Justification for the Non-Substantive Changes -0960-0789 (IT Modification Request))

Justification for the Non-Substantive Changes for

Social Security Administration’s Public Credentialing and Authentication Process

20 CFR 401.45 & 20 CFR 402

OMB No. 0960-0789

Background

Since its establishment in May 2012, SSA uses the Social Security Administration’s Public Credentialing and Authentication Process (hereafter-called “eAccess”) to provide a secure, centralized gateway to Social Security’s public-facing electronic services. SSA currently allows users to register both through our eAccess Internet process, and through a personal interview process using the Registration and Customer Support (RCS) screens for in-person or telephone interviews.

In the March 2023 release we moved Business Services Online (BSO) behind eAccess authentication for Electronic Wage Reporting (EWR) and Social Security Number Verification Service (SSNVS).

SSA is planning an October 2023 release for our new authentication and authorization service MAGIC (Management of Authentication and Authorization of Government Users, Institutions, and Customers). MAGIC focuses on providing authorization and delegation capabilities to SSA’s business and government customers so they can self-manage who can report or access SSA online business services on their behalf.

SSA’s first release of MAGIC will allow a Responsible Entity Officer (REO) to register their organization. An REO is an individual who is authorized by the entity to legally bind the entity, including the ability to execute agreements that are binding and enforceable against the entity. The REO should have the authority to access, authorize disclosure of, and delegate other individuals to have access to the information available through this Social Security service.

At this time, SSA is releasing this functionality as a pilot to 30 employers that report wages electronically through EWR. We will release future functionalities at a later date.

SSA plans to implement these new, non-substantive revisions on October 28, 2023.

Revisions to the Collection Instrument

• Change #1: We are adding new screens to allow for REO registration under MAGIC.

Justification #1: This MAGIC authorization process will begin to bring BSO into compliance with IRS’ internal revenue code and allow for a more secure experience for our business customers. The REO will be able to assign and manage roles for the business entity in a future release.

Future Plans

Due to the agile nature of our projects, SSA expects to make more enhancements in the future to strengthen our electronic access authentication posture. Currently, we are still finalizing our IT modernization plans for these changes. We expect to submit another change request within six to nine months to request approval for additional updates to the system, and potentially, update the burden again to include additional users.