This might be an interesting avenue for the tech community to come up with a solution similar to digital certificates and apply it to SSN numbers with an RFC of sorts that gets whetted by security experts and submitted to the government as a proposal to fix the problem long term.
Sure, but a public key could still be stored in the case of a security audit. And I don’t think the majority of mass breaching are on the paper level. We need a solution to allow a new revision of an identity to be issued, possible something block chain like.
Why does the block chain have to be applied to every problem? We already have a solution for this, many businesses and the US military use it - smart cards.
Generate a private key on the card, have the government sign it, keep it locked up with a PIN/password (and self destruct after X number of invalid attempts). You can verify authenticity offline as long as you can request the card to sign a response and verify the signature, problem solved.
A UUID would be just as bad at the end of the day and be more of a pain in the butt. There's nothing necessarily wrong with having a short-ish identifier, like what we already have on state-issued ID's for referencing a certain individual - but ideally we should move on from this number being a password to being equivalent to a actual identifier. Smart cards are ubiquitous these days (you probably have one in your wallet, assuming you have a debit or credit card on you) - that identifier should be associated a public key and your ID card holds the private key, if your card is stolen the key is revoked and a new one issued.
Not to dismiss the point entirely, but this is still an edge case - and one that doesn't justify the continued use of an identifier as a password.
People on HN make jabs at things like fingerprint / facial recognition as passwords all the time, but if you have something you need to keep private it's easy to forgo them and use a proper password instead (even if it's more inconvenient). Even if we replace SSN's with a 1024-character identifier leaks will still happen, because we continue to use the wrong tool for the job - leaving us no better off and just more inconvenienced.
We need a national ID system, ID numbers need to be no more than identifiers, if you need to validate your identity proper two-factor authentication - possession of your national ID card with your private key, and a password only you know - is the only safe way to do so.
They thought, "Hey, we need an ID number for this national social insurance program." Then later, someone else thought, "Hey, I need an identifier to check this person's Identity. Oh, they have a taxpayer ID number. I'll use that." And it just kind of piled on and on and on.
Going by a high estimate of 600,000 homeless Americans that means .1% of our population is homeless - sorry, but, yes, that is in fact an edge case.
It’s one that needs to be addressed, but sacrificing security isn’t the way to go about it. The number one issue here will be verifying identity for welfare programs and employment, which is already problematic (if you can’t carry an ID card you probably aren’t carrying your social security card and birth certificate either).
No, it's not an edge case. They are people. And nowhere did I suggest sacrificing security. I said you need to be able to use the system without computers.
“Without computers” is extremely vague. What needs to be done without them, considering the majority of use cases for our existing cases for SSN’s or state ID’s are electronic (even if it is just handing the card to someone so they can copy the details into a computer).
A smart card handles everything pretty well, it acts as a normal physical ID but can also be used to electronically sign things as well (plug it into a terminal at the bank and enter a PIN to verify your identity when opening an account, or use a card reader at home).
Return the identity division to the states. No more SSN for everyday use. Every state will provide an ID, and most people already have one, and each identification has a serial number. That number is how you identify yourself to private companies. The only people who should be using your SSN is the federal government.
Problems may arise:
1) What if you don't want an ID? Ok give them the number, skip the ID and photo, and go forth.
2) What about people who don't want to be know and forego identification? I'd say you have little choice, it's extremely hard to remain off of SOME database.
3) ID's cost money. Whose going to pay? That's a good federal grant question. Each state gets refunded for the trouble.
Your ID is forever the one given by your state of birth or the state where you acquired nationality. States will be required to accept other states ID.
I don't see how making it a state prerogative makes it easier tbh. The federal level seems appropriate for that.
The thrust of your comment already exists: it’s called a driver’s license or state ID for those who do not drive. The problem is identifying an American, not a resident of Massachusetts or Kansas. Comcast operates everywhere. State Farm operates everywhere. They want socials to identify you no matter where you live (for a number of reasons). How do you tie a Michigan license to a Nevada license to identify you? It’s intractable and already fails for the cases where it is used.
You’d be asking businesses to get set up with every single state and territory for the purposes of identity management, and giving fraudulent folks fifty-four opportunities to defraud national businesses rather than N social security numbers. I can do the OMB analysis on your bill: 54x growth in consulting fees, billions in lost productivity forcing every system to switch to a new fifty-four jurisdiction unique identifier, etc. etc.
