September 23, 2021

Bucks Blog: Checking Social Security Benefits Online

Back in the spring, I wrote about how the federal government, to cut costs, has stopped mailing annual Social Security statements to most workers. Instead, the agency now invites workers to register and check their benefits online.

It’s important to check your statement, to make sure your annual income — the basis for calculating your retirement benefits — is correctly recorded.

I was skeptical that I’d remember to check my statement each year if it didn’t prompt me by arriving in my mailbox, but I was willing to give the system a try.  After a bit of a hassle about choosing a password and security questions, I was able to register online in May. I then promptly forgot about the whole thing.

Until last week, that is, when I got an e-mail from the Social Security Administration, reminding me to go online to check my statement. So far, so good!

As I had feared, though, I had forgotten my log-in credentials and couldn’t seem to locate them in my records. So I went through the process of requesting my username and password, which required me to enter my Social Security number and birth date, and answer three security questions that I’d previously established when I registered. That allowed me to obtain my username, and to quickly reset my password and gain access to my statement.

The most recent income totals looked correct. Plus, the statements also provide information about what your payment will be at “full” retirement age, which varies by year of birth, as well as if you retire early, at age 62. The difference is striking. My total benefits at full retirement, age 67, are estimated to be about $600 more a month than if I retire at age 62.

The statement also estimates your monthly benefit if you become disabled, and, if you’re a parent, what your children’s survivor benefits would be if you were to die.

The site allows you to print your statement, and there’s also an option to deactivate your online account, should you change your mind about using the Internet to monitor your statements. (Workers who are 60 and older and not yet receiving benefits still get paper ones mailed.)

Have you checked your Social Security statements online? Did you receive an e-mail reminder?

Article source:

Bucks Blog: Dwolla: A Service for Passing Money Back and Forth

When he was a merchant selling stereo speakers online, nothing burned up Ben Milne more than the fees he had to pay credit card companies. So he has started a company, one that aims to create an alternative, Internet-based payment system with a simpler fee structure for both consumers and retailers.

The company, based in Des Moines, Iowa, has a funny name: Dwolla. Nevertheless, Mr. Milne, Dwolla’s chief executive, says the system has about 70,000 users (including about 5,000 merchants) and is handling $1 million a day in transactions.

How does it work? Users sign up online for a Dwolla account, which involves entering personal information like date of birth and Social Security number. Dwolla says it uses the information to make sure you are old enough to open an account (you must be 18 or older) and to verify your identity.

Then you fund the Dwolla account by linking it to a bank account and transferring money to Dwolla (this differs from other kinds of newfangled payment services — like, say, Google Wallet — which are typically funded with a credit card).

Formalizing the setup can take a couple of days. During that time, Dwolla makes one or two small test deposits, which you must verify, to make sure you are authorized to have access to the bank account. Dwolla itself is not a bank, so once the Dwolla account is funded, the money actually sits in a credit union in Iowa.

Then, when you shop at a merchant that accepts Dwolla (a map is on the Web site), you can get access to the system via a phone; find the merchant, enter an amount and click to pay. You can also pay individuals, via an e-mail, or by Twitter or Facebook; the recipient gets notification that you have sent the money. (Dwolla says it does not exchange your financial information with the social media sites “in any way, shape or form.”) Then, he or she must register for an account at Dwolla to accept the money.

Transactions are now free for amounts under $10; otherwise, they are a flat 25 cents each, rather than a percentage of the transaction. The store — or the person getting the money — pays the fee, under Dwolla’s default setting. But you can click an option to pay the fee yourself — if, say, you’re making a donation, or paying back a friend who fronted you some cash at dinner.

The system is secure, Dwolla says, because the merchant never sees your bank account number; the transaction is handled by Dwolla. “We don’t expose your information,” Mr. Milne said.

To demonstrate how this actually works, Dwolla sent me a test payment of $1. I received an e-mail, notifying me that I had been sent money on Dwolla. (It also said, “It could be a million dollars!” Cute — maybe a bit too cute, for a payment system trying to be taken seriously and not wanting to be mistaken for spam or a scam.)

To accept the payment, I clicked on an embedded link and was directed to the Dwolla Web site, where I selected a PIN and signed up for an account. (I didn’t, however, link my bank account; call me a fuddy-duddy, but I tend to be cautious about doing things like that.) Mr. Milne says Dwolla is vigilant about watching for phishing attacks, which often involve sending look-alike e-mails with embedded links. But if you are uncomfortable clicking on a link in an e-mail, he said, you can instead go directly to Dwolla’s Web site by typing its URL yourself, then entering your e-mail address to receive your money.

