jump to navigation

And Just Whose Bright Idea Was This? August 7, 2016

Posted by Peter Varhol in Software platforms, Technology and Culture.
Tags:
trackback

Brilliant! What more can be said here?  The Social Security Administration (they have their own exit ramp, off of Interstate 695 west of Baltimore) were under a mandate to improve security.

Okay, I get that, but their solution was to implement two-factor security using a challenge-response based on a phone text code.  This is the only way you can access your account online.

This is where this seriously goes off the rails. It requires a mobile phone capable of sending and receiving texts.  According to a recent study by the Pew Research Center, 92 percent of adult Americans have cell phones (whether or not they text is a different story), but only 78 percent of seniors, who might be most interested

The Social Security Administration recognizes that not everyone has a cell phone, but claimed not to be able to implement any other solution.

Um, no. My primary (maybe) bank, Bank of America, does a challenge-response access.  You type in your account name, it comes back with a glyph that you have chosen to represent you with the bank.  The purpose of the glyph is to assure you that you haven’t been redirected to a bogus site that wants to phish for your passwords and financial information.  Only after you have verified that the glyph is yours do you enter your password.  That approach is ultimately simpler than the text-based security system.

You may not have a cell phone for a variety of reasons, including no reception in your area (many rural areas of the US lack widespread cellular service). Probably those who grew up with landlines may feel less a need to carry a phone around with them, which also speaks of an older generation.

I don’t believe that the Social Security Administration was limited to a text-based security solution. On the surface, this seems to be yet another example of government not serving its constituents, because they don’t have to.

Advertisements

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: