In 1961, the U.S. government began using social security numbers to identify its employees, and the following year, the IRS asked taxpayers to include these numbers on their tax returns. Banks quickly followed suit, and over several decades, this number became commonly used as identification. However, with recent hacks increasing, many wonder why this practice isn't replaced by something more secure.
Issued by the U.S. government after a person's birth or when they immigrate to the United States, a social security number is a unique 10-digit number assigned to every American citizen and legal permanent resident. Invented by the Social Security Administration in 1936, these numbers were designed to track how much American residents earned and as a result how much social security they were due upon their retirements.
For the first 36 years these numbers were in circulation, they were printed on cards that admonished their holders that these numbers should not be used as identification. However, that warning was removed in 1972, and since that time, banks, telecom companies, landlords and countless others require their clients to use these numbers as identification.
However, these numbers were not designed to be private, and they weren't even randomized until 2011. Prior to that date, anyone who knows the state where your number was issued as well as the year it was issued can predict its first five numbers. As these numbers were never designed to be secure, they are not.
If a hacker has your social security number, he may be able to open bank accounts or credit cards in your name, use your existing accounts or file a tax return on your behalf to steal your refund. In other cases, the damage of this type of identity theft isn't financial. Instead, hackers may use your number to obtain medical care. If that care is reported on your electronic medical records, it may be used by first responders after an accident, and these medical professionals could end up treating you incorrectly because of that.
In spite of the risks, one of the reasons that using social security numbers as identification is so common is because there is no viable alternative to the practice. Inventing a new set of numbers would be a cumbersome process, and eventually, any database of national identification numbers will face the same issues with security.
The technology around biometrics means that it is now possible to identify you based on your fingerprints or a scan of your eyes, and there is even facial recognition software that could be used by the Social Security Administration. However, many consumers aren't comfortable using biological identifiers, and collecting that information would be expensive.
At the moment, social security numbers still make sense as identification, but consumers need to be careful when giving these numbers to anyone. Consumers should always ask if they can use a different random number whenever possible. If required to use a social security number, consumers should verify the security of the entity to which they are providing this number.
Photo courtesy of twobe at FreeDigitalPhotos.net