At that point, the money could sit there in my Dwolla account, to be used to pay other Dwolla users. Or — if I linked my bank account — I could transfer the buck into my outside account. Since this was just a test, I opted to pay Dwolla back its dollar. (But I didn’t click the option to pay the quarter fee myself; sorry Dwolla!)

One catch is that moving money from your bank to your Dwolla account typically takes a few days because of the funds transfer system that banks use. That’s a drawback if you are suddenly in need of cash to buy something unexpected and your Dwolla balance is too low.

So to speed up access to your money, Dwolla recently began offering an “instant” option for people who want faster access to their cash. The option, which costs $3 a month for unlimited use, means Dwolla will spot you up to $500 when you do not have enough in your Dwolla account to cover a purchase. You promise to repay the funds within 30 days; otherwise, you incur a flat, $5 late fee. (Dwolla currently does not require a formal credit check for Instant users, but may in the future, a spokesman, Jordan Lampe, said in an e-mail. Right now it qualifies Instant users with a risk analysis tool developed with the Members Group, a payment company and a Dwolla investor.)

Adding fees to accounts is not wildly popular with consumers right now (see: Bank of America). But Mr. Milne counters that the fees for the Instant service are clearly disclosed, and consumers know what they must do to avoid the late charge; there is no risk of a whopping $35 overdraft fee, followed by multiple add-on fees, as there is if you overdraw a bank account. “We want to have transparency in fees,” he said.

You can, of course, skip the instant option. In that case, if you try to buy something without sufficient funds, the transaction is simply declined.

The Smokey Row Coffee Company,  with several locations in Iowa, has been accepting Dwolla at its Des Moines location since May and now does two to 10 transactions a day, says Mandy Miller, creative director at the shops. The service saves money that would otherwise be paid in credit-card interchange fees. “We don’t see any drawbacks,” she said.

Carter Bailey, a software developer near San Antonio, heard about Dwolla online and persuaded his landlord to begin using it. “It’s one of the easier Web services I’ve ever signed up for,” said Mr. Bailey, who signed up for Dwolla and authenticated his bank account using Twitter.

Of course, many more merchants and users will have to start using Dwolla if it is to reach critical mass. Mr. Milne says he thinks it can be done — and that, eventually, the system may even be attractive to banks themselves. “We believe our system can be leveraged by banks and consumers, and it would be valuable to everybody,” he said.

What do you think of Dwolla’s approach?

Article source:

Bucks Blog: Banks Rely Too Heavily On Social Security Numbers, Report Finds

Banks can do better at protecting their customers from the risk of identity fraud, a new report from Javelin Strategy Research finds.

The firm’s annual Banking Identity Safety Scorecard looked at the consumer-security practices of 25 large banks and credit unions. It found that far too many still rely on customers’ Social Security numbers for authentication purposes — for instance, to verify a customer’s identity when he or she wants to speak to a bank representative over the telephone or re-set a password.

All banks in the report used some version of the Social Security number as a means of authenticating the customer, Javelin found. The pervasive use of Social Security numbers was surprising, given the importance of Social Security numbers as a tool for identity theft, said Phil Blank, managing director of security, risk and fraud at Javelin.

Customers must provide their Social Security number when opening a bank account, he said, but it shouldn’t be used routinely for other purposes, because telling people to keep their number private but habitually asking for it sends the wrong message. “This is something the financial institutions really need to do some work on,” he said. “The consumer should not be trained that it’s O.K. to give up your Social Security number.”

Even partial numbers should be avoided, the report said, because as they have become more widely used, they have become a common target for phishing. “Along with the mother’s maiden name, a truncated version of the S.S.N. is not an effective means of identifying the consumer,” the report says.

The average score of banks in the report was 56 out of a possible total of 100 points, based on criteria that included steps to prevent, detect and resolve fraud.

Banks should also improve their ability to send alerts automatically to customers when crucial changes are made to an account, Mr. Blank said. Nearly three-fourths of the banks in the analysis offered alerts for a change of address, but just 20 percent let customers set up an alert in the event another registered user is added to the account — even though that technique is one way criminals can gain access to bank accounts. “That’s one of the basic ways account takeovers happen,” he said.

