Agency Information Collection Activities: Proposed Request, 21496-21499 [2014-08578]
Download as PDF
<![CDATA[
21496
Federal Register / Vol. 79, No. 73 / Wednesday, April 16, 2014 / Notices
security deemed as a TRACE-Eligible
Security would be excluded from the
term ‘‘OTC Equity Security.’’ 26
FINRA did not modify the proposed
interpretation regarding the treatment of
capital trust securities and trust
preferred securities. Thus, the term
‘‘TRACE-Eligible Security’’ would
include a capital trust security and a
trust preferred security (other than a
capital trust security or a trust preferred
security that is listed on an equity
facility of a national securities
exchange), and transactions in such
securities must be reported to TRACE
(and not to ORF) in compliance with the
applicable reporting requirements. This
interpretation would apply even if the
capital trust security (or a trust preferred
security) was previously listed on an
equity facility of a national securities
exchange but has since been delisted.
Once delisted, the security must be
reported to TRACE.27 All other
preferred securities and depositary
shares representing fractional interests
in such securities—except the hybrid
securities identified above: hybrid
$1,000 preferred securities and hybrid
$1,000 depositary shares—would
continue to be included in the term
‘‘OTC Equity Security,’’ and members
must report transactions in such
securities to ORF.28
In light of the amended interpretation,
FINRA determined not to extend the
implementation date beyond the
originally proposed maximum of 150
days following Commission approval.
FINRA believes that members will be
able to comply within such timeframe
because the amended interpretation
largely follows current market
practice.29 Therefore, as of the date of
implementation, affected securities will
be transferred, if necessary, for reporting
to the appropriate trade reporting
facility, and after this transfer members
must report all transactions in such
securities to the appropriate trade
reporting facility.
Comment on Amendment No. 1. The
Commission received one comment
letter in response to Amendment No.
1.30 The commenter supported the
proposed revisions and believed that the
amended interpretation would prevent
investor confusion by allowing hybrid
pmangrum on DSK3VPTVN1PROD with NOTICES
26 See
Notice of Amendment No. 1, 79 FR 12543.
id. at n. 18.
28 For example, a non-convertible preferred
security having a par value or liquidation
preference of $25 that is not listed on an equity
facility of a national securities exchange would be
an OTC Equity Security under the interpretation
and would be required to be reported to ORF. See
79 FR 12543.
29 See id.
30 See supra note 7.
27 See
VerDate Mar<15>2010
15:20 Apr 15, 2014
Jkt 232001
$1,000 depositary shares and hybrid
$1,000 preferred securities to be
reported to TRACE. The commenter
stated that the amended interpretation
‘‘appropriately preserves the established
market practice for these securities and
achieves investor protection goals
consistent with the debt-like nature of
the security, without being unduly
burdensome.’’ 31
V. Discussion
After carefully considering the
proposed rule change, as modified by
Amendment No. 1, the comments
submitted, and FINRA’s response to the
comments, the Commission finds that
the proposed rule change, as modified
by Amendment No. 1, is consistent with
the requirements of the Act and the
rules and regulations thereunder
applicable to a national securities
association.32 In particular, the
Commission finds that the proposed
rule change, as modified by Amendment
No. 1, is consistent with Section
15A(b)(6) of the Act,33 which requires,
among other things, that FINRA rules be
designed to prevent fraudulent and
manipulative acts and practices, to
promote just and equitable principles of
trade, and, in general, to protect
investors and the public interest.
The Commission believes that it is
reasonable and consistent with the Act
for FINRA to provide guidance as to
whether particular hybrid securities
should, for purposes of FINRA’s trade
reporting rules, be deemed debt
securities, and thus TRACE-eligible, or
equity securities, and thus reportable to
an equity trade reporting facility.
Although such securities may have both
debt and equity features, the
Commission believes that it is
appropriate for FINRA to seek to
address the confusion about how to
report such securities by having all
transactions in a particular type of
hybrid security reported to the same
facility. This approach is reasonably
designed to promote transparency, as all
trade reports of the same hybrid security
discussed in the proposal should now
be reported to and disseminated by the
same trade reporting facility, instead of
appearing on different facilities in
different formats. Furthermore, the
Commission believes that, in the
absence of a compelling regulatory
reason to require hybrid securities to be
reported to an equity trade reporting
facility such as the ORF, it is consistent
31 SIFMA
Letter II at 2.
approving this proposed rule change, the
Commission has considered the proposed rule
change’s impact on efficiency, competition, and
capital formation. See 15 U.S.C. 78c(f).
