AI use in HR (VectorMine/

2020 Government Innovation Awards

EAZE-y enrollment for SSA’s identity proofing services

The Social Security Administration (SSA) is fighting synthetic identity fraud through a new enrollment service that emphasizes authentication and authorization.

Entity Authentication and Authorization for Everyone (EAZE)

Social Security Administration

Government Innovation Awards icon

Click here for all the 2020 Public Sector Innovation winners

Synthetic identity fraud involves the criminal use of real and fake information to create a new identity, and it’s the fastest-growing type of financial fraud in the United States, according to a July 2019 Federal Reserve report. In 2016, it cost U.S. lenders $6 billion and accounted for 20% of credit losses, the report added. SSA comes in when fraudsters co-opt Social Security numbers because they’re use as a near-universal personal identifier.

To verify in real time whether the combination of an individual’s Social Security number, name and date of birth match authoritative SSA data, the agency built the Electronic Consent Based Social Security Number Verification Service so participating financial institutions could compare fraud protection data and confirm the use of a SSN was legitimate. eCBSV also allows individuals to electronically consent to have their identity verified by SSA. 

So financial institutions and their affiliate businesses could securely enroll in and access eCBSV, SSA developed the Enterprise Authorization for Everyone (EAZE) application. Built with modern security architectures and public-key infrastructure to meet security and privacy needs while capturing individual consent, EAZE lets only permitted financial institutions to access eCBSV. Plus, these institutions can use EAZE to manage their affiliate businesses so SSA doesn’t have to reverify them.

In building EAZE, SSA used several risk-mitigation measures, including extended validation SSL certificates, OpenID Connect and machine-to-machine authorization using OAuth 2.0 for federated user authentication.  

Before EAZE, the entity and affiliate registration processes were manual and often took weeks to complete. After requesting access, registrants would receive codes through the mail. Once entities were registered, SSA created and managed affiliate accounts and their permissions. That process did not meet security standards set by the National Institute of Standards and Technology for authentication, nor was it scalable or sustainable.

With thousands of financial institutions and affiliated businesses expected to tap into eCBSV, EAZE allows quick, secure and frictionless onboarding, saving time, money and reducing risk.

About the Author

Stephanie Kanowitz is a freelance writer based in northern Virginia.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected