cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Lamont29
Community Champion

Problem Solving: Social Security Number Replacement

I have heard the idea that the federal government should consider utilizing blockchain as the answer to replacing Social Security numbers, and that will make us more secure, safeguarding our privacy. However, I summarily disagree with this idea. Private business is the root cause of the problem. Social security numbers were never intended for financial transactions in the business space. Private business, with the largely unsanctioned credit bureaus hijacked consumers and mandated the use of social security numbers. Private industry shall bear the responsibility for resolving this problem. Simply replacing a flawed process with a process that will be rendered flawed is not the solution.

 

We have enough technology and certainly enough brilliant minds right here on this forum as (ISC)2 professionals, that we can devise a proper solution and publish it for government and business consumption. Now I can be wrong about leaving the solutions in the hands of private industry, but I’d like to learn what others think about this issue.

 

Why don’t we try this - if only for hobbyist activity. Hey, we might actually contribute to the betterment of our society by making all Americans more secure!

Lamont Robertson
M.S., M.A., CISSP, CISM, CISA, CRISC, CDPSE, MCSE
8 Replies
Flyslinger2
Community Champion

I wrote a white paper a couple of years ago addressing this issue. With the Federal PKI as the backbone, cradle to grave tokens could be issued for U.S. citizens world wide (Post Office) and integrated with every federal system, SocSec, credit bureaus to lock your accounts, and your healthcare container to name a few.

 

With the protocols supported by the Fido Alliance, something like a Yubi Key and decent integration it could be accomplished.  

Lamont29
Community Champion

That's great! We could probably examine your work for further studies as we embark upon this strategy.
Lamont Robertson
M.S., M.A., CISSP, CISM, CISA, CRISC, CDPSE, MCSE
DudleyI
Viewer II

Lamont29
Community Champion

Hey Dudley,

 

 

That's a very good article relating to this topic. I will finish reading all of the parts on my lunch break. I think that a lot of conceptual work has already been put in and I was hoping that I could spark more evangelism of those ideas from (ISC)2 professionals, so I am hoping that this topic catches fire. Thanks for sharing this.

Lamont Robertson
M.S., M.A., CISSP, CISM, CISA, CRISC, CDPSE, MCSE
Jknox0111
Viewer III

This might be the perfect use case for a blockchain based National ID. Decentralized enough to have evolving use. Secure enough to incorporate the use of public and private keys. Public enough for identification and transparency. Private enough to support financial transactions. Secure enough, as the person with their keys. 

Lamont29
Community Champion

So, has someone published a whitepaper on this as a proof of concept? How would this work in practice?
Lamont Robertson
M.S., M.A., CISSP, CISM, CISA, CRISC, CDPSE, MCSE
Jknox0111
Viewer III

There is a whole community of people moving in this direction. You can find out more about it at 

 
Before you go any further... ***Disclaimer***

 

I do not support nor am I connected with any of the content provided by this community. I am just aware that there are people looking to take on the challenge of finding a better way of securing identity by utilizing a digital means. 

 

Now that, that's out of the way, here is the companies linkedin as well. 

 

("https://www.linkedin.com/company/sovrin-foundation/")

 

Lamont29
Community Champion

The information looks exciting @Jknox0111, I just wonder how much traction they'll get. I hope that they do well in this endeavor.

 
Lamont Robertson
M.S., M.A., CISSP, CISM, CISA, CRISC, CDPSE, MCSE