One of the main problems with irresistible progress is the danger of being left behind, and not everyone can quickly adapt to change as they may like. In the realms of security, being left behind effectively means surrendering to the very things you’re trying to protect against. After all, you need to be able to protect against every conceivable threat. They only need to get past you.
The moment they’ve mastered a way to crack your user identity protection, even the stoutest security can crumble.
Now it would seem that the humble social security number (SSN) is about to be swept aside of the path of technological process. The nine numbers you now have memorized can no longer adequately protect your identity or your data, and many within the user identification industry have called time on it as a security measure.
So how did this happen? When did SSN die?
Old Methods, Old Dangers
The SSN has been with us for a quite a long time. The idea of using a short digit code for identifying individuals was first initiated in 1936, just before the outbreak of the Second World War, but since then the system has never really been expanded or improved upon.
To a large degree this was because the system so simple and efficient that it could withstand the need for modification, but even before the rise of the internet and computer algorithms it was fairly easy to cheat the SSN. The problem was that the moment someone had gotten a hold of that six digit number, the game was up. They could use it to impersonate the person to whom that number was assigned and open false bank accounts, credit cards, or to gain access to that person’s data.
Since the advent of the personal PC and the rise of the digital age, the SSN has increasingly shown its age as a system of identification. An algorithm developed by researchers was able to accurately predict someone’s SSN 44% of the time, and since then it has only gotten better.
Making matters worse is that if an SSN is stolen, getting a new one is very complicated by design. The Social Security Agency is quite reluctant to issue new numbers for fear of fraud, and usually won’t consider a request unless it’s been demonstrated that continuing to use the original SSN is disadvantageous. That is, the individual has to put up with identity theft for a prolonged period before they can properly do anything about it.
With all this in mind, it’s easy to see why people are reconsidering SSNs and looking for new methods to protect their identity.
New Technology, New Solutions
In recent decades new solutions have arisen to assure the protection of user identity. While there is no such thing as a perfect system – nothing is truly impregnable – these methods do go a long way towards thwarting identity theft.
For example, biometrics use unique biological signatures in order verify someone’s identity, such as through fingerprints or facial recognition. It’s already been put in place in a number of government agencies – you will have most probably used a fingerprint scanner if you’ve ever gone through immigration and customs when returning from vacation. In theory this should mean that only one person can access data protected in this manner, but there are ways around the system.
Some websites and businesses also use personal data as a means of verifying someone’s identity. Sometimes this takes the form of a memorable question – the most famous being What Is Your Mother’s Maiden Name? – and is supposed to utilize information that only the user should know. Naturally this was popular before the rise of social media, which means that tracking down personal data is a lot easier than it was before.
Finally, block chains are similar to biometrics in that they run from a retinal or fingerprint scan from an individual, which is used to unlock access to a personal ID number. This is a two-layered form of identity verification, and is used by refugees who want to access and share personal information without home governments acquiring it. Should ever the personal number be used without their prior knowledge, the user can use the blockchain to restrict access.