eCBSV Technical Information
eCBSV Technical Information
The Banking Bill requires SSA to collect 50 percent of the program startup costs prior to developing the eCBSV system. Therefore, we are unable to provide specific technical details about the system at this time. We plan to update this page to share technical details, including the Technical Guide referenced and linked to in the User Agreement, as the eCBSV system development progresses. In the meantime, below you will find draft high-level information about the anticipated eCBSV Service. If you have any specific questions, please email them to eCBSV@ssa.gov.
- In June 2020, SSA will implement the new eCBSV service to allow the selected permitted entities to verify an individual's SSN based on the SSN holder's signed consent to disclose the SSN Verification.
- SSN Verifications will be provided via an application programming interface (API).
- The Verification API will verify that the number holder’s SSN, name, and date of birth matches or does not match the data in the Social Security Administration’s records.
- The Verification API will return a match verification of “yes” or “no.” If our records show that the SSN holder is deceased, the API will return a death indicator.
- Permitted entities will have the ability to submit one or many verification requests to the Verification API for real-time results.
- The Verification API will return various error codes if the service is unavailable or the transaction cannot be processed.
- The Verification API will provide various alerts to avoid interruptions to service (e.g. agreements expiring or transaction balance is low)
- eCBSV services are not available if your company does not stay within your selected tier level and have a current/valid signed agreement.
- eCBSV services will not be provided without successful authentication and authorization.
Access to eCBSV
- SSA will not issue end-user credentials and will not manage end-user identities or permissions. Rather, SSA will provide an OpenID Connect and OAuth 2.0 solution for authentication and authorization to SSA’s Verification API.
- Therefore, in order to access eCBSV, permitted entities must:
- Implement the required OpenID Connect/OAuth 2.0 configurations.
- Assign and manage all end-user permissions, which will be provided as attributes in the OpenID Connect assertion.
- Obtain API keys from SSA according to industry best practices.
As we build the system, we will define the availability. We anticipate providing eCBSV with the same availability or better of the existing CBSV application, which is as follows:
Monday – Friday
5:00 AM to 1:00 AM Eastern Standard Time
5:00 AM to 11:00 PM Eastern Standard Time
8:00 AM to 11:30 PM Eastern Standard Time