We all know that it is important to protect our social security number. But sometimes companies still try to use the last four digits of our social security numbers as identifiers or to verify identity in some way. The use of social security numbers began in 1936 long before computers, the internet, and identity theft were on anyone’s radar screen. They started out being assigned geographically by region. So if you had a list of all the first three numbers of assigned social security numbers, you could tell whether someone was born in Rhode Island (with a low number) or in California (with a higher number). The middle two numbers represent a group number (01-99) so the middle two digits and the last four digits are random. To date, more than 453.7 million social security numbers have been issued by the federal government. For more information on the history of social security, see https://www.ssa.gov/history/hfaq.html.
Why might companies think that it’s ok to only reference the last four digits of a social security number? Probably because there’s a false sense of security in thinking that with only those last four, there’s less of a chance of identity theft or fraud.
A determined thief, however, can take that credit card application out of your trash (the one that is already pre-filled out with your name on it) and apply for a credit card in your name that will of course, go to a new address. It’s pretty easy today to obtain just a few key pieces of information such as name, address, perhaps even date of birth, (some people put their date of birth on Facebook and other social media sites). When combined with other key identifiers, thieves can use the last four to get keys to the identity kingdom.
Some states have protections in place that limit what companies can do with respect to social security numbers. In Rhode Island, companies actually can’t require you to use the last four digits of your social security number to access an internet website (unless also using a password or PIN number) or print all or part of a social security number on materials mailed to an individual. R.I. Gen. Laws § 6-48-8 (a) (4)-(5), known as the Consumer Empowerment and Identity Theft Protection Act of 2006.
What can you do to protect your social security number from thieves? Some things to consider are to not use the last four as your PIN# or in passwords, check your credit with the four credit reporting bureaus. You can go to www.usa.gov/credit-reports and get information on how to obtain a free credit report from each of the three major credit bureaus or click here [view related tip]. This will allow you to see if any new accounts have been opened that you didn’t authorize. Create an account with social security to check that your social security and wage information is accurate. www.ssa.gov/myaccount/. Also, as we have written before [view related posts], be careful not to respond to email or phone calls asking for your personal information.
Finally, be vigilant and protect the last four digits of your social security number when receiving phone calls, email or other requests for your social security number. Remember that the social security administration or other government agencies are not going to call you and ask for your social security number by telephone.