Anyone else experienced this?
A friend just tried to access his account information online via the Social Security Adminstration's web portal. He was told his online account had been cancelled and that he would have to create a new account as of January 1st. Suddenly, he was redirected to an Experian web site that started asking obscure personal "security questions" that proved impossible to answer and he was locked out of his account. (Do you remember all the license tags for any cars that could have been in your name for the last 10 years?)
After several hours of waiting on hold ('yes, we're getting a lot of calls from people having problems with this...') so he could start over, it appears that inaccurate information may have been entered and there's no way to fix it except by visiting a SS field office in person. I'm guessing this sounds familiar to ANYONE who's ever had to deal with Experian with an error on their credit report in the past.
What has happened is this: in response to concerns about the security of the massive amounts of sensitive data held by the Social Security Administration, someone thought it would be a good idea to award the contract to Experian. Experian seems to have merged with some other world-wide agencies under the banner of "A Single Version of the Truth" (not kidding) and are now offering their expertise in identity verification.
On the surface, this seems to be a violation of our expectation of privacy with respect to the massive volume of data that the Social Security Administration collects on all individual's employment history. Secondly: Experian may now have the ability to correlate and data mine this secure information combined with all the other records they collect about individuals - and we have no control over how this information will be used or verification of it's accuracy.
Finally: Experian has always had a terrible record for accuracy of their records. They have a poor documented record with the public (when you can find them - they obviously scrub well - not much on Google) and that aligns with my direct personal experience over the years. ?One incident after some strange credit events took me 6 weeks and a 25 page letter documenting errors that needed to be corrected. One bank supervisor during my ordeal candidly told me Experian always had the most errors, but they were the least expensive and that's why they were used so often. When you realize that errors on your credit report only allow providers to charge more fees - you can see why there's not much incentive for accuracy ... but that's another issue.
I'm wondering if anyone else is bothered by this massive hand-over of personal data to a company that, frankly, I don't trust to respect my privacy and not misuse the information. Granted, this doesn't affect operation of Social Security or payments - but with fewer field offices, this could affect many people's access to their information.
6:38 AM PT: Update: Here's another scary concern from comments (DRo):
"Offers two report types, full and partial, for clients with and without a Fair Credit Reporting Act (FCRA) permissible purpose"... so further into private, non-regulated data?
Also: I wonder if this "data exchange" applied to only the 50 Million active SS benefit recipients ... or did the get access to ALL SS records? And I'll bet Experian did it for "free" (saved taxpayer $s!) for access to data that will be worth a goldmine to them!
3:07 PM PT: In response to a downstream "pie fight", I stand by my assumption that Experian explicitly states they have access to Social Security data:
"...people age 18 and older must be able to provide information about themselves that matches information already on file with Social Security. Then, Social Security uses Precise IDSM, Experian?s fraud detection and prevention platform, to securely authenticate and further verify the person?s identity."The statement from Experian says they use "information already on file with Social Security". They then state that Social Security usese "Precise IDSM (tm, I assume), Experian's fraud detection and prevention platform" to further verify the person's identity.
We can assume that either SSA hands off to Experian for the ID verification, or that Experian is within SSA system to verify. ?Since the questions I've seen used so far are from the Experian Credit Reporting system only - I have to assume this happens on Experian secure servers.
If Experian explicitly states they use "information already on file with Social Security", then they must have that information on file and , by implication, on their servers. ?If they do not possess the individual information directly, then they are able to do some sort of secure, real-time SQL query - which also implies a level of access I am NOT comfortable giving to a company with the track record of Experian.
chesapeake energy dick clark death yom hashoah yolo liquidmetal gsa scandal kelis
No comments:
Post a Comment