To protect against identity thieves, the feds are making it more difficult for them – and you, the user – to access government online systems.
SSA just proposed a complex “public credential issuance model” that will change the way you not only obtain a login ID and password, but how you use them, too. That was the word from SSA officials at the recent American Payroll Association’s Annual Congress in Washington, DC.
These important upgrades come because the agency has outgrown systems designed years ago. In the process of moving to a system that can handle the influx of retiring Baby Boomers, an increased W-2 processing burden and other changes, SSA will also address identity theft vulnerabilities.
Under the proposal, the new login system would authorize you, as an individual, to do business with SSA over the Internet for:
- personal business – such as applying for a replacement Social Security card, enrolling for retirement benefits, etc., and
- employer roles – such as quarterly wage reporting or verifying Social Security Numbers (SSNs).
Currently, there are four different ways to register to do business with the agency online. For example, when you use options such as Business Services Online (BSO), you log in using a unique identifier that links you to your employer. However, you’d use a different user ID and password for personal affairs.
Under the proposed system, a series of verification processes would authenticate users as individuals to access different online services.
Getting a new user ID/password won’t be easy, though. SSA designed a system that requires users who want to apply for a standard ID to:
- Read an overview of the process and accept a disclosure agreement.
- Provide a full name, Social Security Number, residential address, date of birth and phone number.
- Answer three to four personal questions, based on the person’s identity risk score.
- Enter a user name/password, e-mail address and password reset questions.
There are even more steps for users who need an “elevated” ID to perform more complex operations.
SSA says it’ll “grandfather” those who already have a current user ID/password – but they may be prompted to add additional info the when they log into the updated system.
Because everyone will have one credential, the agency’s still working on how to separate a citizen’s role from an employer’s role. It’s likely the employer will have to let SSA know, for instance, when an employee who’s registered to use BSO terminates.