In April 2025, to mitigate fraud, SSA
increased the level of identity proofing needed for respondents who
choose to make direct deposit changes by telephone. SSA published
an Emergency Request FRN on April 18, 2025, at 90 FR 16583, then,
upon OMB’s approval of the Emergency Clearance, implemented a
hybrid identity proofing process called the my Social Security –
Security Authentication PIN (SAP) that provides identity proofing
parity with our online and in-person modalities. Utilizing the SAP
process provides the necessary identity verification to allow
direct deposit changes via phone, while ensuring fraud protection
through stronger verification of the identity of the individual
prior to accessing or revising their account. OMB granted an
Emergency approval for the my Social Security – Security
Authentication PIN (SAP) collection. We are publishing this 30-day
comment period Notice to initiate the full information collection
request renewal for the SAP process. We received public comments on
the Emergency FRN and on the 60-day comment period FRN which we
addressed within the documentation for the full renewal. SSA’s
hybrid Security Authentication PIN (SAP) digitally verifies the
identity of a telephone respondent (whether a beneficiary or
recipient, or his or her representative payee) over the phone with
an SSA technician. In addition, for circumstances where a
respondent is seeking direct deposit requests in-person at a field
office and he or she is required to provide an acceptable form of
identification (e.g., State ID/driver’s license, U.S. Passport,
etc.), the SAP provides an alternative option for individuals who
do not have the requisite identity document with them at the time.
While the public-facing SAP tool itself does not collect any
information, the process of creating or logging into a my Social
Security account requires the respondent to submit several pieces
of identifying information (such as an email address, a password,
selecting a multi-factor authentication method, and completing
identity proofing, which entails uploading an ID and taking a
“selfie”) to both sign up/or use ID.me or Login.gov, and to use the
enhanced multi-factor identification tool each time the respondent
logs in to the account. We previously obtained OMB approval for the
burden associated with the creation of the my Social Security
account under SSA’s Public Credentialing and Authentication Process
(OMB No. 0960-0789) which utilizes ID.me and Login.gov for
authentication purposes. However, while the creation of a my Social
Security account is already covered under a separate OMB Control
number, we are accounting for the increased burden associated with
generating a SAP through my Social Security to complete a direct
deposit transaction with SSA over the telephone. For respondents
meeting certain dire need criteria, SSA may permit respondents to
make direct deposit changes by telephone without SAP
authentication. Respondents meeting the exception criteria are
identified through a personal interview with a technician using
Form SSA-553, Special Determination. Since this process is less
effective in mitigating fraud and securing financial information,
SSA limits the use of this request to dire need situations. SSA
technicians determine dire need on a case by-case basis. The
respondents are individuals who wish to do business with SSA over
the telephone or in person for the purpose of direct deposit
enrollments, updates or cancellations.
Since we implemented the SAP
process in April, we have made several revisions to the process
which has changed our overall burden. See #12 above for updated
burden figures. * Note: The total burden reflected in ROCIS is
1,213,240, while the burden cited in #12 of the Supporting
Statement is 358,521. This discrepancy is because the ROCIS burden
reflects the average teleservice center and field office waiting
times as well as the burden per response. In contrast, the chart in
#12 of the Supporting Statement reflects actual burden.
On behalf of this Federal agency, I certify that
the collection of information encompassed by this request complies
with 5 CFR 1320.9 and the related provisions of 5 CFR
1320.8(b)(3).
The following is a summary of the topics, regarding
the proposed collection of information, that the certification
covers:
(i) Why the information is being collected;
(ii) Use of information;
(iii) Burden estimate;
(iv) Nature of response (voluntary, required for a
benefit, or mandatory);
(v) Nature and extent of confidentiality; and
(vi) Need to display currently valid OMB control
number;
If you are unable to certify compliance with any of
these provisions, identify the item by leaving the box unchecked
and explain the reason in the Supporting Statement.
03/31/2026
Something went wrong when
downloading this file. If you have any questions, please send an
email to [email protected].
Respondents who drop out of SAP and use an alternate method for changing direct deposit