UPDATED 00:48 EST / OCTOBER 04 2017

INFRA

Social security numbers as IDs have to go, says White House official

The Social Security number as Americans know it could be coming to an end as the Trump administration mulls a more modern kind of identification following the massive hack of U.S. consumer credit reporting agency Equifax Inc.

Speaking on Tuesday at the Washington Post’s Cybersecurity Summit, White House cybersecurity coordinator Rob Joyce said that the Social Security number as a national identification had “outlived its usefulness. It’s a flawed system that we can’t roll back after a breach,” he said. “It’s really clear there needs to be a change.”

One possibility, said Joyce, would be to make use of a “modern cryptographic identifier” to ensure such a breach could not happen again.

A month ago the Equifax breach resulted in around 143 million Americans’ Social Security numbers getting into the hands of hackers. Former Equifax Chief Executive Richard Smith, testifying this week on Capitol Hill in front of the House Energy and Commerce Committee, echoed Joyce’s assertion that the breach should encourage the winds of change.

“The concept of a Social Security number in this environment being private and secure; I think it’s time as a country to think beyond that,” Smith said. “What is a better way to identify consumers in our country in a very secure way? I think that way is something different than an SSN, a date of birth and a name.” Smith called the system “flawed” and “untenable,” adding that his own number had been compromised at least four times in his lifetime.

Nicholas Hayden, director of engineering at threat intelligence platform Anomali, told SiliconANGLE that as long as Social Security numbers are being used as passwords, they should be treated as such. Hayden said the breach should be taken as an opportunity to develop a solution for a better form of identification.

“Banks are in a good position to develop this type of solution as they can accomplish in-person verification and provide a cryptography-based digital verifier for online transactions,” said Hayden. “This type of solution would negate the need to leverage Social Security numbers for financial data.”

Another potential solution, he said, would be for the U.S. government to overhaul the Social Security number system and replace it with some kind of cryptographic system. “This would make breaches like what occurred with Equifax less worrisome and less burdensome to potential victims because SSNs would be far more difficult to crack,” he said. “Many actors would not have the skills and resources needed to decrypt sensitive information protected with strong cryptography.”

Image: DonkeyHotey via Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU