Skip to content
LexBuild

Agency Information Collection Activities: Comment Request 

---
identifier: "/us/fr/2026-06182"
source: "fr"
legal_status: "authoritative_unofficial"
title: "Agency Information Collection Activities: Comment Request"
title_number: 0
title_name: "Federal Register"
section_number: "2026-06182"
section_name: "Agency Information Collection Activities: Comment Request"
positive_law: false
currency: "2026-03-31"
last_updated: "2026-03-31"
format_version: "1.1.0"
generator: "[email protected]"
agency: "SOCIAL SECURITY ADMINISTRATION"
document_number: "2026-06182"
document_type: "notice"
publication_date: "2026-03-31"
agencies:
  - "SOCIAL SECURITY ADMINISTRATION"
---

#  Agency Information Collection Activities: Comment Request

The Social Security Administration (SSA) publishes a list of information collection packages requiring clearance by the Office of Management and Budget (OMB) in compliance with Public Law 104-13, the Paperwork Reduction Act of 1995, effective October 1, 1995. This notice includes a revision of an OMB-approved information collection.

SSA is soliciting comments on the accuracy of the agency's burden estimate; the need for the information; its practical utility; ways to enhance its quality, utility, and clarity; and ways to minimize burden on respondents, including the use of automated collection techniques or other forms of information technology. Mail, email, or fax your comments and recommendations on the information collection to the OMB Desk Officer and SSA Reports Clearance Officer at the following addresses or fax numbers.

(OMB) Office of Management and Budget, Attn: Desk Officer for SSA.

(SSA) Social Security Administration, OLCA, Attn: Reports Clearance Director, Mail Stop 3253 Altmeyer, 6401 Security Blvd., Baltimore, MD 21235, Fax: 833-410-1631, Email address: *[email protected]* .

Or you may submit your comments online through *https://www.reginfo.gov/public/do/PRAmain* by clicking on Currently under Review—Open for Public Comments and choosing to click on one of SSA's published items. Please reference Docket ID Number [SSA-2026-0331] in your submitted response.

SSA submitted the information collection below to OMB for clearance. Your comments regarding this information collection would be most useful if OMB and SSA receive them 30 days from the date of this publication. To be sure we consider your comments, we must receive them no later than April 30, 2026. Individuals can obtain copies of this OMB clearance package by writing to the *[email protected].*

**mySocial Security—Security Authentication PIN—20 CFR 401.45—0960-0846**

In March 2025, SSA announced that new measures were being implemented to enhance security through stronger identity verification procedures. As initially announced, the new procedures were to apply to all benefit claims and direct deposit changes, for which customers would need to use their *my* Social Security account (with online identity proofing) or visit an office to prove their identity in person. In other words, once the new measures were implemented, new benefit clams and direct deposit changes could no longer be completed over the telephone. In response to feedback from customers, Congress, advocates and others, SSA revised this plan several times after it was first announced. Today (and since at least July 2025), the enhanced identity verification procedures apply only to direct deposit changes; and using the Security Authentication PIN process described herein, customers can still make direct deposit changes over the telephone.

To support these enhanced identity proofing measures, in April 2025, SSA published an Emergency Request FRN on April 18, 2025, at 90 FR 16583, then, upon OMB's approval of the Emergency Clearance, implemented a hybrid  identity proofing process called the *my* Social Security—Security Authentication PIN (SAP) that provides identity proofing parity with our online and in-person modalities. Utilizing the SAP process provides the necessary identity verification to allow direct deposit changes via phone, while ensuring fraud protection through stronger verification of the identity of the individual prior to accessing or revising their account.

OMB granted an Emergency approval for the *my* Social Security—Security Authentication PIN (SAP) collection. We are publishing this 30-day comment period Notice to initiate the full information collection request renewal for the SAP process. We received public comments on the Emergency FRN and on the 60-day comment period FRN which we addressed within the documentation for the full renewal.

**Background**

Our prior telephone process for direct deposit required respondents to use knowledge-based questions and match information in SSA's records to verify their identity. Knowledge-based identity verification methods are susceptible to compromise by bad actors who have become increasingly capable of obtaining the answers to knowledge-based questions. Direct deposit changes provide an opportunity for attackers to convert beneficiary payments to their own use. Consequently, we consider direct deposit changes to be a higher risk task meriting a heightened identity assurance standard. To ensure that higher level of identity verification, we instituted the SAP process to ensure higher security for the submission of financial data to SSA over the telephone.

We continue to offer other ways to make direct deposit changes including in-person at a field office; online through *my* Social Security; and automated enrollment through the customer's bank.

