Supporting Statement--0632

Supporting Statement for

Request for Internet Services – Password Authentication (RISPA)

20 CFR 401.45

OMB No. 0960-0632

A. Justification

1. The Social Security Administration (SSA) collects this information by authority of the Privacy Act of 1974 at 5 U.S.C. 552a(e)(10) of the United States Code, which requires agencies to establish appropriate administrative, technical, and physical safeguards to insure the security and confidentiality of records. Also, 5 U.S.C. 552a(f)(2)&(3) requires agencies to establish requirements for identifying an individual who requests a record or information pertaining to that individual and to establish procedures for disclosure of personal information. SSA promulgated Privacy Act rules in the Code of Federal Regulations, Subpart B. Procedures for verifying identity are at 20 CFR 401.45. Authority to collect this information is also contained in Section 205(a) of the Social Security Act.

2. SSA established a Password infrastructure and process for verifying the identity of individuals who choose to use the Internet and the Automated Telephone Response System to conduct business with SSA in an electronic environment. We use Password Services for the convenience of SSA and its customers to provide electronic access to SSA's automated services and thereby reduce the number of contacts with teleservice and field staff. Electronic transactions cost mere pennies when compared to the high dollar cost associated with human intervention.

Password Services and the applications requiring a User ID and Password are accessed through SSA’s Access Control Utility (ACU). SSA uses the information collected by Password Services to authenticate an individual prior to giving him or her access. SSA will continue to collect and use the information to establish a Password Data File. The file will continue to be used to allow customers to conduct electronic business with the Agency. Eventually, this Password Data file may become part of the Lightweight Directory Accessed Protocol (LDAP) Data File housed within the Access Control Utility (ACU).

In order to register a password with SSA’s Individual Password Services, we ask an individual for the following information: Name, SSN, Date of Birth, and Password Request Code (PRC - a temporary password or shared secret created by SSA and mailed to the requestor).

The User ID/Password process will continue to be used for access to SSA's online and automated telephone services. These services will be password-protected when SSA has determined that the information transmitted requires a higher level of protection. Individuals may also use the User ID/Password to access electronic services that require a lower level of protection. Some of the services that require password protection include, but are not limited to the following:

• Change of Address and Telephone Number;

• Direct Deposit Elections or Changes; and

• Account Status Inquiries (Check Your Benefits).

Some of the services that support the password process are:

• Request a PRC;

• Create a Password;

• Change Your Password; and

• Block Your Electronic Access.

The Password process allows the requestor to establish his or her identity with SSA, to create a Password, and to use that password, along with a User ID (Social Security Number), to access or change his or her own personal information maintained by SSA. We also allow customers to change their password, and for those who have lost or forgotten their Password, to re-establish their identity with us and create a new Password.

Prior to creating a Password, we will verify the requestor’s identity. Some examples of information we may ask for include:

• shared secret (temporary password) randomly created by SSA and mailed to the requestor (the Password Request Code or PRC);

• SSN;

• Date of Birth; and

• Name

We then compare the answers to these questions to information contained in our records. SSA collects the information exclusively to verify the identity of the requester. The field for other last names is optional and only used to help us match the person in cases where the person has changed their name (e.g., marriage) and not notified Social Security. Once SSA establishes identity, the requester chooses a password and this password can be used by the requester to identify him/herself to SSA for future Internet/telephone transactions.

We also conduct two surveys within the Password Services process. These help us to collect information about the process, itself. The surveys help us to identify problems in the process and they reinforce what works well for users. Survey responses help us to improve our password process.

3. SSA automated this information collection. The requester keys in identifying information, transmits it over the Internet/telephone to SSA, and SSA compares the information to existing electronic records in real time. If the information keyed and transmitted matches with established SSA records, the System allows the requester to proceed to choose a password.

4. The information collected through the ACU screens has already been collected and posted to SSA’s master electronic records, but we ask for it again for comparison and verification. There currently is no existing alternative way for SSA to verify identity electronically when the request is user-initiated over the Internet or through the Automated Telephone Response System.

5. This collection does not have a significant impact on a substantial number of small businesses or other small entities.

6. Failure to be able to verify the requester’s identity would result in SSA’s not being able to respond to these requests. Making this service available electronically saves the requester the effort of phoning an SSA TeleService Center representative or visiting an SSA field office, and saves SSA staff time. In addition, since we only collect this information on an as needed basis, we cannot collect it less frequently. There are no technical or legal obstacles that prevent burden reduction.

