Justification for the Non-Substantive Change 0960-0789 (IT Modification Request)

Justification for the Non-Substantive Changes for

Social Security Administration’s Public Credentialing and Authentication Process

20 CFR 401.45 & 20 CFR 402

OMB No. 0960-0789

Background

Since its establishment in May 2012, SSA uses the Social Security Administration’s Public Credentialing and Authentication Process (hereafter-called “eAccess”) to provide a secure, centralized gateway to Social Security’s public-facing electronic services. SSA currently allows users to register both through our eAccess Internet process, and through a personal interview process using the Registration and Customer Support (RCS) screens for in-person or telephone interviews.

SSA originally issued agency-specific identity credentials directly to users. In September 2021, pursuant to OMB memorandum M-19-17, SSA began requiring new users to use a federated credential from Login.gov or ID.me. Although we discontinued issuing new identity credentials, SSA continues to accept existing SSA-issued identity credentials, now known as legacy credentials. To ensure compliance with guidance from the National Institute of Standards and Technology, and reduce credential support activities for our technicians, SSA intends to phase out support for legacy credentials and eventually require all users to access SSA services using a federated credential.

This release will begin the migration of our legacy credentials to federated credentials. Beginning with this release, users who have an original legacy credential and begin the identity proofing process using a Login.gov credential, and the system will prompt the users to link their legacy credential to their Login.gov credential. Once the credential with Login.gov is successfully linked, SSA will deactivate the user’s legacy credential and require the user to subsequently access SSA services using their Login.gov credential. Users who decline, or are not able to link their legacy credential can continue to use that credential normally.

Revisions to the Collection Instrument

• Change #1: We are adding new screens that inform legacy credential holders to link their legacy account to their Login.gov account.

Justification #1: This first phase of transition will allow SSA to focus on proofing and reduce credential support activities for our technicians.

Future Plans

Due to the agile nature of our projects, we expect to make more enhancements in the future to strengthen our electronic access authentication posture. Currently, we are still finalizing our IT modernization plans for these changes. We expect to submit another change request within six to nine months to request approval for additional updates to the system, and potentially, update the burden again to include additional users.

This revision will not change the overall burden for this information collection. We will implement this revision upon OMB’s approval.