This country faces a Social Security crisis. It involves numbers. No, not benefit cuts and revenue increases. I mean it involves your actual Social Security number. A study from two Carnegie Mellon professors concludes that it's not nearly as secure as you thought.


The study concluded that identify thieves, armed merely with knowledge of your birthday and birthplace, had a surprisingly good chance at guessing Social Security numbers (SSNs). With that knowledge, they could make hundreds of thousands of dollars a day trafficking in stolen identities. How is that possible?

As Slate's Chris Wilson points out, SSNs were originally designed to keep track of federal pension contributions, not to be perfectly random. In fact, they're not random at all: Chris explains:

The numbers were derived using a simple formula. The first three digits, called the "area number," refer to the state where the card was issued. The fourth and fifth digits, the "group number," are assigned in a predetermined order to divide the applicants into arbitrary groups. The last four digits, the "serial number," are assigned sequentially, from 0001 to 9999 in each group.

But today, SSNs help to identify our drivers IDs, tax returns, bank statements, credit card accounts, apartment leases, company accounts -- in short, our most-valuable information. How should we protect ourselves from our suddenly ubiquitous, and sensitive, numbers?

Wilson provies two options: 1) Replace SSNs with national IDs that randomize the entire number without an obvious formulua (but it's unpopular); 2) And use different ID numbers for your drivers ID, tax returns, etc., and just use Social Security numbers for Social Security.

I think Chris is right on with his analysis, and it's worth noting that the key to protecting our identify is to diversify the number of methods by which we identify ourselves. As long as there is one number that dominates our access to important information, there will be smart criminal pseudo-cryptologists, dumpster divers and computer hacks who will meet the high incentive the steal that number.

We want to hear what you think about this article. Submit a letter to the editor or write to letters@theatlantic.com.