33 15 U.S.C. 78o–3(b)(6).
32 In
PO 00000
Frm 00067
Fmt 4703
Sfmt 4703
with the Act for FINRA to permit its
members to continue using existing
infrastructure to report the hybrid
securities in question to TRACE.
VII. Conclusion
It is therefore ordered pursuant to
Section 19(b)(2) of the Act 34 that the
proposed rule change (SR–FINRA–
2013–039), as modified by Amendment
No. 1, be and hereby is approved.
For the Commission, by the Division of
Trading and Markets, pursuant to delegated
authority.35
Jill M. Peterson,
Assistant Secretary.
[FR Doc. 2014–08585 Filed 4–15–14; 8:45 am]
BILLING CODE 8011–01–P
SOCIAL SECURITY ADMINISTRATION
Agency Information Collection
Activities: Proposed Request
The Social Security Administration
(SSA) publishes a list of information
collection packages requiring clearance
by the Office of Management and
Budget (OMB) in compliance with
Public Law 104–13, the Paperwork
Reduction Act of 1995, effective October
1, 1995. This notice includes revisions
of OMB-approved information
collections.
SSA is soliciting comments on the
accuracy of the agency’s burden
estimate; the need for the information;
its practical utility; ways to enhance its
quality, utility, and clarity; and ways to
minimize burden on respondents,
including the use of automated
collection techniques or other forms of
information technology. Mail, email, or
fax your comments and
recommendations on the information
collection(s) to the OMB Desk Officer
and SSA Reports Clearance Officer at
the following addresses or fax numbers.
(OMB)
Office of Management and Budget,
Attn: Desk Officer for SSA, Fax: 202–
395–6974, Email address: OIRA_
Submission@omb.eop.gov.
(SSA)
Social Security Administration,
OLCA, Attn: Reports Clearance Director,
3100 West High Rise, 6401 Security
Blvd., Baltimore, MD 21235, Fax: 410–
966–2830, Email address:
OR.Reports.Clearance@ssa.gov.
The information collections below are
pending at SSA. SSA will submit them
to OMB within 60 days from the date of
34 15
35 17
E:\FR\FM\16APN1.SGM
U.S.C. 78s(b)(2).
CFR 200.30–3(a)(12).
16APN1
21497
Federal Register / Vol. 79, No. 73 / Wednesday, April 16, 2014 / Notices
this notice. To be sure we consider your
comments, we must receive them no
later than June 16, 2014. Individuals can
obtain copies of the collection
instruments by writing to the above
email address.
1. Letter to Landlord Requesting
Rental Information—20 CFR
416.1130(b)—0960–0454. SSA uses
Form SSA–L5061 to obtain rental
subsidy information, which enables
SSA to determine and verify an income
value for such subsidies. SSA uses this
income value as part of determining
eligibility for Supplemental Security
Income (SSI) and the correct amount of
SSI payable to the claimant. SSA bases
an individual’s eligibility for SSI
payments, in part, on the amount of
countable income the individual
receives. Income includes in-kind
support and maintenance in the form of
room or rent, such as a subsidized rental
arrangement. SSA requires claimants to
assist in obtaining this information to
prevent a delay or overpayment with
their SSI payments. We collect this
information only if the SSI applicant or
recipient is the parent or child of the
landlord (respondent). For most
respondents, we collect this information
once per year or less, via telephone or
face-to-face personal interview. The
claims representative records the
information in our Modernized SSI
Claims System (MSSICS), and we
require verbal attestation in lieu of a wet
signature. However, if the claims
representative is unable to contact the
respondent via the telephone or face-to
face, we print and mail a paper form to
the respondent for completion. The
respondent completes, signs, and
returns the form to the claims
representative. Upon receipt, the claims
representative documents the
information in MSSICS or, for nonMSSICS cases, faxes the form into the
appropriate electronic folder and shreds
the paper form. The respondents are
landlords who are related to the SSI
beneficiaries as a parent or child.
