There’s been a lot of dead people applying for products and services lately, and that has caused some headaches at the Social Security Administration. The problem is that the SSA regularly publishes the list of who has died, along with their Social Security numbers (SSNs) and dates of birth. This public list, the so-called SSA Death Master File, has been available to the public for decades but has recently gotten a lot of bad press. It seems that fraudsters use entries on this public list to improperly apply for products and services in the name of the deceased, an instance of identity theft of the dead. This has been going on for a long time but lately has gotten much more attention. The SSA’s solution to this problem is to stop publishing the SSA Death Master File.
We at ID Analytics don’t think that ceasing publication of the list is the best way to deal with this problem. We’ve been in the business of preventing identity theft for many years, and our tools work very well at stopping the theft of deceased identities. We use this SSA Death Master File as an upfront defense to weed out such applications, and our process successfully stops these attempts. If this Death Master File is no longer published this important defense will disappear and it will be much harder to stop these fraud attempts.
The flagging of an application that includes the SSN of a deceased person is an important aspect of identity fraud prevention, and will be substantially hampered by this new decision. If/when the SSA stops publishing this list of SSNs of the deceased, it will indeed be harder for thieves to obtain the SSNs of the deceased, but once obtained the fraudsters will be very hard to stop. Further, the large category of family fraud by spouses, siblings, parents and children in the use of deceased people’s identities will be much easier to commit and much harder to stop. The providers of commercial tools to stop identity fraud will no longer be able to flag applications that use deceased SSNs.
This decision is very similar to another recent decision by the SSA where they decided to issue new SSNs using a randomization process. The randomization of SSNs plugged a small hole of thieves targeting specific people for identity theft, but opened a much larger hole of no longer being able to verify that an SSN has been validly issued, so it’s very easy to invent what looks like a valid new SSN for a fraudulent application. For more information see http://idanalytics.com/idalabs/2011/its-here-randomized-social-security-numbers/
We suggest that the best way to solve the improper use of deceased people’s SSNs is to keep this list public and increase its use as a validity check in the examination of SSNs. If the list is very public and widely used, no dead SSN could be successfully used.
A compromise is to continue to make the list available but only to a smaller group of recognized fraud fighting organizations. This would satisfy all concerned and allow the continuation of the powerful and successful tools that exist today without substantially hampering those trying to protect the public against fraud.