7. There are no special circumstances that would cause this information collection to be conducted in a manner that is not consistent with 5 CFR 1320.5.

8. The 60-day advance Federal Register Notice published on April 28, 2009 at 74 FR 19261, and SSA has received no public comments. The second Notice published on July 27, 2009 at 74 FR 37081, and SSA has had no outside consultations with members of the public.

9. SSA provides no payment or gifts to the respondents.

10. The Privacy Act of 1974 protects the information collected. In addition, our Privacy Policy protects information collected by SSA for Internet Services that ensures the confidentiality of all information provided by the requester. Our Internet privacy policy is:

• You do not need to give us personal information to visit our site.

• We collect personally identifiable information (name, SSN, DOB or email) only if specifically and knowingly provided by you.

• We only use personally identifying information you provide in conjunction with services you request as described at the point of collection.

• We sometimes perform statistical analyses of user behavior in order to measure customer interest in the various areas of our site. We will disclose this information to third parties only in aggregate form.

• We do not give, sell, or transfer any personal information to a third party.

• We do not enable “cookies.” (A “cookie” is a file placed on your hard drive by a Web site that allows it to monitor your use of the site, usually without your knowledge.)

Additionally, SSA will ensure the confidentiality of the requester’s personal information in several ways:

• We encrypt all electronic requests using the Secure Socket Layer (SSL) security protocol. SSL encryption prevents a third party from reading the transmitted data even if they intercept it. This protocol is an industry standard and is used by banks such as Wells Fargo and Bank of America for Internet banking.

• We give the requester adequate warnings that the Internet is an open system and there is no absolute guarantee that others will not intercept and decrypt the personal information they have entered. We advise the requester of alternative methods of requesting personal information, i.e., a personal visit to a field office or a call to the 800 number.

Only upon verification of identity will we allow the requester access to additional screens that allow requests for and changes to personal information from SSA records.

For our automated telephone services, we use shortened Privacy Act and Paperwork Reduction Act Statements. The user has the option to listen to the whole Statement if they so choose. The Statements given are the same as those used for the Internet version.

11. The information collection does not contain any questions of a sensitive nature.

12. We estimate that 3,092,069 requestors annually will use these Internet screens to submit identification/verification information. Our Password Services include several tasks:

• Request a PRC

• Create a Password

• Change Your Password

• Use the Password to Access Electronic Services

• Block Electronic Access

It may take an individual anywhere from 1 to 2 minutes to up to 5 minutes to get through each task separately. Therefore, we estimate the total amount of time it would take a user to get through the entire password process is 10 minutes, resulting in an annual reporting burden of 515,345 burden hours.

We estimate that it will take 122,266 requestors 10 minutes to answer the questions via the Telephone verification, resulting in an annual reporting burden of 20,378 hours. The total requestors for both the Internet and the telephone versions are 3,214,335. The total annual burden hours for both the Internet and the telephone versions are 535,723.

Automated Systems	Number of Respondents	Frequency of Response	Average Burden Per Response (minutes)	Annual Burden Hours
Internet Requestors	3,092,069	1	10	515,345
Telephone Requestors	122,266	1	10	20,378
Totals:	3,214,335	1	10	535,723

The total burden reflects as burden hours, and SSA calculated no separate cost burden.

13. There is no known cost burden to the respondents.

14. The annual cost to the Federal Government is approximately $40,000. This estimate includes both the Internet and automated telephone services costs. We estimate the cost burden to the Federal Government to operate and maintain SSA’s Password Services via the Access Control Utility (ACU) to be $30,000. We estimate that the cost burden to operate and maintain SSA’s Password Services via the automated telephone system is an additional $10,000.

15. There has been a significant increase in the burden associated with this service. An increasing number of beneficiaries are choosing to use the Internet or telephone to conduct business with SSA. Establishing a password is strictly an option that is available to Title II and concurrent Title II/Title XVI recipients/applicants. We expect a proportionate decrease in SSA Field Office and Teleservice Center traffic.

16. SSA will not publish the results of the information collection.

17. We are not requesting an exception to the requirement to display an expiration date.

18. SSA is not requesting an exception to the certification requirements at 5 CFR 1320.9 and related provisions at 5 CFR 1320.8(b)(3).

B. Collection of Information Employing Statistical Methods

SSA does not use statistical methods for this information collection.