Ideal would be a number that fits in the same space as an SSN but can be rotated. This limits significant changes to national company systems, but means you only have a billion not-so-secure numbers to play with, so you’d have to strongly disincentivize rotations to about 2 or 3 per lifetime modulo American death rate. If we are going to disrupt extensively, let’s focus on one American system rather than fifty-four systems for no net benefit; if state-level identification was useful for this purpose, we would already be using the ones we have. We don’t.
That's the problem. It doesn't cost much, but a Social Security number costs nothing and takes nothing to get. Something is infinitely more than nothing. Passports also require a lot of paperwork and identification to get that people may not have.
The reason SSN became a form of ID in the first place was because it's the only way to track a person across all states.
If I get a loan in California, then move to Arizona and apply for another loan from another bank, the new bank should still be able to know about my loan in California. SSN was just too convenient for that purpose and banks stuck with it even though it wasn't designed for it.
In the UK there is no such thing as an SSN, only "national insurance numbers" which are used for transactional purposes with the government, but are otherwise not part of daily life.
Society seems to function just fine. It's totally not necessarily to give each person an identifier.
Just publish them all. Give the country a couple of years warning that all social security numbers will become a matter of public record, and then publish them all. Any organization that still treats them as a secret could then be sued into oblivion.
Replacing it with something more closely approximating a national ID number will run up against religious beliefs that such IDs are Satanic and portend the End Times.
Just because you do not share such beliefs does not mean they do not exist, or can be dismissed.
Private / Public Key Identification needs to be revisionable. Public keys need to be accessible. In the case of a breach new keys should be generated against some sort of public / private block chain. When a enitity requires your data they should be granted a revocable public key to it. If there is a breach we generate a new pair and the private key is stored on a sort of IIA server, and a new key is immutably added to the person. Or something more.
43 comments
[ 3.3 ms ] story [ 66.3 ms ] threadGenerate a private key on the card, have the government sign it, keep it locked up with a PIN/password (and self destruct after X number of invalid attempts). You can verify authenticity offline as long as you can request the card to sign a response and verify the signature, problem solved.
As for UUID, so now I need to remember a 64 character UUID?
People on HN make jabs at things like fingerprint / facial recognition as passwords all the time, but if you have something you need to keep private it's easy to forgo them and use a proper password instead (even if it's more inconvenient). Even if we replace SSN's with a 1024-character identifier leaks will still happen, because we continue to use the wrong tool for the job - leaving us no better off and just more inconvenienced.
We need a national ID system, ID numbers need to be no more than identifiers, if you need to validate your identity proper two-factor authentication - possession of your national ID card with your private key, and a password only you know - is the only safe way to do so.
It’s one that needs to be addressed, but sacrificing security isn’t the way to go about it. The number one issue here will be verifying identity for welfare programs and employment, which is already problematic (if you can’t carry an ID card you probably aren’t carrying your social security card and birth certificate either).
A smart card handles everything pretty well, it acts as a normal physical ID but can also be used to electronically sign things as well (plug it into a terminal at the bank and enter a PIN to verify your identity when opening an account, or use a card reader at home).
Problems may arise:
1) What if you don't want an ID? Ok give them the number, skip the ID and photo, and go forth. 2) What about people who don't want to be know and forego identification? I'd say you have little choice, it's extremely hard to remain off of SOME database. 3) ID's cost money. Whose going to pay? That's a good federal grant question. Each state gets refunded for the trouble.
I don't see how making it a state prerogative makes it easier tbh. The federal level seems appropriate for that.
You’d be asking businesses to get set up with every single state and territory for the purposes of identity management, and giving fraudulent folks fifty-four opportunities to defraud national businesses rather than N social security numbers. I can do the OMB analysis on your bill: 54x growth in consulting fees, billions in lost productivity forcing every system to switch to a new fifty-four jurisdiction unique identifier, etc. etc.
Ideal would be a number that fits in the same space as an SSN but can be rotated. This limits significant changes to national company systems, but means you only have a billion not-so-secure numbers to play with, so you’d have to strongly disincentivize rotations to about 2 or 3 per lifetime modulo American death rate. If we are going to disrupt extensively, let’s focus on one American system rather than fifty-four systems for no net benefit; if state-level identification was useful for this purpose, we would already be using the ones we have. We don’t.
That's the problem. It doesn't cost much, but a Social Security number costs nothing and takes nothing to get. Something is infinitely more than nothing. Passports also require a lot of paperwork and identification to get that people may not have.
Society seems to function just fine. It's totally not necessarily to give each person an identifier.
Just because you do not share such beliefs does not mean they do not exist, or can be dismissed.