**Description of the Security Authentication PIN (SAP) Process**

SSA's hybrid Security Authentication PIN (SAP) digitally verifies the identity of a telephone respondent (whether a beneficiary or recipient, or his or her representative payee) over the phone with an SSA technician. In addition, for circumstances where a respondent is seeking direct deposit requests in-person at a field office and he or she is required to provide an acceptable form of identification ( *e.g.,* State ID/driver's license, U.S. Passport, etc.), the SAP provides an alternative option for individuals who do not have the requisite identity document with them at the time.

When respondents call SSA to request a change to their direct deposit, the automated telephone system informs them that they will have to log into their *my* Social Security accounts to request a SAP code before they are automatically placed in a dedicated call back queue. Once added to the dedicated callback queue, the next available technician places an outbound call to the respondent and, upon connecting with the respondent, asks if the respondent has a *my* Social Security account. If the respondent does, the technician asks him or her to log into the account through a dedicated vanity URL link ( *www.ssa.gov/pin* ), or sends the link to the respondent via email or text message so that the respondent may authenticate using their online account and generate an eight-digit SAP. SSA created the user-friendly vanity URL (a custom, short-cut URL) that navigates respondents directly to the SAP generation page, allowing them to quickly and easily generate the SAP after accessing their account to ease the burden on customers. This feature reduces the burden on the respondent to navigate within his or her online account, authenticate, and generate the SAP. Once created, the SAP is valid for three hours and generates immediately when the respondent selects “Generate PIN” from the link the technician provides. There is no limit to the number of SAPs a customer can generate during a single transaction.

*The process works as follows:*

*For first or third party (individual representative payees requesting post-entitlement direct deposit actions) respondents who contact SSA by telephone:*

• Upon connecting with our automated telephone system, the system asks the respondent to give the reason for his or her call. If he or she responds by requesting a change to his or her direct deposit, the system informs the respondent that he or she must first generate a secure, one-time code by going to *ssa.gov/PIN* and reminds the respondent that he or she can also make these updates using either their secure *my* Social Security account or by contacting his or her financial institution. Following these instructions, the system informs the caller that he or she will receive a callback and will have the opportunity to update the phone number we use to contact him or her.

• The system then adds the caller to the dedicated callback queue. Once added to the dedicated callback queue, the next available technician places an outbound call to the respondent and, upon connecting with the respondent, asks if he or she has a *my* Social Security account.

○ If the answer is “Yes”:

The technician provides the respondent with a direct link to his or her *my* Social Security account SAP page, either by reading the vanity URL to the respondent or by sending the link via email or text, where the respondent can generate an 8-digit Security SAP after signing into his or her account and successfully completing Multifactor Authentication (MFA) through SSA's current credentialing and authentication process (OMB No. 0960-0789).

The respondent uses the direct link to generate a SAP using the “Generate PIN” button on his or her *my* Social Security account SAP page.

The SAP code is valid for three hours, so if the callers are disconnected, they can still use this SAP within the three-hour period. The respondents can generate a new SAP at any time.

**• Note:**

Generating the SAP allows the respondents to safely complete their direct deposit changes over the telephone and replaces the need for the respondents to either complete their direct deposit changes in person or through a *my* Social Security account. Since the SAP process takes about the same time as logging into a *my* Social Security account, it does not change the time burden for the respondents.

The respondent provides the SAP to the technician and the technician enters the SAP in TED to verify the respondent's identity.

• If the SAP matches the information in the system, the call continues, and the respondent can make direct deposit changes via telephone.

• If the SAP does not match, the technician requests the respondent generate a new SAP and attempt to verify again. If the respondent is unable to verify the SAP, the technician informs the respondent that he or she will need to either complete the direct deposit change request through his or her *my* Social Security account; ask his or her bank to make the change through the Automated Enrollment (ENR) process; or offers an appointment for an in-person visit to a field office to complete the direct deposit changes.

○ If the answer is “No.”:

The technician informs the respondents that he or she will need to either complete the direct deposit request through his or her *my* Social Security account; ask his or her bank to make the change through the Automated Enrollment (ENR) process; or offers him or her an appointment for an in-person visit to a field office to complete the direct deposit changes.

• End call.

**○ Note:**

Organizational Payees maintain their ability to add, change, or remove direct deposit or direct express information as they have previously and continue to operate outside of the SAP process. We only require individual representative payees who are not Organizational Payees to complete the SAP process on their own behalf to establish their identities with SSA before making direct deposit changes on behalf of the claimant they are representing.

*For Respondents who visit SSA in person to request direct deposit changes but do not have the necessary identity document(s) to authenticate themselves:*

• The technician requests the respondent's SSN.

• The respondent provides the SSN to technician.

• The technician requests acceptable forms of identification ( *e.g.,* State ID/driver's license, U.S. Passport, etc.).

• If the respondent does not have an acceptable form of identification on his or her person, the technician asks if the respondent has an online *my* Social Security account. If he or she does, the technician asks if he or she wants to generate a SAP code.

