[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cryptography] After Equifax pwning, what is the best means for replacing the SSN?

In article <CAHVSqQcWYU=Ts4+PKyR77q8DRQ4+W1DzZ8dwHFWVRHaBNWaGKA AT mail.gmail.com> you write:
>Maybe I'm misunderstanding, but isn't this fairly easy?  Just invent a fine
>for companies that use SSN as an authentication mechanism.  Or any
>identifier that is knowingly public, including having been made public by a
>security breach.

My preference is to say that any transaction validated with an SSN is
presumed fraudulent and is voidable on request.  Fines are hard, they
require courts and such.

The cryptography mailing list
cryptography AT metzdowd.com