[Federal Register Volume 84, Number 110 (Friday, June 7, 2019)]
[Notices]
[Pages 26712-26713]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2019-11995]


=======================================================================
-----------------------------------------------------------------------

SOCIAL SECURITY ADMINISTRATION

[Docket No. SSA 2019-0021]


Notice of an Initial Enrollment Period for Our Electronic Consent 
Based Social Security Number Verification Service

AGENCY: Social Security Administration.

ACTION: Notice.

-----------------------------------------------------------------------

SUMMARY: The Social Security Administration (SSA) is announcing the 
initial enrollment period for a new electronic Consent Based Social 
Security Number (SSN) Verification (eCBSV) service. SSA will roll out 
the service to a limited number of users in June 2020, and plans on 
expanding the number of users within six months of the initial rollout. 
All interested permitted entities must apply during this initial 
enrollment period to be eligible to use the new eCBSV service during 
either the initial rollout or subsequent planned expansion. Permitted 
entities that do not apply during the initial enrollment period must 
wait until the next designated period after the planned expansion to 
apply for enrollment. The initial enrollment period for permitted 
entities will begin on July 17, 2019, and remain open until the period 
closes on July 31, 2019. In accord with statutory requirements, 
permitted entities will be required to provide payment to build the new 
eCBSV system.

DATES: The enrollment period for permitted entities to apply for access 
to eCBSV will open on July 17, 2019, at 6 a.m. EST, and will close on 
July 31, 2019, at 6 p.m. EST.

FOR FURTHER INFORMATION CONTACT: Michael Wilkins, Office of Data 
Exchange, Policy Publications, and International Negotiations, Social 
Security Administration, 6401 Security Boulevard, Baltimore, Maryland 
21235-6401, (410) 965-9360, email [email protected].

SUPPLEMENTARY INFORMATION: Section 215 of the Economic Growth, 
Regulatory Relief, and Consumer Protection Act \1\ (the Banking Bill) 
directs SSA to modify or develop a database for accepting and comparing 
fraud protection data \2\ provided electronically by a permitted 
entity.\3\ In response to this statutory directive, SSA is creating 
eCBSV, a fee-based Social Security number (SSN) verification service. 
eCBSV will allow permitted entities to verify an individual's SSN based 
on the SSN holder's signed consent.\4\ Based on the SSN holder's 
consent, permitted entities will be able to submit via an application 
programming interface fraud protection data to SSA for each 
verification request.
---------------------------------------------------------------------------

    \1\ Public Law 115-174.
    \2\ The Banking Bill defines ``Fraud Protection Data'' to mean a 
combination of an individual's name (including the first name and 
any family forename or surname), SSN, and date of birth (including 
month, day, and year). Public Law 115-174, Title II, 215(b)(3), 
codified at 42 U.S.C. 405b(b)(3).
    \3\ The Banking Bill defines a ``permitted entity'' to mean a 
financial institution or service provider, subsidiary, affiliate, 
agent, subcontractor, or assignee of a financial institution. Public 
Law 115-174, Title II, 215(b)(4), codified at 42 U.S.C. 405b(b)(4).
    \4\ Valid, signed consent must include a wet or electronic 
signature. Electronic signatures must meet the definition in section 
106 of the Electronic Signatures in Global and National Commerce Act 
(15 U.S.C. 7006). 42 U.S.C. 405b(f)(2) and SSA requirements. The 
written consent must clearly specify to whom the information may be 
disclosed, the information you want us to disclose (e.g., SSN 
verification) and, where applicable, during which timeframe the 
information may be disclosed (e.g., whenever the subject individual 
is receiving specific services). 20 CFR 401.100.
---------------------------------------------------------------------------

    SSA is preparing to implement an initial rollout to a limited 
number of permitted entities in June 2020. In addition, SSA is planning 
an expanded rollout to all permitted entities that applied for the 
initial rollout but were not selected within the six months following 
the initial rollout.
    Permitted entities are defined in the Banking Bill,\5\ and must 
possess an employer identification number (EIN) and Dun and Bradstreet 
(D-U-N-S) number. Each permitted entity must submit a certification 
statement,\6\ in

[[Page 26713]]

accordance with the Banking Bill, in the comment section of their 
application to SSA.
---------------------------------------------------------------------------

    \5\ The Banking Bill defines a ``permitted entity'' to mean a 
financial institution or service provider, subsidiary, affiliate, 
agent, subcontractor, or assignee of a financial institution. Public 
Law 115-174, Title II, 215(b)(4), codified at 42 U.S.C. 405b(b)(4).
    \6\ The permitted entity must certify that (1) the entity is a 
permitted entity; (2) the entity is in compliance with section 215; 
(3) the entity is, and will remain, in compliance with its privacy 
and data security requirements in Title V of 15 U.S.C. 6801, et 
seq., with respect to the information the entity receives from the 
Commissioner of Social Security pursuant to this section; and (4) 
the entity will retain sufficient records to demonstrate its 
compliance with its certification and section 215 for a period of 
not less than 2 years. 42 U.S.C. 405b(e)(1)-(3).
---------------------------------------------------------------------------

    The enrollment period to apply for access to this new service will 
open on July 17, 2019, at 6 a.m. EST, and close on July 31, 2019, at 6 
p.m. EST. Applications received outside of the stated enrollment period 
will not receive consideration. Any permitted entity who submits a 
valid application prior to close of the stated deadline, but is not 
selected for the initial rollout, will have an opportunity to re-submit 
a full application and user agreement for the later expanded rollout. 
However, any permitted entity that does not submit a valid application 
before the close of the stated July 31, 2019 deadline, will not have 
the opportunity to apply for the expanded rollout in late 2020, and 
must wait until the next open enrollment period for which there could 
be as long as a two-year wait.
    For the initial rollout, SSA will select a limited number of 
permitted entities, based upon the earliest date and time of the 
receipt by SSA of a fully completed application. SSA will select 
permitted entities from the following categories:
    Financial Institutions \7\ with an estimated annual transaction 
volume of:
---------------------------------------------------------------------------

    \7\ The term ``financial institution'' has the meaning given the 
term in section 509 of the Gramm-Leach-Bliley Act (15 U.S.C. 6809).
---------------------------------------------------------------------------

    1. One million or less transactions, or
    2. 1,000,001 or more transactions.
    A service provider, subsidiary, affiliate, agent, subcontractor, or 
assignee of a financial institution \8\ with an estimated annual 
transaction volume of:
---------------------------------------------------------------------------

    \8\ Ibid.
---------------------------------------------------------------------------

    1. One million or less transactions,
    2. 1,000,001 to 500,000,000 transactions, or
    3. 500,000,001 to 2,000,000,000 transactions.
    Any service provider, subsidiary, affiliate, agent, subcontractor, 
or assignee of a financial institution selected for the initial rollout 
may only service up to 20 financial institutions and must adhere to 
volumes restricted to quarterly prorated amounts until the expanded 
rollout.
    Permitted entities who wish to enroll, must:
     Complete Form SSA-157 (OMB No. 0960-0802), Data Exchange 
Request Form (DXRF) at https://www.ssa.gov/dataexchange/documents/ssa-157.pdf with additional Form SSA-157s for any other financial 
institutions you will service.
     Instructions for completing the Form SSA-157, including 
the certification statement within the application, can be found at 
https://www.ssa.gov/dataexchange/eCBSV/.
     Submit the completed document beginning July 17, 2019, at 
6 a.m. EST to [email protected].
    Following the enrollment period, SSA will select and notify the 
selected permitted entities and provide billing information and the 
necessary instructions to complete enrollment. Selected permitted 
entities will be required to complete and sign a User Agreement and a 
Memorandum of Understanding for reimbursement prior to June 2020. 
Please note that we are only using Form SSA-157 for the first wave of 
eCBSV users as a temporary stopgap measure, since we have not yet 
obtained OMB approval under the Paperwork Reduction Act for the new 
eCBSV enrollment screens and User Agreement. Future eCBSV users will 
complete eCBSV screens, the Memorandum of Understanding, and the User 
Agreement simultaneously; these items will have undergone Paperwork 
Reduction Act approval by that point.

Fees

    The Banking Bill requires SSA to collect 50 percent of the program 
startup costs prior to developing the eCBSV system.\9\ Therefore, once 
selected and notified by SSA, permitted entities will receive a bill to 
pay their prorated portion of 50 percent of the estimated program 
startup costs within 2 weeks of selection through Pay.gov. These funds 
will be credited to future transactions.
---------------------------------------------------------------------------

    \9\ 42 U.S.C. 405b(h).
---------------------------------------------------------------------------

    The prorated portion is dependent on the number of permitted 
entities selected, the estimated annual transaction volumes, and the 
associated costs. These will be finalized once enrollment ends, and 
will be provided to the selected permitted entities. Every permitted 
entity selected will pay an initial administrative fee of $3,693 and an 
annual tier-based transaction charge based on their estimated annual 
volume. The chart below depicts the expected contribution of 50 percent 
program startup costs dependent on annual transaction volume. These are 
subject to change and will be finalized prior to billing.

------------------------------------------------------------------------
         Annual # of  transactions           Charge (subject to change)
------------------------------------------------------------------------
1-5,000...................................  $3,000-$5,000.
5,001-50,000..............................  $8,000-$15,000.
50,001-1,000,000..........................  $50,000-$75,000.
1,000,001-500,000,000.....................  $2.5 million-$3 million.
500,000,001-2 billion.....................  $3.5 million-$5 million.
------------------------------------------------------------------------

    The permitted entities participating in the initial rollout may be 
charged the remaining 50 percent program startup costs at rollout, if 
their tier-based transaction charge was not sufficient to recover the 
program start-up costs. Again, this is dependent upon the number of 
permitted entities selected, the estimated annual transaction volumes, 
and the associated costs at the time of rollout.
    Fees charged to expanded rollout permitted entities will include an 
administrative fee and an annual tier-based transaction charge adjusted 
based on the new enrollment period. All remaining program start-up 
costs will be collected from all users during the first year of eCBSV.

Nancy Berryhill,
Acting Commissioner of Social Security.
[FR Doc. 2019-11995 Filed 6-6-19; 8:45 am]
BILLING CODE 4191-02-P