17thWhitePrince wrote:Well I know that the Social Security Administration provides an “Earnings and Benefit Estimate Statement” for all workers age 25 or older. The statement provides you with a history of your earnings and projected benefits. When you sign up on the SSA website, they carefully verify that you are who you say you are. They ask you to provide several different types of information and to answer questions that only you should be able to answer. They may also use an identity verification service provided by Experian to help verify your identity and protect your privacy when you register to do business with them online. When the SSA makes a verification request to establish your account, Experian may use information from your credit report to help verify your identity. As a result, you may see an entry called a "soft inquiry" on your Experian credit report. This will show an inquiry by the Social Security Administration and the date of the request.
That would make sense. I used to get these in the mail; now I have to log in to see them. (And they're kind of depressing, talking about how they anticipate being able to pay me only a percentage of the benefits I'm entitled to once I retire. Of course, by the time I reach retirement age that percentage will probably be close to zero.)
What's equally depressing is how the entire US financial industry thinks asking you a few questions from your credit report -- which ANYONE can obtain online for around $25 -- somehow maintains security. Sure, pulling someone's credit without a legitimate purpose is probably fraud -- but someone intent on identity theft probably doesn't worry too much about that. I just went through this same kind of verification process again on annualcreditreport.com for example.
(Source for the above claim: Years ago, around 2004, an acquaintance was able to show me my own credit report using nothing but my name. He did not have my SSN, and he did not have my date of birth. It bothers me that he could do this without my consent, but if he could, anyone could. This approach to security is fundamentally flawed.)