The Fraud Blog with Tracy Kitten

Social Security Numbers: Are They Outdated?

We Should Modernize Numbers and Cards with New Tech
Social Security Numbers: Are They Outdated?

Social Security numbers are easy to steal, and that makes them attractive to fraudsters. After all, once a fraudster gets his hands on a Social Security number, he can assume a new identity, apply for credit, take out loans and, ultimately, possess the "key to the kingdom" of a new life, as one identity theft expert put it.

It seems odd in today's age that we continue to rely on such an easily compromised personal identifier. It's a small card that's easy to misplace, have stolen or leave in places where it's visible to others. I, myself, up until about eight years ago, continued to carry my Social Security card around with me in my wallet. Beyond my passport and driver's license, it's the best form of identification back-up. And I'd be willing to lay money on the table to gamble that other Americans have carried or continue to carry their Social Security cards on their persons as well.

Carrying a Social Security card in your wallet is a horrible idea; yet we do a lot of things that make us vulnerable to fraud. Maybe we would all be more secure if we just had identification chips embedded somewhere on our bodies. That way, we wouldn't be able to compromise ourselves.

The problem is that, despite measures some people take to protect their identities, oftentimes identifiers, including Social Security numbers, are inadvertently exposed by entities we have no control over.

This is why insider threats pose so much risk, as privacy expert and attorney Kirk Nahra says. Insider access to stored Social Security numbers within corporations, financial institutions and businesses is the No. 1 identity theft risk, Nahra says. And it's not that the threat means insiders will automatically compromise or sell those numbers -- although, that is often the case -- but that the more people who have access to sensitive data, the more risk for exposure.

Here's a case in point. I ran across a news item last week that touched on the employee-access issue. The General Services Administration warned employees earlier this month to be on alert for signs of identity theft, after an employee accidently sent an e-mail that included the names and Social Security numbers of the agency's more than 12,000 employees. The GSA, which manages federal property, reportedly paid for employees to enroll in a one-year program to monitor their credit reports; the agency also paid for identity theft insurance.

That's not a promising story to read. That type of exposure to compromise is becoming commonplace. Society in recent years has improved its protective measures -- driver's licenses and health insurance cards no longer display Social Security numbers. But we obviously still have a long way to go.



About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.