Survey of Online Services and Authentication

DOCUMENTATION FOR THE GENERIC CLEARANCE
OF CUSTOMER SATISFACTION SURVEYS
TITLE OF INFORMATION COLLECTION: Survey of Online Services and
Authentication
SSA SUB-NUMBER: E-01
ACTIVITY: INTERNET SURVEY
BACKGROUND
To support Federal e-Government initiatives, the Social Security Administration (SSA)
proactively seeks public feedback concerning our Internet applications. The public’s ability to
access our applications, perception of the security of our applications, and opinion concerning
the usefulness of our online services are factors that drive Internet usage. Public feedback from
Internet users about our current online applications provides insight about how we can continue
to meet our customers’ needs as we expand our online services.
Eighty million baby boomers will require SSA’s services within the next 20 years. SSA is
approaching an unprecedented amount of work. In past work years, SSA’s traditional customer
has been face-to-face, in-office, or on the telephone. To improve service and reduce the volume
of walk-in traffic to the field offices, we are moving more workloads online. To move these
workloads online, SSA must develop authentication technologies that encourage the public to
feel secure about the exchange and release of personal information via the Internet.
Currently, SSA accesses applications using PIN/password or knowledge-based authentication.
However, these single-factor technologies may not provide the level of assurance required by the
higher-risk applications SSA will implement in the future. As a result, there is an increased need
to strengthen current authentication routines and methods to provide adequate levels of assurance
in the identity of individuals who wish to electronically conduct business with SSA. To develop
stronger authentication processes, we need to understand our customer’s Internet usage and their
perception of what constitutes a secure Internet site.
We will conduct an Internet survey project (i.e., two duplicate surveys) to assess public reaction
to SSA’s anticipated authentication processes, online service, and new authentication
technologies. We will use survey results to enhance our authentication techniques for online
applications. SSA’s overall goal is to obtain customer feedback on proposed enhancements to
SSA authentication protocols. Customer feedback, along with SSA’s collaborative efforts with
other agencies, contractual support, and the contribution of privacy experts, enable the agency to
choose electronic authentication technologies that meet OMB and National Institute of Standards
Technology (NIST) standards and address customer security concerns.

DESCRIPTION OF ACTIVITY:
Internet Survey
We will conduct two voluntary online surveys to target beneficiaries and non-beneficiaries who
use the internet. We propose to conduct one survey in the early part of fiscal year 2010 and the
duplicate survey sometime later in the fiscal year. SSA has hired the services of a contractor to
conduct the online survey. The contractor will be conducting both surveys using an online
survey tool, Survey Monkey.com, and will post each survey on the site for approximately 4
weeks.
Survey Populations per Survey
There will be a total of two target survey populations for each survey. The contractor will
conduct each survey with two audiences: A) non-beneficiaries who use the Internet, and B)
beneficiaries who use the Internet. We will mail letters requesting participation to 6,000
participants from each of the two groups for a total of 12,000 participants per survey. The letters
provide survey information and the link participants will need to access the survey. The 12,000
participants will receive a second letter (reminder) two weeks from the date of the first mailing.
We expect an estimated 2,400 responses, based on an assumed 20% response rate for each
survey.
The following is the screening criteria for the two targeted audiences (per survey):
Beneficiaries – Group A:
We plan to canvass 6,000 current beneficiaries whose SSA records indicate they filed a firstparty application on-line (indicating they have experience using the Internet). The listing will
comprise beneficiaries between the ages of 21 – 60, with 1,500 beneficiaries across 4 age deciles
(21 to 30 yrs old, 31 to 40 yrs old, 41 to 50 yrs old, and 51 to 60 yrs old). We anticipate the
majority of the pool will be disability beneficiaries or spouses of disability beneficiaries.
We plan to filter out all beneficiaries in this population who have a representative payee,
beneficiaries who are in suspense because our records show them as being in prison, and
beneficiaries with an incorrect address. We also plan to eliminate multiple notices per household
by identifying records with matching ZIP plus 4, ZDPC, and street address.
Non-beneficiaries – Group B:
Our contractor is working with InfoUSA to obtain contact information for the non-beneficiary
group. InfoUSA provides mailing lists for individuals according to a variety of demographic
elements, age being one of them. The desired age range is 21-60 with equal age demographic
representation within the following age ranges: 21-30, 31-40, 41-50, and 51-60. InfoUSA will
structure the sample to include only those users for whom they have an email address, thus
increasing the likelihood that the contacts are Internet users. Email addresses will not be
included in the data set purchase. Other demographic parameters are zip+4 records only, one
contact per household, omit rural routes without box numbers, omit all PO Boxes, and omit
apartments without apartment numbers.

Current beneficiaries already have some familiarity with how SSA does business and some
experience with our website applications and security features. However, it is very important to
obtain insight from members of the public who have had no contact with SSA or its Internet
services to ensure that we enhance our current authentication process to meet the needs of future
applicants. Accordingly, we include members of the general public not currently receiving
benefits in the survey to garner more insight from this population of prospective Social Security
beneficiaries.
Survey Questions
The objective of the questions included in each of the surveys is to obtain information about the
participants’ general Internet usage, their concerns with Internet security, and their confidence in
SSA’s authentication protocols. We grouped the survey questions into the following categories:


General Internet technology adoption—SSA is interested in understanding how our
users’ current level of Internet adoption will affect their willingness to transact
confidential business online with the agency.



Sensitivity to questions that may be asked by SSA in order to validate a user’s
identity— The purpose of these questions is to understand participants’ willingness to
provide additional personal data in order to be able to transact confidential business
online with the agency.



Anticipated SSA online safeguards—SSA is interested in understanding how users feel
about different methods that might be employed by SSA to safeguard user access to their
online account.



Demographics—SSA will analyze the results by age, state of residence, and education
level.

IF SURVEY PARTICIPANTS WILL RECEIVE A PAYMENT, INDICATE AMOUNT:
SSA will not compensate active survey participants for their participation.
USE OF SURVEY RESULTS:
SSA will use the results of the surveys to enhance identity proofing (i.e. electronic
authentication) techniques for future online applications. SSA’s overall goal in this phase of
testing is to obtain quantitative customer feedback on authentication protocols currently used by
the agency as well as proposed enhancements to these protocols. Customer feedback along with
SSA’s collaborative efforts with other agencies, contractual support, and the contribution of
privacy experts will enable the agency to choose electronic authentication technologies that meet
OMB and NIST standards and address customer security concerns.
BURDEN HOUR COMPUTATION (Number of responses (X) estimated response time (/60) annual burden hours):
Based on 20 percent response rate (estimated minimum response)
Total Number of Possible Responses: 1,200
Estimated Response Time: 6 minutes

Estimated Annual Burden hours: 120 hours
NAME OF CONTACT PERSON: Deb Larwood
TELEPHONE NUMBER: 410-966-6135