○ If the answer is “Yes”:

The technician provides the respondent with a direct link to the SAP screen, either by reading the vanity URL to the respondent or by sending a link via email or text, where the respondent can generate an 8-digit Security Authentication PIN (SAP) after the respondent signs into his or her *my* Social Security account and successfully completes Multifactor Authentication (MFA). The SAP is valid for three hours. The respondent can generate a new SAP at any time, if required.

The technician waits (and, if needed assists) the respondent in logging into his or her *my* Social Security account.

The respondent uses the vanity URL to generate the SAP using the “Generate PIN” button from within the *my* Social Security account.

**• Note:**

The SAP replaces the need for respondents to submit their identifying documents in person. Therefore, the SAP process does not change the time burden for the respondents.

The technician enters the SAP in TED to verify respondent's identity.

• If the SAP matches the information in the system, the technician continues by providing the requested direct deposit changes ( *e.g.,* making a payment method change).

• If the SAP does not match, the technician asks the respondent to use the “Generate PIN” button to generate a new SAP. Then the technician helps the respondent proceed through steps 2-4 again.

• If the SAP does not match the second time, the technician helps the respondent set up a second in-person appointment with a reminder to bring identifying documents to that appointment and reminds the respondent that he or she can ask the bank to make the change through the Automated Enrollment (ENR) process.

○ If the answer is “No”:

The technician helps the respondent set up a second in-person appointment with a reminder to bring identifying documents to that appointment.

**Information the Security Authentication PIN Tool Will Collect**

While the public-facing SAP tool itself does not collect any information, the process of creating or logging into a *my* Social Security account requires the respondent to submit several pieces of identifying information (such as an email address, a password, selecting a multi-factor authentication method, and completing identity proofing, which entails uploading an ID and taking a “selfie”) to both sign up/or use *ID.me* or *Login.gov* , and to use the enhanced multi-factor identification tool each time the respondent logs in to the account. We previously obtained OMB approval for the burden associated with the creation of the *my* Social Security account under SSA's Public Credentialing and Authentication Process (OMB No. 0960-0789) which utilizes *ID.me* and *Login.gov* for authentication purposes. However, while the creation of a *my* Social Security account is already covered under a separate OMB Control number, we are accounting for the increased burden associated with generating a SAP through *my* Social Security to complete a direct deposit transaction with SSA over the telephone.

*For Respondents, or their Representative Payees, who cite a dire need situation to conduct business over the phone for Direct Deposit (who are unable to generate the SAP or visit a field office):*

For respondents meeting certain dire need criteria, SSA may permit respondents to make direct deposit changes by telephone without SAP authentication. Respondents meeting the exception criteria are identified through a personal interview with a technician using Form SSA-553, Special Determination. The technician initiates the exception process during the interview for the SAP process if the respondent is unable to complete the SAP process or visit a field office due to severe restrictions. In those cases, the SSA technician, or SSA management, completes the fillable PDF version of the SSA-553 during the personal telephone interview. The technician then submits the completed SSA-533 to SSA management who reviews the request and decides whether to grant the exception based on the information provided. If management grants the exception, the respondent uses knowledge-based verification over the phone prior to completing his or her direct deposit changes (the same verification we use for our other telephone services). Since this process is less effective in mitigating fraud and securing financial information, SSA limits the use of this request to dire need situations. SSA technicians determine dire need on a case-by-case basis.

The respondents are individuals who wish to do business with SSA over the telephone or in person for the purpose of direct deposit enrollments, updates or cancellations.

*Type of Request:* Revision of an OMB-approved information collection.

| Modality of completion | Number of | Frequency | Average | Estimated | Average | Average wait time in field | Total annual |
| --- | --- | --- | --- | --- | --- | --- | --- |
| Respondents requesting phone-based assistance changes for direct deposit using the SAP process | 528,626 | 1 | 5 | 44,052 | * $23.47 | ** 6 | *** $2,274,595 |
| Respondents requesting changes for direct deposit who failed SAP over the phone | 26,343 | 1 | 4 | 1,756 | * 23.47 | ** 6 | *** 103,033 |
| Respondents requesting direct deposit who chose to visit a field office who need identity proofing via SAP | 395 | 1 | 5 | 33 | * 23.47 | ** 23 | *** 4,318 |
| Respondents who drop out of SAP and use an alternate method for changing direct deposit. | 2,084,532 | 1 | 9 | 312,680 | * 23.47 | ** 23 | *** 26,092,796 |
| Totals | 2,639,896 |  |  | 358,521 |  |  | *** 28,474,742 |

Dated: March 27, 2026.

Mark Steffensen,

General Counsel, Chief of Law and Policy, Social Security Administration.