Social Security describes new online public credentialing and authentication process

In an announcement published in today’s Federal Register, the Social Security Administration requested comments and feedback on a proposed information collection method. Specifically, Social Security is exploring what the best way will be to identify citizens who who wish to access more electronic services benefit information online.

NextGov reported the driving need for this system yesterday: Social Security statements will go online …someday. According to Alan Lane, the agency’s associate chief information officer for open government, the agency has are no specific service plans at this time – nor is there a firm deadline for the statements going online. The Federal Register notice has much more detail and is quoted at length below.

Here’s some additional background, before you dive into the announcement below. For an agency like Social Security, taking careful steps into the Information Age isn’t just wise: it’s mandatory. The agency has enormous amounts of confidential data about American citizens. Rushing online holds considerable risks but carefully engaging there will be inevitable if Social Security is to embrace Gov 2.0.

In 2011, the Social Security Administration ranks as the largest government program by dollars paid in the United States federal government. It surpasses even discretionary defense and Medicare/Medicaid spending in the federal budget. As the 21st century dawns, new technology and a mandate for open government from the Obama administration provide an opportunity for the Social Security Administration to “reboot its relationship with the American people,” as its CIO, Frank Baitman, put it last last year.

Whether Social Security can better deliver on its mission through adopting social media, more data, better e-services and mobile technologies is an open question. Authentication and credentialing of citizens online is an important part of that progress. Online identity is a matter of plumbing, so to speak, but getting it right is no less important than real plumbing in a house.

Leaks are potentially catastrophic.

That’s why the United States national strategy for online identity is both complex and worth watching. Citizens and government alike need this to work if e-government services are to match their offline components. Getting this wrong would be disastrous, given the rise of identity theft across the nation.

Given how many more of those citizens will be retiring in the years ahead, providing e-services may not be a “nice-to-have” option. According to Social Security’s estimates, by 2036, there will be almost twice as many older Americans as today, from 41.9 million to 78.1 million. They’ll want to access their information online. Today, we learned a bit more about how the agency is thinking about getting there.

1. Social Security’s Public Credentialing and Authentication
Process–20 CFR 401.45–0960-NEW. Social Security is introducing a
stronger citizen authentication process that will enable a new user to
experience and access more electronic services.

Background:

Authentication is the foundation for secure, online transactions.
Identity authentication is the process of determining with confidence
that people are who they claim to be during a remote, automated
session. It comprises three distinct factors: something you know,
something you have, and something you are. Single-factor authentication uses one of
these factors, and multi-factor authentication uses two or more of
these factors.

SSA’s New Authentication Process:

Social Security’s new process features credential issuance, account
management, and single- and multi-factor authentication. With this
process, we are working toward offering consistent authentication
across Social Security’s secured online services, and eventually to
Social Security’s automated telephone services. We will allow our users
to maintain one User ID, consisting of a self-selected Username and
Password, to access multiple Social Security electronic services. This
new process: 1) enables the authentication of users of Social
Security’s sensitive electronic services, and 2) streamlines access to
those services.

Social Security is developing a new authentication strategy that
will:

As its Star Trek videos launch, Social Security tries to connect with younger citizens

Patty Duke and Mr. Sulu (aka, George Takei) want you to boldly go where you may never have gone before: SocialSecurity.gov. (At least if you’re under 65.)The short, commercial length spots make no bones about Takai’s time on Star Trek, so to speak, and are laced with references to the iconic television series.

In another, Takei and Duke encourage viewers to “Go Direct” to get direct deposits of monthly social security checks. (No way to beam those over, Scotty?) While the new slate of videos, Social Security is making an effort to connect with older Americans through the aging icons of 20th Century pop culture. As my colleague Luke Fretwell put it, Social Security has gone Star Trek.

If the spots help an increasingly digital cohort of senior citizens to learn about SocialSecurity.gov and relevant benefits, the cornball humor might have been worth the investment.

On the same day that the Star Trek videos launched however, the Social Security Administration also posted the full version of a webinar for young people wondering. The webinar, below, is the first official communications from the agency the contains information about the future of the program for young workers.

To say that there’s a contrast in styles between the two communication efforts is an understatement. The care with which the agency has had to take in communicating about an uncertain future, as opposed to trying to raise awareness of an improved website, is notable. This more recent example of how Social Security operates in the Gov 2.0 era drives how just how difficult operating in the new media environment will be for many agencies.

Will Social Security get social media? Hard to say. They’re trying. The @SocialSecurity Twitter wasn’t able to attract the attention of Takei or produce much engagement. Facebook produced slightly better results, but no obvious spike in awareness or viewership of the webinar.

If you have any thoughts on their success, failure or what they could or should be doing better, the comments are open.