The Social Security Administration’s eCBSV service is less than one year old, and is already helping to prevent synthetic fraud. eCBSV digitally verifies whether a given name, date of birth and Social Security number combination matches what’s in the SSA’s database.
In particular we’ve found that eCBSV helps as a synthetic fraud treatment strategy for segments that are the most difficult to assess using traditional identity risk models. And, it helps in approving more thin files.
This post shares updated insights and benchmarks from Q1 2021 to help financial institutions answer the following questions:
Electronic Consent Based Social Security Number Verification or eCBSV is a service that the Social Security Administration (SSA) launched in the summer of 2020. It is an API that validates, in milliseconds, whether a name, date of birth, and SSN combination exists in the SSA’s database, including whether the database indicates the individual is deceased. The program can be accessed through specific service providers, and accepts electronic signatures on SSA-89 forms.
This is particularly relevant to synthetic fraud because we know that synthetic identities are either using an SSN that wasn't issued to them by the SSA, OR they are trying to apply for an account using a totally fabricated name, date of birth and SSN combination.
The Social Security Administration manages the ONLY database that includes all the SSNs ever issued in the US. Their database also indicates which name and date of birth combinations belong to which SSN.
So, any bank or lender that suspects an applicant is using a synthetic identity can ask the Social Security Administration if the SSN provided matches the name and date of birth provided on the application.
Prior to eCBSV, the manual, paper-based SSA-89 form was the only way to validate a name, date of birth and SSN combination with the SSA.
Thanks to the new eCBSV program, this can all be accomplished digitally, shaving days off the SSN verification process.
As of mid March 2021, the SSA had processed 5.5M eCBSV requests from its pilot participants. The overall mismatch rate was around 5%. The expanded rollout, with participation from up to 10 times as many institutions, is anticipated in the middle of 2021.
SentiLink was the first service provider to integrate with the SSA to offer eCBSV to financial institutions in July 2020. As a result, we have developed a deep knowledge base including insights around typo rates, match rates, and latencies that need to be considered when implementing eCBSV into workflows.
The following are insights we’ve gleaned working with financial institutions on eCBSV.
How should financial institutions use eCBSV?
We recommend using eCBSV at the top of the application funnel in conjunction with synthetic scores, for KYC fails or specifically with thin files to improve auto-approval rates. Below is more information and benefits of each approach.
How many more thin files can I match using eCBSV instead of legacy KYC solution?
eCBSV can improve approval rates by 87% in the thin file segment. This conclusion was reached after looking at 100 records with history of less than five years or with typos or where the file had missing information (e.g. date of birth only contained the year). We were able to verify 87% of that population using eCBSV.
How quickly can the SSA provide a match/no match answer when queried?
When processing SSA-89 forms digitally with eCBSV, SentiLink is experiencing an average response time of 345 milliseconds. This includes the time that SentiLink makes a request to the SSA until they send back a response to SentiLink. Manually processing paper-based SSA-89 forms can take up to three days, including the time to get an ink signature from customers and get a response from the SSA.
What is an expected match rate from the SSA?
For eCBSV queries sent to the SSA to date, the match rate, on average, is 95%. So, typically, only 5 out of 100 responses are mismatches.
Are all mismatches fraud?
Not necessarily. According to our research, 25% of mismatches are malicious and 75% are false mismatches of some kind. Example false mismatches include things like a typo in the SSN or date of birth field. Other examples include name issues that result from a marriage, divorce, complicated name with hyphens or one with a Jr. or Sr. in the name.
In order to maximize the benefits of using eCBSV, there are a number of considerations to be made prior to implementation. The placement of eCBSV in the application funnel, data validation and the products and segments targeted are key.
Placement of eCBSV in application funnel
Consent can be obtained anywhere during the application workflow. Some lenders send every application through eCBSV, while others only send those if they suspect fraud. Where eCBSV is incorporated in the origination process will influence match rates.
Amount of data validation prior to eCBSV
Data validation prior to eCBSV will naturally improve the match rates. Is the date of birth and SSN valid? Is the SSN a 9 digit number? Doing simple data validation prior to eCBSV can significantly increase match rates and improve approval rates and conversion.
The products offered and segments targeted will influence your eCBSV experience. Those with more exposure to immigrants may experience lower match rates due to complications with naming conventions and date formats. Considering these factors in your implementation plan will help you appropriately plan and staff for eCBSV.
eCBSV is a game changer for banks and lenders working to prevent synthetic identities. Not only can eCBSV help to detect fake identities, but it can increase approval rates for thin files. Overall, eCBSV is a major leap forward in resolving questions of identity as part of the digital account opening process.