[Cryptography] After Equifax pwning, what is the best means for replacing the SSN?
John Kemp
stable.pseudonym at gmail.com
Thu Sep 14 05:53:15 EDT 2017
> On Sep 13, 2017, at 10:25 PM, Benjamin Kreuter <brk7bx at virginia.edu> wrote:
>
> On Wed, 2017-09-13 at 20:44 -0400, Tony Patti wrote:
>> Hi Ben,
>>
>> With respect to your statement "I doubt MOST [my emphasis] banks
>> would have difficulty dealing with customers not having one." [SSN]
>> This article from the NY Times dated March 2013 says that 20 of the
>> top 25 banks REQUIRED SSN to open a bank account.
>
> I suspect that has more to do with legal requirements (KYC laws etc.)
Yes. For tax reporting (for example), the bank will require the SSN since it is the tax ID for most people, and they may need to report income/deposits for individuals to the IRS.
> and the convenience of SSNs than with an actual need. I suppose I
> should clarify my statement: if banks were unable to use SSNs, I doubt
> most would really have difficulty identifying their customers. In
> fact, I see this statement:
>
>> The article starts with a prescient statement: "Despite the risk of
>> fraud associated with the theft of Social Security numbers..."
>
> as saying that banks have enough other ways to identify their customers
> that SSN fraud is not a big problem.
Collecting enough data attributes to uniquely identify a person is still hard: https://blog.aniljohn.com/2013/06/how-to-choose-attributes-to-uniquely-identify-a-person.html
- johnk
>
> -- Ben
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
More information about the cryptography
mailing list