Improving Access to—and Integrity of—Federal Benefits Using Digital ID Technology

Executive Summary 

American taxpayers spend more than $1 trillion annually on social welfare programs designed to help Americans with the necessities of daily life. These benefits are particularly important for ensuring that lower-income Americans avoid living in poverty. Unfortunately, due to a high incidence of waste, fraud, and abuse in these programs, the administrative burden—or time tax”—of applying for and receiving federal benefits results in many Americans not receiving the assistance that Congress has intended for them. 

For example, according to the IRS, roughly one in five eligible taxpayers forgo the opportunity to apply for the federal Earned Income Tax Credit. Millions of Americans miss out on billions of dollars in financial assistance annually that promote the health and wellbeing of mothers and children. Broadly, Americans forgo as much as $140 billion in social welfare benefits, in part due to the administrative burdens associated with applying for them. Fully enrolling all eligible Americans in all of the main social welfare programs could move 15 million people, including five million children, out of poverty.

While many Americans forgo unclaimed benefits, a significant share of federal social welfare spending does not reach its intended recipients, due to federal funds spent improperly as well as waste, fraud, and abuse. According to the Biden administration’s most recent estimate, the federal government made $236 billion in improper payments during FY2023 (or payments “that should not have been made or were made in the incorrect amount,” according to the Government Accountability Office or GAO), including $175 billion in overpayments.  

While approximately $101 billion of the overall improper payment estimate were attributed to the Medicare and Medicaid programs (which generally involve payments to medical service providers), approximately $75 billion were from the Unemployment Insurance ($48 billion), Earned Income Tax Credit ($22 billion), and Supplemental Security Income ($5 billion). Each of the latter programs involve payments to individuals, or benefits that require beneficiaries to provide information to the government to determine eligibility.In addition, GAO estimated that the federal government lost between “$233 billion to $521 billion annually to fraud” during the period of years from FY2018 to FY2022.

For decades, Congress and administrations of both parties have tried to improve federal program benefit delivery and management. However, reforms have proven insufficient to date.

Many policymakers have considered the related challenges of addressing the time tax and reducing administrative burdens and strengthening program integrity conflicting challenges.  That is, expanding access to beneficiaries and reducing administrative burdens invariably reduce risks to program integrity and to misspending. 

But a new option exists to potentially address both challenges: using digital technologies for the purpose of identity verification while providing more convenient access to federal benefits. Around the world, policymakers are establishing digital identities to facilitate citizen interactions with governments and to prevent fraud and identity theft. Several countries, most notably Estonia, have successfully addressed the problem of waste, fraud, and abuse by enacting a cryptographically secured digital identity system. Such systems work by pairing a chip-enabled identification card with a personal identification number (PIN) that the user memorizes. Unlike Social Security numbers, which are effectively in the public domain and often subject to misuse, the modern digital approach makes it more difficult to misappropriate someone’s identity. 

The United States has already made substantial progress establishing a secure way for Americans to securely access government federal and state websites and services through Login.gov, which includes more than 80 million users. Looking forward, the White House and Congress should establish a limited digital identity technology platform for certain public benefit programs to strengthen program integrity and to reduce the administrative burden that Americans encounter accessing federal benefits, including by building upon the services offered by Login.gov.

Establishing a limited, voluntary federal digital identity platform would require carefully answering many legal, administrative, technical and acquisitions management issues. 

Policymakers will need to navigate Americans’ longstanding concerns about privacy; how the federal government uses information; and questions about the appropriate roles of the federal and state governments in identity management. Over time, a transition to a federal digital ID for certain public welfare benefits could ensure that hundreds of billions in federal benefits reach their intended beneficiaries, much in the way that TSA PreCheck—a voluntary program—speeds access and increases security at airports. 

This paper presents recommendations for incremental reforms to establish a limited, privacy-focused, voluntary federal digital identity for specific means-tested federal welfare programs and to study potential broader applications. The report also describes best practices and guidelines that policymakers should consider when designing and implementing a federal digital ID.