Type of Request: Revision of an OMBapproved information collection.
Modality of completion
Number of
respondents
Frequency of
response
Average
burden per
response
(minutes)
Estimated total
annual burden
(hours)
SSA–L5061 ......................................................................................................
72,000
1
10
12,000
2. Social Security’s Public
Credentialing and Authentication
Process—20 CFR 401.45 and 402—
0960–0789.
Background
Authentication is the foundation for
secure, online transactions. Identity
authentication is the process of
determining, with confidence, that
someone is who he or she claims to be
during a remote, automated session. It
comprises three distinct factors:
something you know, something you
have, and something you are. Singlefactor authentication uses one of the
factors, and multi-factor authentication
uses two or more of the factors.
pmangrum on DSK3VPTVN1PROD with NOTICES
SSA’s Public Credentialing and
Authentication Process
SSA offers consistent authentication
across SSA’s secured online services.
We allow our users to request and
maintain only one User ID, consisting of
a self-selected username and password,
to access multiple Social Security
electronic services. Designed in
accordance with the OMB
Memorandum M–04–04 and the
National Institute of Standards and
Technology (NIST) Special Publication
800–63, this process provides the means
of authenticating users of our secured
electronic services and streamlines
access to those services.
SSA’s public credentialing and
authentication process:
• Issues a single User ID to anyone
who wants to do business with the
agency;
VerDate Mar<15>2010
15:20 Apr 15, 2014
Jkt 232001
• Offers authentication options that
meet the changing needs of the public;
• Partners with an external data
service provider to help us verify the
identity of our online customers;
• Complies with relevant standards;
• Offers access to some of SSA’s
heaviest, but more sensitive, workloads
online while providing a high level of
confidence in the identity of the person
requesting access to these services;
• Offers an in-person process for
those who are uncomfortable with or
unable to use the Internet process;
• Balances security with ease of use;
and
• Provides a user-friendly way for the
public to conduct extended business
with us online instead of visiting local
servicing offices or requesting
information over the phone. Individuals
have real-time access to their Social
Security information in a safe and
secure web environment.
Public Credentialing and
Authentication Process Features
We collect and maintain the users’
personally identifiable information (PII)
in our Central Repository of Electronic
Authentication Data Master File Privacy
Act system of records that we published
in the Federal Register (75 FR 79065).
The PII may include the users’ name,
address, date of birth, Social Security
number (SSN), phone number, and
other types of identity information [e.g.,
address information of persons from the
W–2 and Schedule Self Employed forms
we receive electronically for our
programmatic purposes as permitted by
26 U.S.C. 6103(l)(1)(A)]. We may also
PO 00000
Frm 00068
Fmt 4703
Sfmt 4703
collect knowledge-based authentication
data, which is information users
establish with us or that we already
maintain in our existing Privacy Act
systems of records.
We retain the data necessary to
administer and maintain our eAuthentication infrastructure. This
includes management and profile
information, such as blocked accounts,
failed access data, effective date of
passwords, and other data that allows us
to evaluate the system’s effectiveness.
The data we maintain also may include
archived transaction data and historical
data.
We use the information from this
collection to identity proof and
authenticate our users online and to
allow them access to their personal
information from our records. We also
use this information to provide second
factor authentication. We are committed
to expanding and improving this
process so we can grant access to
additional online services in the future.
Offering online services is not only an
important part of meeting SSA’s goals,
but is vital to good public service. In
increasing numbers, the public expects
to conduct complex business over the
Internet. Ensuring that SSA’s online
services are both secure and userfriendly is our priority.
With the limited data we have, it is
difficult for SSA to meet the OMB and
NIST authentication guidelines for
identity proofing the public. Therefore,
we awarded a competitively bid
contract to an external data service
E:\FR\FM\16APN1.SGM
16APN1
21498
Federal Register / Vol. 79, No. 73 / Wednesday, April 16, 2014 / Notices
provider, Experian,1 to help us verify
the identity of our online customers. We
use this external data service (EDS), in
addition to our other authentication
methods, to help us prove, or verify, the
identity of our customers when they are
completing online/electronic
transactions with us.
Social Security’s Authentication
Strategy
We remain committed to enhancing
our online services using authentication
processes that balance usability and
security. We will continue to research
and develop new authentication tools
while monitoring the emerging threats.
