Social Security Card Technology Upgrade

Myths v Facts

Myths Facts
A biometric Social Security Card Upgrade is an infringement on privacy, civil liberties and Constitutional rights. The number one job of government is to protect citizens and provide for the common welfare. Not upgrading the Social Security card to current data protecting technology standards leaves Social Security Information vulnerable to ID thieves, hackers and criminals.  Not having secure Social Security cards is a threat to our Constitutional rights.
Upgrading the Social Security Card amounts to a National ID card/

Every identity card or other credential used by the U.S. today includes more security than the current Social Security card. The Social Security card of 2010 is essentially the same technology and design as we introduced in 1936.


An upgraded smart card-based design Social Security card would include a biometric identifier, provide multi-level authentication, and ensure that only the individual to whom the card is issued can use it.  The user must consent before the card can be read eliminating the fear of government or employer tracking.

We can accomplish the same end without a biometric ID card system; just enforce the laws. The only way to enforce the current immigration laws for work eligibility is to definitively know who each person is and their work status.  The biometric Social Security card ties the individual cardholder to the document so that the card can only be used by them.  Employment eligibility would be tied to the individual and employers will know who is eligible to work and who is not, eliminating the primary driver of illegal immigration.
Biometric verification systems are too complex and costly; it is unfair to place the burden on employers to set-up and manage a complicated biometrics system. Biometric card readers are widely available today for as little as $50 and can be added to any computer through a USB port just like a printer or a camera.  Handheld readers are also widely available for use in an outdoor environment.  Functionally, the reader will giver the employer a yes/no response- does this person match the enrolled card they are presenting for verification.
The sheer size of the project is too much to manage and it's too complicated to ever work. Enrolling the entire working population in the U.S. is going to be a challenge.  However, other less wealthy nations including India, Brazil and Guatemala are currently undertaking similar initiatives without incident.  If less wealthy nations can do it, certainly the United States can as well. 
It will be inconvenient for citizens to enroll. Citizens can easily enroll at a Federal Building in their home town-possibly Post Offices.
There is no way to ensure the right person is enrolling with weak supporting or "breeder" documents; no way to cope with people who steal an identity from the legitimate person.

Breeder documents are problematic in the U.S.  To solve this problem we need to begin the process of upgrading card technology and systems.  It is for that reason that moving to a secure biometric Social Security card is so important. 


Once an individual is enrolled they will not be able to assert a false identity for the purpose of gaining employment.  Policies and procedures can be put in place to ensure only the legitimate person can claim their Social Security number and attach their biometric identity. 

Biometric databases would create a central repository for ID thieves and hackers. Any biometric database must be used solely for enrollment to verify an individual is not already enrolled in the system.  After enrollment the database must be locked away and not accessed for verification or other daily use purposes.  All identity verification must be done between the card itself and the local reader giving the use control over their information. 
Estimated costs to deploy this system are in the $100's of billions, this is too expensive. Cost estimates are significantly overblown.  A biometric enabled card could be deployed for less than the average cost of a driver's license.
Hackers could intercept the personal information stored on the card and steal personal information or track people. 

Information stored on smart cards is protected by encryption and extensive security features.  The chop on the card is effectively dead (inert) until it comes into physical contact with the card reader.  No information is exchanged between the card and the reader until both agree they are part of the same system and secure.  At that point the cardholder would need to provide either their PIN code or biometric to authorize the card to be read. 


Because only the legitimate person can claim and use their identity, biometric card systems provide maximum protection of personal information, user control and consent. 

Consolidating data would facilitate the tracking of individuals. Policies about data use must go hand-in-hand with any requirement for deployment.  Users must know in advance how information about them will be used and a agree to those terms.  Terms of use cannot change after the fact.
Biometric cards would require workers to pay a few in order to be eligible to work. Fees for an upgraded Social Security card are unrealistic and unworkable.  The Federal Government constantly upgrades infrastructure including roads, computers, the military, and federal facilities.  The Social Security card should be no different.  Additionally, the reductions in ID theft and resulting fraud would pay for the deployment of such a system. 

Learn How

Secure ID News to Know

  • Making Medicare Smart

    Today the House of Representatives took a significant step forward to protect seniors and ensure the solvency of the Medicare program by unanimously passing the bipartisan Fighting Fraud to Protect Senior Care Act – HR.6690. The bill calls for a pilot program to test modernizing the Medicare card by incorporating smart card technology to prevent waste, fraud and abuse.

    This landmark program will enable front-end authentication of Medicare beneficiaries and providers at point of care and support back-end data analytics to ensure transactions are legitimate. The Government Accountability Office estimates that such a program can positively impact over 22% of all Medicare improper payment and fraud cases. With Medicare waste, fraud, and abuse costing US taxpayers an approximated $60 billion every year, the Fighting Fraud to Protect Senior Care Act will help prevent over $13.2 billion from being lost on a yearly basis.

    We thank Congressman Peter Roskam and Congressman Earl Blumenauer for their heroic effort to protect Medicare for all Americans: beneficiaries, providers, and taxpayers alike.

  • The Five Things IoT Manufacturers Can Do To Future-Proof the Industry

    If there’s one thing that we’ve learned over the past few days since the Internet of Things (IoT) distributed-denial-of-service attack (DDoS) attack gave the Internet brain freeze last Friday is that (1) IoT devices are insecure, (2) we have a really good idea what needs to be done to make them more secure, yet (3) it’s hard to get everyone on the same page in dedicating the resources to actually make them more secure.

    While that might seem like a stark truth, it only makes sense given how our economy and legal system works. Since no one company or device was responsible for allowing the attack, there’s no specific organization to shame or blame. Plus, it’s way too easy to point fingers at everyone else in the room and say there was nothing that could’ve been done, as everyone is responsible. Further, security costs money, and at the moment, companies want to pour their resources into grabbing IoT market share, not plugging holes that may or may not cause problems downstream. Unfortunately, this kind of thinking invites regulators and legislators to step in and attempt to dictate technology standards and best practices to address harms, both real and imagined.

  • Patient Identity: Getting Back to Basics for National Health IT Week

    Monday kicked off National Health IT week! While the United States has made progress in moving towards a more modern healthcare system, significant work remains. There’s no disputing that our medical device and health technology companies are the most advanced on the planet, developing the solutions that are diagnosing diseases earlier, expanding treatment options, and improving quality of life. However, when it comes to healthcare and identity—making sure that the correct data is associated with the right patient, and ensuring that that information is able to be shared, analyzed, and acted upon in a timely fashion—the United States lags woefully behind many other developed nations.