Update from the Hill: Progress in the fight against identity fraud

by Ken Meiser

Ken Meiser

Since my last update, I’ve been following progress on the Economic Growth, Regulatory Relief, and Consumer Protection Act. As a refresher, this Act contains a provision that directs the Social Security Administration (SSA) to make a mechanism available to facilitate the verification of consumer information upon request by a certified financial institution electronically. Electronic consent will allow financial institutions to verify identities more quickly, and at scale, in connection with a credit transaction. The significance of this Act, is that it should have a real and positive impact in the fight against synthetic identity fraud.

The current status of this provision is that the SSA is working with industry groups including, the Better Identity Coalition, Consumer Bankers Association, and other financial industry stakeholders. These constituencies are meeting on a regular basis to determine the most appropriate way to implement the rules and develop the service.

Another key step in advancing the Act is that a request for information (RFI) was recently issued to professional software vendors to gain a better understanding of the capabilities available in the market. These vendors would handle the issuance and management of credentials for financial institutions (FIs), so the FIs can conduct searches on the individuals they need to verify.

While there isn’t an official date for when the service will be available, this is clearly an issue of intention for the established coalition of stakeholders and the process is moving forward. I will provide more information as it becomes available.

A separate item of note is that a new bill, the Social Security Number Modernization Act of 2018 (H.R.7143), was introduced on November 16. This bill proposes several things: a public listing by the SSA of all social security numbers (SSNs) in 10 years, the phaseout of paper social security cards and a report by the Comptroller General of the United States on the federal use of SSNs at the beginning of every Congress.

This is an interesting proposal. One of the reasons why the SSN has been used as an authenticator is its presumed (but now functionally compromised) secrecy. Publishing a list is a provocative solution and potentially forces a new look at how accounts and users are authenticated. The time for a national conversation about the SSN is now and this bill should spark that debate. It is imperative that all constituencies impacted by the use of SSNs be included in the discussion.

Check back for more information as new developments arise on the Hill. If you have questions or are interested in being a part of the discussion, please contact me.

Ken Meiser is Chief Compliance Officer at ID Analytics