Banks can be proactive with their behind-the-scenes behavior analysis, which helps them detect unusual patterns that might be cause for suspicion and alert the consumer. But the option for automatic alerts is important, he said, because “no one knows your financial habits better than you do.”

On the plus side, 40 percent of the banks in the report offered free browser security software, Javelin found.

Have you recently been asked for your Social Security number when contacting your bank? Does that concern you?

Article source:

Bucks: Companies Offer Free Versions of Identity Theft Services


The recent spate of computer hacking and security breaches has heightened interest in credit and identity-theft monitoring services. Two companies, TrustedID and Debix, have started offering free versions of their surveillance systems.

We here at Bucks typically advocate creating your own free monitoring system.

You can, for instance, periodically obtain your free credit reports from the big three credit bureaus (one from a different bureau every four months, through and check them for suspicious activity. Or, as Ron Lieber discussed in a recent column, you can use the “security freeze” option.

But the idea of a service that is free and automatic piqued our interest. Debix and TrustedID claim to hunt down potential fraud by scanning online sites where fraudsters may be hawking your personal information. (A hat-tip to Edgar Dworsky at ConsumerWorld for alerting us to the free services).

Austin, Texas-based Debix is the provider of AllClearID, a service being offered by Sony to customers whose personal information was compromised in the breach of its PlayStation network. The Sony victims are getting service’s  “plus” version, which the company offers through corporate clients and includes insurance to cover financial losses.

But AllClear ID also offers a free version to the general public. It includes Internet surveillance, notification if suspicious activity is found and help with repairing your identity if information is stolen. To sign up, you enter your name, e-mail address and date of birth on its Web site.

Bo Holland, Debix’s chief executive, says he considers the most valuable feature of the free version to be the identity repair service. If someone successfully steals your identity — by obtaining personal information, like your Social Security number or date of birth — and opens bank accounts or credit cards in your name, the damage can take great effort to repair. Most people don’t know where to begin. “We can do it in a matter of weeks,” says Mr. Holland.

The Internet surveillance, he says, is done electronically; software scans online information in chat rooms where identities are bought and sold. The system also can monitor “peer to peer” file sharing networks, he said, which often act as “vacuums” sucking up vulnerable personal information from personal computers.

To sign up, you enter your name, e-mail address and date of birth at AllClearID’s Web site. The service doesn’t ask you to enter credit card numbers, because the company’s research shows consumers are often uncomfortable doing so, Mr. Holland said. But typically, he said, when identity information is found online, it is a collection of information like names, birth dates, e-mail addresses and Social Security numbers, which may also have credit card information attached.

AllClearID could boost its match rate by requesting more specific information from customers, like credit card numbers, but opts not to, he said in a follow-up e-mail. “We get pretty good results with our low data collection approach.”

TrustedID has also started offering a free version of their surveillance system.TrustedIDTrustedID has also started offering a free version of their surveillance system.

The free product from TrustedID, based in Redwood City, Calif., is called IDSafe. It includes monitoring of the Internet and “black market” Web sites for up to three credit cards and your Social Security number, along with e-mail notification of any suspicious activity.(The company’s premium version costs $14.99 a month, or $125 a year, and includes extras like protection for multiple family members, telephone notification of potential problems and protection for financial losses.)

Lyn Chitow Oakes, chief marketing officer for TrustedID, says it also uses electronic systems to monitor the Internet for possible misuse of personal information and credit card numbers (you provide the numbers you want tracked when you register). In addition, she said, company representatives may gain invitation to private chat rooms, where stolen data is hawked, so they can monitor conversations as passive participants.

“The information is monitored and matched against the information the customer provides us,” she said. If a flagged credit card or Social Security number is found, “We alert the consumer immediately,” initially by e-mail and, eventually, by phone if the consumer doesn’t respond.

IDSafe also provides a free credit score from TransUnion each year, but it isn’t the actual FICO score that a lender would obtain if you applied for a loan. “It gives you a pretty good idea of where your score would be,” Ms. Chitow Oakes said.

Do you subscribe to a credit or identity monitoring service? Has it alerted you to any problems?

This post has been revised to reflect the following correction:

Correction: June 7, 2011

An earlier version of this post referred incorrectly to the AllClearID service provided to Sony customers who were affected by recent security breaches. They are receiving the “plus” service, which does not include scanning of files at the three major credit bureaus.

Article source: