Date: Fri, Aug 25, 2000 6:53 PM I hold the position of Chief Security Officer for a Private Label Business... we are currently securing our systems to comply with Privacy(GLB)... My struggle is with only using SSN for authentication along with other things like address, account #, date of birth.. or should we be using mothers maiden name with it... I quess my thoughts are how easy is it for someone to obtain(steal) someones SSN... are there any stats on this.... I have been doing some reading at the consumer site and looked at the scams that people have used.... most relate to the SSN.... Is there a place I can do research on this to better understand the implications on whether I should propose the use of mothers maiden name.. I have seen some best practices where maiden name and SSN are always required.... Any views on this... ? Do you think the workshop being offered would help with this... Thank you ... Peter L. Gallinari |