The report includes the following recommendations: 

1. The Office of Management and Budget, Office of Information and Regulatory Affairs, and the Joint Financial Management Improvement Program should establish a voluntary digital ID, building upon Login.gov, to reduce the time tax of federal benefits and to strengthen federal program integrity. The initiative should expand upon and strengthen services provided by Login.gov, which is used by 80 million Americans as well as federal and state government agencies.
   
2. Congress should direct the Government Accountability Office to evaluate alternatives to Login.gov for establishing a federal digital ID, and to examine how a digital ID initiative could affect program integrity, along with the time tax or administrative burden associated with federal programs. Moreover, Congress should direct GAO to review and provide recommendations for whether a voluntary federal, digital identity could affect improper payments, including by expanding the use of Login.gov.
   
3. Congress should direct the relevant federal agencies, including Treasury Department, in consultation with the Social Security Administration, the General Services Administration, the Department of Labor, and other relevant agencies, to use Login.gov or an alternative digital ID system for securely administering means-tested federal benefits. The system should incorporate default enrollment with voluntary opt-out.

1. The time tax and program integrity challenges

The current systems for delivering federal benefits pose administrative burdens on the people those programs are intended to help. This burden is often described as the “time tax,” since the process of applying for and receiving federal benefits often takes considerable time, paperwork, and effort. These burdensome requirements affect all Americans, but can be especially difficult for those living in poverty, the disabled, non-English speakers, and the elderly. The Biden administration has described these administrative challenges and detailed the cost they impose on vulnerable Americans: 

By one estimate, every year more than $140 billion in government benefits that Congress has authorized goes unclaimed—including tax credits for working families, health insurance coverage for low-income adults and children, unemployment benefits, and disability support. For instance, in recent years only about half of the women, infants, and young children eligible for nutrition assistance from the U.S. Department of Agriculture actually received that critical support.

The White House explained how the time tax is often more costly for Americans from lower socioeconomic backgrounds:

Families with irregular wages due to unemployment may have a harder time documenting their income than families with steady employment….Workers with multiple, part-time jobs may face higher barriers in taking time off to visit a government office in the middle of the day compared to workers with more predictable schedules. Small businesses, often family run, may not have staff to focus on completing the paperwork necessary for government loans or contracts.

Millions of eligible Americans forgo the Earned Income Tax Credit 

One significant problem lies in the federal tax system. Lower- and middle-income families forgo billions in federal financial assistance by not applying for means-tested tax benefits. For example, the Internal Revenue Service has reported that only 76 percent of eligible Americans applied for the federal Earned Income Tax Credit as of FY2020. In 2018, the Treasury Inspector General for Tax Administration explained that IRS estimates showed “that five million potentially eligible taxpayers do not claim the credit each year, resulting in $7.3 billion in unclaimed benefits annually.” 

In 2022, the IRS took the step of announcing an “EITC awareness day” with a spokesperson stating: “We urge people potentially eligible for this valuable credit to review the guidelines; many people each year overlook this and leave money on the table.”According to the Tax Policy Center, unfamiliarity with both the credit and IRS services that assist with tax filing and the EITC’s complexity may contribute to the problem of millions of Americans forgoing these tax benefits. 

The administrative burden of the EITC program causes significant harm on eligible lower- and middle-income households who miss out on benefits. Researchers have found that the EITC “improves health, with the most robust results for single mothers and children,” including reduced stress among mothers and “decreased incidents of low birthweight and improvements in the home environment, nutrition, and educational and economic attainment.”

Many low-income Americans report receiving no benefits 

The Biden administration’s concerns about the administrative burden of accessing federal benefits are supported by nonpartisan research. Aparna Mathur, now a FREOPP scholar, reviewed Census Bureau survey data in 2019 and found that less than one third of households living at or below 130 percent of the poverty level reported receiving multiple federal benefits. Nearly half reported receiving no federal assistance.

Mathur and Alexandra Schweitzer describe how the time tax prevents people from accessing these government benefits: 

“Administrative burdens are an important root cause of these gaps. Many programs require  applicants submit paperwork and attend in-person meetings before they can receive benefits, which is burdensome for people who may not have reliable access to transportation, child care, a printer, computer, or other tools necessary to apply. For example, a recent analysis describes the “opaque and unpredictable” process of applying for and using housing assistance vouchers for tenants and landlords.

