Social Security describes new online public credentialing and authentication process

In an announcement published in today’s Federal Register, the Social Security Administration requested comments and feedback on a proposed information collection method. Specifically, Social Security is exploring what the best way will be to identify citizens who who wish to access more electronic services benefit information online.

NextGov reported the driving need for this system yesterday: Social Security statements will go online …someday. According to Alan Lane, the agency’s associate chief information officer for open government, the agency has are no specific service plans at this time – nor is there a firm deadline for the statements going online. The Federal Register notice has much more detail and is quoted at length below.

Here’s some additional background, before you dive into the announcement below. For an agency like Social Security, taking careful steps into the Information Age isn’t just wise: it’s mandatory. The agency has enormous amounts of confidential data about American citizens. Rushing online holds considerable risks but carefully engaging there will be inevitable if Social Security is to embrace Gov 2.0.

In 2011, the Social Security Administration ranks as the largest government program by dollars paid in the United States federal government. It surpasses even discretionary defense and Medicare/Medicaid spending in the federal budget. As the 21st century dawns, new technology and a mandate for open government from the Obama administration provide an opportunity for the Social Security Administration to “reboot its relationship with the American people,” as its CIO, Frank Baitman, put it last last year.

Whether Social Security can better deliver on its mission through adopting social media, more data, better e-services and mobile technologies is an open question. Authentication and credentialing of citizens online is an important part of that progress. Online identity is a matter of plumbing, so to speak, but getting it right is no less important than real plumbing in a house.

Leaks are potentially catastrophic.

That’s why the United States national strategy for online identity is both complex and worth watching. Citizens and government alike need this to work if e-government services are to match their offline components. Getting this wrong would be disastrous, given the rise of identity theft across the nation.

Given how many more of those citizens will be retiring in the years ahead, providing e-services may not be a “nice-to-have” option. According to Social Security’s estimates, by 2036, there will be almost twice as many older Americans as today, from 41.9 million to 78.1 million. They’ll want to access their information online. Today, we learned a bit more about how the agency is thinking about getting there.

1. Social Security’s Public Credentialing and Authentication
Process–20 CFR 401.45–0960-NEW. Social Security is introducing a
stronger citizen authentication process that will enable a new user to
experience and access more electronic services.

Background:

Authentication is the foundation for secure, online transactions.
Identity authentication is the process of determining with confidence
that people are who they claim to be during a remote, automated
session. It comprises three distinct factors: something you know,
something you have, and something you are. Single-factor authentication uses one of
these factors, and multi-factor authentication uses two or more of
these factors.

SSA’s New Authentication Process:

Social Security’s new process features credential issuance, account
management, and single- and multi-factor authentication. With this
process, we are working toward offering consistent authentication
across Social Security’s secured online services, and eventually to
Social Security’s automated telephone services. We will allow our users
to maintain one User ID, consisting of a self-selected Username and
Password, to access multiple Social Security electronic services. This
new process: 1) enables the authentication of users of Social
Security’s sensitive electronic services, and 2) streamlines access to
those services.

Social Security is developing a new authentication strategy that
will:

About Alex Howard

Alexander B. Howard is a DC-based a technology writer and editor. Previously, he was the Washington Correspondent at O'Reilly Media, where he covered the voices, technologies and issues that matter in the intersection of government, technology and society. If you're feeling social, you can follow him on Twitter, like him on Facebook or circle him on Google Plus In addition to corresponding for the O’Reilly Radar, he has contributed to the Huffington Post, Govfresh, Mashable, ReadWriteWeb, National Journal, The Atlantic, CBS News and Forbes. He graduated from Colby College with a bachelor's degree in biology and sociology. Currently, he is a resident of the District of Columbia, where he lives with his greyhound, wife, power tools, plants and growing collection of cast iron pans, many of which are frequently used to pursue his passion for good cooking.

One thought on “Social Security describes new online public credentialing and authentication process

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>