The following are key components of
our authentication strategy:
• Enrollment and Identity
Verification—We collect identifying
data and use SSA and EDS records to
verify an individual’s identity.
Individuals have the option of obtaining
an enhanced, stronger, User ID by
providing certain financial information
(e.g., Medicare wages, self-employed
earnings, direct deposit amount, or the
last eight digits of a credit card number)
for verification. We also ask individuals
to answer out-of-wallet questions so we
can further verify their identities.
Individuals who are unable to complete
the process online can present
identification at a field office to obtain
a User ID.
• Establishing the User Profile—The
individual self-selects a username and
password, both of which can be of
variable length and alphanumeric. We
provide a password strength indicator to
help the individual select a strong
password. We also ask the individual to
choose challenge questions for use in
restoring a lost or forgotten username or
password.
• Enhancing the User ID—If an
individual opts to enhance or upgrade
the User IDs, we mail a one-time-use
upgrade code to the individual’s
verified residential address. When the
individual receives the upgrade code in
the mail, he or she can enter this code
online to enhance the security of the
account. At this time, we also ask the
individual to enter a cell phone number.
We send an initial text message to that
number and require the individual to
confirm its receipt. We send a text
message to that number each time the
individual signs in, subsequently.
• Login and Use—Standard
authentication provides an individual
with a User ID for access to most online
applications. Enhanced authentication
uses the standard User ID along with a
one-time code sent to the individual’s
cell phone, via text message, to create a
more secure session, and to grant access
to certain sensitive Social Security
services. An individual who forgets the
password can reset it automatically
without contacting SSA. The enrollment
process is a one-time only activity for
the respondents. After the respondents
enroll and choose their User ID
(username & password), they have to
sign in with their User ID every time
they want to access Social Security’s
secured online services.
SSA requires the individual to agree
to the ‘‘Terms of Service’’ detailed on
our Web site before we allow him or her
to begin the enrollment process. The
‘‘Terms of Service’’ informs individuals
what we will and will not do with their
personal information and the privacy
and security protections we provide on
all data we collect. These terms also
detail the consequences of misusing this
service.
In order to verify the individual’s
identity, we ask the individual to give
us minimal personal information, which
may include:
• Name;
Number of
respondents
Modality of completion
• SSN;
• Date of birth;
• Address—mailing and residential;
• Telephone number;
• Email address;
• Financial information;
• Cell phone number; and
• Selecting and answering password
reset questions.
We send a subset of this information
to the EDS, who then generates a series
of out-of-wallet questions back to the
individual. The individual must answer
all or most of the questions correctly
before continuing in the process. The
exact questions generated are unique to
each individual.
This collection of information, or a
subset of it, is mandatory for
respondents who want to do business
with SSA via the Internet. We collect
this information via the Internet, on
SSA’s public-facing Web site. We also
offer an in-person identification
verification process for individuals who
cannot, or are not willing to register
online. For this process, the individual
must go to a local SSA field office and
provide identifying information. We do
not ask for financial information with
the in-person process.
We only collect the identity
verification information one time, when
the individual registers for a credential.
We ask for the User ID (username and
password) every time an individual
signs in to our automated services. If
individuals opt for the enhanced or
upgraded account, they also receive a
text message on their cell phones (this
serves as the second factor for
authentication) each time they sign in.
The respondents are individuals who
choose to use the Internet or Automated
Telephone Response System to conduct
business with SSA.
Type of Request: Revision of an OMBapproved information collection.
Frequency of
response
Average
burden per
response
(minutes)
Total annual
burden hours
(hours)
38,251,877
1,370,633
1
1
8
8
5,100,250
182,751
Totals ........................................................................................................
pmangrum on DSK3VPTVN1PROD with NOTICES
Internet Requestors .........................................................................................
In-Person (Intranet) Requestors ......................................................................
39,622,510
........................
........................
5,283,001
1 Experian is a global information services
company. Experian’s decisional solutions enable
VerDate Mar<15>2010
15:20 Apr 15, 2014
Jkt 232001
Social Security to manage and optimize risk as well
as prevent, detect, and reduce fraud.
