Everyone heard about the Equifax hack… I even met someone who had been a victim of this attack. He did not know what to do exactly and how to protect himself after this breach.
Following this immense impact of American Citizens, US legislators are seriously considering a change, looking at safer options as an alternative to Social Security numbers after the Equifax hack.
On Nov, 8th 2017, the Senate Commerce Committee had an in-depth discussion with Yahoo ex-CEO Marissa Mayer, Verizon security officer Karen Zacharia, the present and previous CEOs of Equifax. They exchanged about providing and building a more resilient way to protect consumers from data breaches.
Entrust Datacard president and CEO Todd Wilkinson offered some specific arguments and opinions about the change from Security Numbers and why the U.S. needs to move away from this system — a must do to ensure customers’ security and privacy, in light of the Equifax hack.
" Over 145 million Americans’ insecure identities are now forever at risk, and they have limited ability to protect themselves," Wilkinson said. " A key question for this committee to consider is: What do we do now given these identities are forever compromised?"
Social Security Numbers present a tremendous risk to security and privacy. In the meeting, the committee discussed to move towards a dynamic identity system.
“Some combination of digital multi-factor authentication… is the right path,” former Equifax CEO Richard Smith said when asked about such a program.
During the meeting, Brazil’s Infraestrutura de Chaves Públicas digital certificate was considered as a potential model for the U.S., based on a certificate lasting for three years and being used to issue a digital signature. The ICP-Brasil is a hierarchical chain of trust that enables the issuance of digital certificates for the citizen’s virtual identity.
In practice, the ICP-Brasil digital certificate functions as a virtual identity that allows a secure identification.
The ICP-Brasil digital certificate guarantees, under the current legislation, a legal validity. Of course, these identities, in this case, might be revoked at any time with the appropriate process.
A month ago, the White House cybersecurity team endorsed the idea as well to change to a more secure, more digital form of identification.
Comments will be approved before showing up.