number is currently being used is the problem along with how government computer systems are used and who is allowed to access the world wide internet from a government computer. Almost all of the computer hacks of US government computers and private industry computers over the last 10 years has been from employees and private contractors being able to log into government or private industry computers with outside non-secured computers. This also occurs when government and private industry allows employees to use government and business computers to surf the internet. Employees should never be allowed to surf or access outside websites because this is what hackers are looking for. This isn't brain surgery...but then look at some of the people government and private industry have running their IT and Cyber systems. Over the years I have been in meetings with both government and private business IT and Cyber Security managers and personnel and was surprised at how many allow outside access to non-secure websites which is an open invitation to disaster.

This change would require electronic devices for everything, yes we are more and more dependent on them, but we still can manually write and file our taxes. Till it becomes free to file taxes for all States electronically, and there is free services for people to use to create the tax returns, we will never be able to get rid of what we have. Plus even with multiple data inputs, we will still be at the same risk we are now, due to the data being able to be stolen. That is the real issue, is companies have found that keeping data that should be destroyed after completing the process, if sellable. They have created the risk, and should be the ones to pay for it, and not the people.

We need a national ID system. It must be two factor: something you know and something you are! Your fingerprint, your dna, your iris! Maybe we add a third factor: something you have, like your smartphone! or home phone! Illegal immigrants would be eliminated from the US. Criminals could be caught much faster with DNA or fingerprints or pictures of you face! Many banks have moved to two factor authentication. I need my login, password and the place I was married! And then they will send me a text message with the "key". I like that. It eliminates illegal immigrants AND MORONS! Think about the questions you have seen of authentication? High school graduate from: Married in city: Mother's maiden name: There are a lot of Blacks who couldn't find a question that they could answer!

That's one way of loosing millions of SSN's so the Government wouldn't have to pay SSN benifits.

Basically, SSNs are the primary key linking all financial information to an individual American. Break the link and you lose the financial history.

And here's the crazy thing; we are busy punishing Russia with sanctions and investigations, and China strolls in, takes 145 million people's data, including millions of government contractors, and barely a peep. And that's after having hacked us for years, including the defense industry. Its like a sick joke. Read the hundred year marathon by Michael Pilsbury. Make no mistake about it; china's goal is the downfall of the US and they are doing it from within. Just like Lenin and Mao said "We will sell the captialists the rope by which they will hang themselves." Its happening folks. And no, China is not a capitalist country. Its state run capitalism; in other words, still more towards communism. These are state enterprises, not private. 70% of china's businesses are state.

Hey, I have an idea. How about implanting a chip in our forehead or somewhere around our wrist. That way Satan can move his Armageddon forward much faster.

They don't need your social much anymore. They've got your cellphone number now. Almost everything is connected to people's cellphones: email, banking, social media, shopping, address, contacts, etc.

Most of the time when people ask for my ssn I transpose a number. If they don't notice the error, they don't need my ssn. My dentist insisted he could not bill my insurance without my FULL ssn. He lied. He hasn't noticed that he has an incorrect number. Neither did the cable company. I don't feel the slightest bit bad about doing it.

The Tech Companies wants us to use digital form of identification, so they can control our lives more easily with just a click of a mouse/keyboard. If it's on the web it ain't safe, period!

Lets just tattoo all all Americans with a bar-code when their born. Problem solved.

How about we just tattoo a bar-code on every humans wrist or maybe their forehead, If they don't have that code, they could neither buy nor sell. We could even start each code with 666.

Attorney generals, regulators, and lawmakers,more don't just talk about it. SHUT DOWN EQUIFAX NOW! Two months after the major breach, Equifax CEO today still does not know if Equifax has encrypted all the data or not. So hard to believe he can be so incompetent! Equifax breach is a major problem to the entire U.S. It is the WORST breach ever. PLEASE SHUT DOWN THE EXTREMELY INCOMPETENT EQUIFAX NOW BEFORE MORE DATA ARE HACKED! HACKERS AROUND THE WORLD ALL KNOW EQUIFAX IS AN EASY TARGET NOW! PLEASE SHUT DOWN EQUIFAX IMMEDIATELY! And let us solve this problem completely, lawmakers. The root of the problem is the banks and credit card issuers are issuing credits and credit cards without taking sufficient precautions. And that is why bad guys can easily get money using stolen IDs. We should require all banks and credit issuers to require the following things before any credit is issued: 1. Take a picture of the applicant: This will help law enforcement tracks down the bad guy if it turns out to be a fraudulent applicant. Also, the picture can be put on the credit card to provide another layer of protection for the credit card user. This is not hard to do. Two of my credit cards have my picture on them. The technology is already there. There should not be any more blind credit issuing without even seeing the applicant face to face. 2. Require the credit issuers to check IDs before issuing credit. This is no brainer easy step that should be done. 3. Take the fingerprint of the applicant. The United States already has similar process in place. When we buy a house and get notary for signature, fingerprint is already part of the process. We should extend the same kind of precaution on issuing new credit. Even my iPhone can read my finger print. The technology of machines reading finger prints is already there too. Use it. 4. Make credit freeze a default mode. We never authorize the credit bureaus to use our data, so the default mode for all our credit data should be freeze until we authorize the credit bureaus to unfreeze it. This will safeguard everyone's data including those who were not aware of Equifax breach problem. This is the way it should be because those credit bureaus never got our permissions to hoard and provide our data to make money. They really should get our explicit consent before they provide our data to anyone. And unfreeze and freeze should be all free to consumers. These credit bureaus are making money selling OUR data without paying us royalty. Why should they charge us for anything? If they want to charge us for anything, they should also pay us each time they use our data. If we can require all credit issuers to do all those steps, we can cut down fraud tremendously even under the situation of this massive Equifax breach. And we should shut down Equifax immediately. Equifax is not too big to fail. We should shut it down immediately. We should not allow a company so incompetent to continue to provide most critical data of our citizens to all the hackers in the world. With one breach after another, Equifax already clearly showed that it is technically NOT capable. PLEASE, PLEASE, PLEASE SHUT DOWN THE EXTREMELY INCOMPETENT EQUIFAX NOW! Obviously the company Equifax hired still has no idea what was going on. DO NOT LEAVE ALL OUR DATA IN THE HAND OF INCOMPETENT EQUIFAX FOR THE HACKERS AROUND THE WORLD TO HACK EASILY! SHUT DOWN EQUIFAX NOW!


No comments:

Post a Comment