PO 00000
Frm 00069
Fmt 4703
Sfmt 9990
E:\FR\FM\16APN1.SGM
16APN1
21499
Federal Register / Vol. 79, No. 73 / Wednesday, April 16, 2014 / Notices
Dated: April 10, 2014.
Faye Lipsky,
Reports Clearance Director, Social Security
Administration.
[FR Doc. 2014–08578 Filed 4–15–14; 8:45 am]
BILLING CODE 4191–02–P
SOCIAL SECURITY ADMINISTRATION
Agency Information Collection
Activities: Proposed Request and
Comment Request
The Social Security Administration
(SSA) publishes a list of information
collection packages requiring clearance
by the Office of Management and
Budget (OMB) in compliance with
Public Law (Pub. L.) 104–13, the
Paperwork Reduction Act of 1995,
effective October 1, 1995. This notice
includes revisions of OMB-approved
information collections and one new
information collection.
SSA is soliciting comments on the
accuracy of the agency’s burden
estimate; the need for the information;
its practical utility; ways to enhance its
quality, utility, and clarity; and ways to
minimize burden on respondents,
including the use of automated
collection techniques or other forms of
information technology. Mail, email, or
fax your comments and
recommendations on the information
collection(s) to the OMB Desk Officer
and SSA Reports Clearance Officer at
the following addresses or fax numbers.
(OMB)
Office of Management and Budget,
Attn: Desk Officer for SSA, Fax: 202–
395–6974, Email address: OIRA_
Submission@omb.eop.gov.
(SSA)
Social Security Administration,
OLCA, Attn: Reports Clearance Director,
3100 West High Rise, 6401 Security
Blvd., Baltimore, MD 21235, Fax: 410–
966–2830, Email address:
OR.Reports.Clearance@ssa.gov.
I. The information collections below
are pending at SSA. SSA will submit
them to OMB within 60 days from the
date of this notice. To be sure we
consider your comments, we must
receive them no later than June 16,
2014. Individuals can obtain copies of
the collection instruments by writing to
the above email address.
1. National Beneficiary Survey—
0960–NEW. SSA is proposing to
undertake the National Beneficiary
Survey (NBS), a survey intended to
gather data from Supplemental Security
Income (SSI) recipients and Social
Security Disability Insurance (SSDI)
beneficiaries about their characteristics,
their well-being, and other factors that
promote or hinder employment. In
particular, the survey seeks to uncover
important information about the factors
that promote beneficiary self-sufficiency
and, conversely, factors that impede
beneficiary efforts to maintain
employment. We will use this data to
improve the administration and
effectiveness of the SSDI and SSI
programs. These results will be valuable
as SSA and other policymakers continue
efforts to improve programs and services
that help SSDI beneficiaries and SSI
recipients become more self-sufficient.
Background
SSDI and SSI programs provide a
crucial and necessary safety net for
working-age people with disabilities. By
improving employment outcomes for
SSDI beneficiaries and SSI recipients,
SSA supports the effort to reduce the
reliance of people with disabilities on
these programs. SSA conducted the
prior NBS in 2004, 2005, 2006, and
2010, and was an important first step in
understanding the work interest and
experiences of SSI recipients and SSDI
beneficiaries, and in gaining
information about their impairments,
health, living arrangements, family
structure, pre-disability occupation, and
use of non-SSA programs (e.g., the
Supplemental Nutrition Assistance
Number of
respondents
pmangrum on DSK3VPTVN1PROD with NOTICES
Administration year
2015
Cross-Sectional Samples:
Representative Beneficiary Sample .........................................................
Successful Worker Qualitative Interviews ................................................
Program). The prior NBS data is
available to researchers and the public.
The National Beneficiary Survey (NBS)
The primary purpose of the new NBSGeneral Waves is to assess beneficiary
well-being and interest in work, learn
about beneficiary work experiences
(successful and unsuccessful), and
identify factors that promote or restrict
long-term work success. Information
collected in the survey includes factors
such as health, living arrangements,
family structure, current occupation,
use of non-SSA programs, knowledge of
SSDI and SSI work incentive programs,
obstacles to work, and beneficiary
interest and motivation to return to
work.
We propose to conduct the first wave
of the NBS-General Waves in 2015. We
will further conduct subsequent rounds
in 2017 (round 2) and 2019 (round 3).
