Podcast: Jordan Burris Joins Government Huddle Podcast to Unpack “Game-Changing” Federal Guidance Impacting Identity Verification

As many government services shift online, the United States needs accessible and secure citizen-facing digital identity verification systems. During the pandemic, we saw cybercriminals steal billions in relief money due to inadequate identity verification, all while legitimate applicants struggled with unnecessary burdens.

We view digital identity as critical infrastructure, aiming to include various minority groups, recent immigrants, age groups, and socioeconomic backgrounds so they can avoid falling victim to abuse and fraud.

On March 2, the Biden administration released its latest National Cybersecurity Strategy and Pandemic Anti-Fraud Proposal. Both documents contain critical goals and funding to solve the digital identity problem for government agencies.

On a recent episode of The Government Huddle Podcast, I sat down with Socure Vice President of Public Sector Strategy, Jordan Burris, and we discussed the recent news and gave some valuable insights on how a new approach to digital identity can make a huge difference in everyday life.

Brian Chidester: Unpacking last week’s actions by the White House, what makes them so important?

Jordan Burris: The first item was an update to the National Cybersecurity Strategy, an effort that was spearheaded by former National Cyber Director Chris Inglis and Acting Director Kemba Walden. The idea is to set forth the markers for the government’s approach to cybersecurity on a national scale. The second item was important for the identity community. They released an anti-fraud proposal that signaled what is forthcoming in the President’s Budget and previewed an executive order related to identity and theft that was also previewed in the State of the Union.

Brian Chidester: You mentioned it was a “game-changer” in your recent comments. Why is this new strategy so important?

Jordan Burris: It’s a game-changer in a few different aspects. It sets an idea that we need to change incentives: how do we change this compliance-driven mindset and only take appropriate actions after a major event has occurred? It takes the desire for that and uses regulation to put accountability where it should be, shifting it to providers rather than end-users. There also set markers for what the future should be and laid out the foundation for a digital identity ecosystem.

One of the things that I talk about is that identity should be considered critical infrastructure that should receive investment. They also talked about the need for measurement and transparency. In particular, when you’re looking to solve a problem, especially one that’s impacting different communities and groups, you need to measure your impact. It’s imperative they included that. The anti-fraud proposal doubled down on that promise and understood the status quo didn’t work during the pandemic. We’re excited to do what we can to partner up and, where possible, support the administration’s efforts.

Brian Chidester: Why is transparency so important? How is Socure using that message in its work?

Jordan Burris: The reality is that “sunlight is the best disinfectant”. If you’re trying to understand what needs to change, you need to put things in the open. For a number of years, I’ve worked to understand the root cause of problems like improper payments or payment integrity. What was the reason? Why was it happening? Was it a manual process or the checklist approach? Whenever there was fraud taking place, we didn’t know to what extent it was occurring. We also couldn’t measure the impact to individuals when new measures were put into place.

When we’re talking about transparency and measurement, we can highlight how well something is performing, what things are being done to augment the issue, and how well the user experience is working. At the end of the day, we’re designing our identity verification platforms to meet the public where they are and take a targeted approach to overcome things they can’t control.

For example, quite a bit of the US population is “credit invisible”, meaning they don’t have a substantial credit footprint. They could be someone who just entered the country or someone who grew up like me and didn’t have a really good financial footprint. That doesn’t mean they shouldn’t be able to engage in an online/digital channel. It doesn’t mean they should wait for hours in-person because they couldn’t confirm who they were online.

Right now, it’s critical to have a debate around transparency so we can highlight and quantify how many people are being disadvantaged, how many get through the process, and what the overall approval rates are. Ultimately, that should be a standard that’s held by the government so we can all come together and unify on what must be done to improve citizen experience and access.

Brian Chidester: From your perspective, what has worked in recent public-private partnerships and what needs improvement?

Jordan Burris: When engaging with technology policy at a national level, there’s a lot of things you don’t see. People may not want to admit it, but not everyone has all the answers. During my four years in public service, there were huge advancements that I didn’t know about. It’s often a matter of the commercial industry raising its hand and explaining what is possible. By explaining how their technology can advance the overall mission.

During the prior administration, there was a push to move from low-value to high-value work. What could we do with process automation to eliminate mundane tasks and focus on important exercises. For the private sector, a partnership has to be one where we can understand where the government is coming from, the challenges they’re trying to solve, and identify the opportunity, even if none currently exists. The most effective partnerships have involved a unification of efforts and sharing of information.

Brian Chidester: What new federal resources do you think are going to come to the table for digital identity?

Jordan Burris: There’s going to be a lot of work that takes place at the National Institute for Standards and Technology (NIST) for understanding different ways to approach and measure identity. The National Cybersecurity Center for Excellence can be used to test out different tools, techniques, and approaches. They’ve done this before with zero-trust, so there are likely to be similar projects set up.

From a financial standpoint, the actions discussed funding in the President’s Budget and how to use funds passed in the 2021 American Rescue Plan. Already there’s over $1 billion in new spending for advancing the underlying infrastructure of digital identity such as improving data sharing, modernizing public services to get them off old mainframes, and doing more predictive analytics. I’m particularly encouraged by predictive analytics as you can better manage risk.

There’s also a new focus on reinvesting money recovered from fraud losses into government programs. In financial services, a bank can use money saved from fraud losses for other parts of the business. The government typically doesn’t have that level of flexibility, but the new proposals give the opportunity to reallocate funding and achieve return on investment. That becomes a powerful tool for digital identity and fraud prevention.

One of the things that got buried is the work with victims of identity theft. The administration announced actions to go further than what IdentityTheft.gov and the FTC are doing. Usually when someone gets their identity stolen, the burden is on them to fix the problem – calling credit bureaus, freezing their cards, etc. Despite this burden, it doesn’t necessarily work. The new call for a one-stop shop for folks to reestablish their identity is very impactful.

There’s much more that remains in this process and work that has to be done in Congress. The administrative and legislative branches need to collaborate and hone in on what needs to be done. Click here to listen to my conversation with Jordan in its entirety and if you want to learn more about how Socure is supporting the public sector, check out Socure’s Public Sector Identity Solutions.