The information we will collect is not
available from SSA administrative data
or other sources. In the NBS-General
Waves, the sample design is similar to
what we used for the prior NBS.
Enhancement of the prior questionnaire
includes additional questions on the
factors that promote or hinder
employment success. We also propose
to conduct semi-structured qualitative
interviews (in 2015 only) to provide
SSA an in-depth understanding of
factors that aid or inhibit individuals in
their efforts to obtain and retain
employment and advance in the
workplace. We will use the qualitative
data to add context and understanding
when interpreting survey results, and to
inform the sample and survey design of
rounds 2 and 3.
Respondents are current SSDI
beneficiaries and SSI recipients.
Respondent participation in the NBS is
voluntary and the decision to
participate or not has no impact on
current or future receipt of payments or
benefits.
Type of Request: This is a new
information collection request.
Frequency of
response
Average
burden per
response
(hours)
Estimated total
annual burden
(hours)
4,000
90
1
1
.75
1.00
3,000
90
Subtotal .............................................................................................
2017
Cross-Sectional Samples:
Representative Beneficiary Sample .........................................................
Successful Workers ..................................................................................
........................
........................
........................
3,090
4,000
4,500
1
1
.75
.92
3,000
4,140
Subtotal .............................................................................................
........................
........................
........................
7,140
VerDate Mar<15>2010
15:20 Apr 15, 2014
Jkt 232001
PO 00000
Frm 00070
Fmt 4703
Sfmt 4703
E:\FR\FM\16APN1.SGM
16APN1
]]>Agencies
[Federal Register Volume 79, Number 73 (Wednesday, April 16, 2014)]
[Notices]
[Pages 21496-21499]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2014-08578]
=======================================================================
-----------------------------------------------------------------------
SOCIAL SECURITY ADMINISTRATION
Agency Information Collection Activities: Proposed Request
The Social Security Administration (SSA) publishes a list of
information collection packages requiring clearance by the Office of
Management and Budget (OMB) in compliance with Public Law 104-13, the
Paperwork Reduction Act of 1995, effective October 1, 1995. This notice
includes revisions of OMB-approved information collections.
SSA is soliciting comments on the accuracy of the agency's burden
estimate; the need for the information; its practical utility; ways to
enhance its quality, utility, and clarity; and ways to minimize burden
on respondents, including the use of automated collection techniques or
other forms of information technology. Mail, email, or fax your
comments and recommendations on the information collection(s) to the
OMB Desk Officer and SSA Reports Clearance Officer at the following
addresses or fax numbers.
(OMB)
Office of Management and Budget, Attn: Desk Officer for SSA, Fax:
202-395-6974, Email address: OIRA_Submission@omb.eop.gov.
(SSA)
Social Security Administration, OLCA, Attn: Reports Clearance
Director, 3100 West High Rise, 6401 Security Blvd., Baltimore, MD
21235, Fax: 410-966-2830, Email address: OR.Reports.Clearance@ssa.gov.
The information collections below are pending at SSA. SSA will
submit them to OMB within 60 days from the date of
[[Page 21497]]
this notice. To be sure we consider your comments, we must receive them
no later than June 16, 2014. Individuals can obtain copies of the
collection instruments by writing to the above email address.
1. Letter to Landlord Requesting Rental Information--20 CFR
416.1130(b)--0960-0454. SSA uses Form SSA-L5061 to obtain rental
subsidy information, which enables SSA to determine and verify an
income value for such subsidies. SSA uses this income value as part of
determining eligibility for Supplemental Security Income (SSI) and the
correct amount of SSI payable to the claimant. SSA bases an
individual's eligibility for SSI payments, in part, on the amount of
countable income the individual receives. Income includes in-kind
support and maintenance in the form of room or rent, such as a
subsidized rental arrangement. SSA requires claimants to assist in
obtaining this information to prevent a delay or overpayment with their
SSI payments. We collect this information only if the SSI applicant or
recipient is the parent or child of the landlord (respondent). For most
respondents, we collect this information once per year or less, via
telephone or face-to-face personal interview. The claims representative
records the information in our Modernized SSI Claims System (MSSICS),
and we require verbal attestation in lieu of a wet signature. However,
if the claims representative is unable to contact the respondent via
the telephone or face-to face, we print and mail a paper form to the
respondent for completion. The respondent completes, signs, and returns
the form to the claims representative. Upon receipt, the claims
representative documents the information in MSSICS or, for non-MSSICS
cases, faxes the form into the appropriate electronic folder and shreds
the paper form. The respondents are landlords who are related to the
SSI beneficiaries as a parent or child.
Type of Request: Revision of an OMB-approved information
collection.
----------------------------------------------------------------------------------------------------------------
Average burden Estimated total
Modality of completion Number of Frequency of per response annual burden
respondents response (minutes) (hours)
----------------------------------------------------------------------------------------------------------------
SSA-L5061................................... 72,000 1 10 12,000
----------------------------------------------------------------------------------------------------------------
2. Social Security's Public Credentialing and Authentication
Process--20 CFR 401.45 and 402--0960-0789.
Background
Authentication is the foundation for secure, online transactions.
Identity authentication is the process of determining, with confidence,
that someone is who he or she claims to be during a remote, automated
session. It comprises three distinct factors: something you know,
something you have, and something you are. Single-factor authentication
uses one of the factors, and multi-factor authentication uses two or
more of the factors.
SSA's Public Credentialing and Authentication Process
SSA offers consistent authentication across SSA's secured online
services. We allow our users to request and maintain only one User ID,
consisting of a self-selected username and password, to access multiple
Social Security electronic services. Designed in accordance with the
OMB Memorandum M-04-04 and the National Institute of Standards and
Technology (NIST) Special Publication 800-63, this process provides the
means of authenticating users of our secured electronic services and
streamlines access to those services.
SSA's public credentialing and authentication process:
Issues a single User ID to anyone who wants to do business
with the agency;
Offers authentication options that meet the changing needs
of the public;
Partners with an external data service provider to help us
verify the identity of our online customers;
Complies with relevant standards;
Offers access to some of SSA's heaviest, but more
sensitive, workloads online while providing a high level of confidence
in the identity of the person requesting access to these services;
Offers an in-person process for those who are
uncomfortable with or unable to use the Internet process;
Balances security with ease of use; and
Provides a user-friendly way for the public to conduct
extended business with us online instead of visiting local servicing
offices or requesting information over the phone. Individuals have
real-time access to their Social Security information in a safe and
secure web environment.
Public Credentialing and Authentication Process Features
We collect and maintain the users' personally identifiable
information (PII) in our Central Repository of Electronic
Authentication Data Master File Privacy Act system of records that we
published in the Federal Register (75 FR 79065). The PII may include
the users' name, address, date of birth, Social Security number (SSN),
phone number, and other types of identity information [e.g., address
information of persons from the W-2 and Schedule Self Employed forms we
receive electronically for our programmatic purposes as permitted by 26
U.S.C. 6103(l)(1)(A)]. We may also collect knowledge-based
authentication data, which is information users establish with us or
that we already maintain in our existing Privacy Act systems of
records.
We retain the data necessary to administer and maintain our e-
Authentication infrastructure. This includes management and profile
information, such as blocked accounts, failed access data, effective
date of passwords, and other data that allows us to evaluate the
system's effectiveness. The data we maintain also may include archived
transaction data and historical data.
We use the information from this collection to identity proof and
authenticate our users online and to allow them access to their
personal information from our records. We also use this information to
provide second factor authentication. We are committed to expanding and
improving this process so we can grant access to additional online
services in the future.
Offering online services is not only an important part of meeting
SSA's goals, but is vital to good public service. In increasing
numbers, the public expects to conduct complex business over the
Internet. Ensuring that SSA's online services are both secure and user-
friendly is our priority.
With the limited data we have, it is difficult for SSA to meet the
OMB and NIST authentication guidelines for identity proofing the
public. Therefore, we awarded a competitively bid contract to an
external data service
[[Page 21498]]
provider, Experian,\1\ to help us verify the identity of our online
customers. We use this external data service (EDS), in addition to our
other authentication methods, to help us prove, or verify, the identity
of our customers when they are completing online/electronic
transactions with us.
---------------------------------------------------------------------------
\1\ Experian is a global information services company.
Experian's decisional solutions enable Social Security to manage and
optimize risk as well as prevent, detect, and reduce fraud.
---------------------------------------------------------------------------
Social Security's Authentication Strategy
We remain committed to enhancing our online services using
authentication processes that balance usability and security. We will
continue to research and develop new authentication tools while
monitoring the emerging threats.
The following are key components of our authentication strategy:
Enrollment and Identity Verification--We collect
identifying data and use SSA and EDS records to verify an individual's
identity. Individuals have the option of obtaining an enhanced,
stronger, User ID by providing certain financial information (e.g.,
Medicare wages, self-employed earnings, direct deposit amount, or the
last eight digits of a credit card number) for verification. We also
ask individuals to answer out-of-wallet questions so we can further
verify their identities. Individuals who are unable to complete the
process online can present identification at a field office to obtain a
User ID.
Establishing the User Profile--The individual self-selects
a username and password, both of which can be of variable length and
alphanumeric. We provide a password strength indicator to help the
individual select a strong password. We also ask the individual to
choose challenge questions for use in restoring a lost or forgotten
username or password.
Enhancing the User ID--If an individual opts to enhance or
upgrade the User IDs, we mail a one-time-use upgrade code to the
individual's verified residential address. When the individual receives
the upgrade code in the mail, he or she can enter this code online to
enhance the security of the account. At this time, we also ask the
individual to enter a cell phone number. We send an initial text
message to that number and require the individual to confirm its
receipt. We send a text message to that number each time the individual
signs in, subsequently.
Login and Use--Standard authentication provides an
individual with a User ID for access to most online applications.
Enhanced authentication uses the standard User ID along with a one-time
code sent to the individual's cell phone, via text message, to create a
more secure session, and to grant access to certain sensitive Social
Security services. An individual who forgets the password can reset it
automatically without contacting SSA. The enrollment process is a one-
time only activity for the respondents. After the respondents enroll
and choose their User ID (username & password), they have to sign in
with their User ID every time they want to access Social Security's
secured online services.
SSA requires the individual to agree to the ``Terms of Service''
detailed on our Web site before we allow him or her to begin the
enrollment process. The ``Terms of Service'' informs individuals what
we will and will not do with their personal information and the privacy
and security protections we provide on all data we collect. These terms
also detail the consequences of misusing this service.
In order to verify the individual's identity, we ask the individual
to give us minimal personal information, which may include:
Name;
SSN;
Date of birth;
Address--mailing and residential;
Telephone number;
Email address;
Financial information;
Cell phone number; and
Selecting and answering password reset questions.
We send a subset of this information to the EDS, who then generates
a series of out-of-wallet questions back to the individual. The
individual must answer all or most of the questions correctly before
continuing in the process. The exact questions generated are unique to
each individual.
This collection of information, or a subset of it, is mandatory for
respondents who want to do business with SSA via the Internet. We
collect this information via the Internet, on SSA's public-facing Web
site. We also offer an in-person identification verification process
for individuals who cannot, or are not willing to register online. For
this process, the individual must go to a local SSA field office and
provide identifying information. We do not ask for financial
information with the in-person process.
We only collect the identity verification information one time,
when the individual registers for a credential. We ask for the User ID
(username and password) every time an individual signs in to our
automated services. If individuals opt for the enhanced or upgraded
account, they also receive a text message on their cell phones (this
serves as the second factor for authentication) each time they sign in.
The respondents are individuals who choose to use the Internet or
Automated Telephone Response System to conduct business with SSA.
Type of Request: Revision of an OMB-approved information
collection.
----------------------------------------------------------------------------------------------------------------
Average
Number of Frequency of burden per Total annual
Modality of completion respondents response response burden hours
(minutes) (hours)
----------------------------------------------------------------------------------------------------------------
Internet Requestors............................. 38,251,877 1 8 5,100,250
In-Person (Intranet) Requestors................. 1,370,633 1 8 182,751
---------------------------------------------------------------
Totals...................................... 39,622,510 .............. .............. 5,283,001
----------------------------------------------------------------------------------------------------------------
[[Page 21499]]
Dated: April 10, 2014.
Faye Lipsky,
Reports Clearance Director, Social Security Administration.
[FR Doc. 2014-08578 Filed 4-15-14; 8:45 am]
BILLING CODE 4191-02-P