The Urban Institute identified the following programs that are difficult for people to access, including:

• Medicaid and the Children’s Health Insurance Program (CHIP);
• The Supplemental Nutrition Assistance Program (SNAP);
• The Special Supplemental Nutrition Program for Women, Infants and Children (WIC);
• The Supplemental Security Income (SSI) program;
• Temporary Assistance for Needy Families (TANF);
• Child care assistance provided through the Child Care and Development Fund (CCDF);
• The Low-Income Home Energy Assistance Program (LIHEAP);
• Public and subsidized housing programs; and
• The Earned Income Tax Credit (EITC).

The table below highlights difficulty enrolling in key public benefit programs: 

The Urban Institute estimates that reforming the federal safety net to enable full participation would pull as many as 15 million people out of poverty, including five million children.

Benefit uncertainty, overpayments, and theft cause significant economic hardship 

In addition to the general administrative burdens of benefit applications, major benefit programs can also impose costs by providing uncertain benefits. The Social Security Administration famously clawed back benefits and demanded repayments when their own error caused billions of dollars of overpayments to otherwise legitimate beneficiaries. For example, a disability beneficiary who had been receiving monthly Social Security checks of roughly $1,000 was told that she owed the federal government $60,000 for overpayments. A 2022 SSA Inspector General report showed that the administration had more than $20 billion in outstanding overpayments. While the SSA has an obligation to manage its benefits responsibly, overpaying and then belatedly demanding repayment from the most vulnerable Americans causes unnecessary hardship. The SSA recently announced changes to its practice to reduce these hardships, including extending the time period when overpaid funds are withheld and providing more options for beneficiaries to challenge withheld payments.

The Supplemental Nutrition Assistance Program has proven susceptible to a different problem which can cause significant economic harm to Americans who depend on aid. A 2023 review found that American families lost $70 million in SNAP benefits due to theft. Fraudsters using card-reading skimming devices are stealing vital food assistance from vulnerable Americans.

Background on the federal government’s misspending in social welfare programs 

The federal government also struggles with payment integrity and fraud, particularly in social welfare programs and tax benefits. In 2024, the Government Accountability Office (GAO) reported that federal agencies estimated making $236 billion in improper payments last year, including approximately $175 billion in overpayments. This means that the federal government misspent roughly $1,800 per American household. Altogether, the federal government has reported making $2.7 trillion in improper payments over the past twenty years. The problem of federal misspending is much worse than even these estimates suggest, since certain high fraud risk federal programs, such as the Temporary Assistance for Needy Families, did not provide an estimate. Last year, GAO warned that the federal government also did not provide estimates for the SNAP. Reviewing federal estimates of misspending and fraud risk shows that a significant source of these problems are federal social welfare programs. 

The costly problem of federal misspending has been growing over time. The below figure shows OMB reported data of federal agencies’ estimated improper payments since 2012. Total improper payments have more than doubled over the past eleven years, and the improper payment rate has increased from 4.4 percent to 5.4 percent over that period. 

OMB reported estimates of total federal improper payments and the improper payment rate, FY2012 to FY2023

Identifying improper payment programs that involve direct payments to individuals

A large share of federal improper payments are attributed to programs that do not provide direct benefits to individuals.$101 billion of the improper payments reported in FY2023 were from the Medicare and Medicaid programs, which broadly involve payments to medical service providers or health insurance companies. However, improper payments are also common in federal programs that involve direct payments to individuals. For example, $75 billion in FY2023 improper payments were reported by the Department of Labor’s Unemployment Insurance program ($48 billion), the Treasury Department’s Earned Income Tax Credit ($22 billion), and Social Security Administration’s Supplemental Security Income ($5 billion). Each of the latter programs involve payments to individuals, or benefits that require beneficiaries to provide information to the government to determine eligibility.  The Department of Labor has cited “combating fraud” as one of the factors that needs to be addressed in the unemployment insurance program.  The Treasury Department cited an “inability to verify taxpayer-provided information” as a cause of improper payments in the EITC program. The Social Security Administration has reported that “improper payments occur because of beneficiaries’ failure to report necessary information or SSA’s failure to update records [in a timely manner].”

A significant source of improper payments is federal refundable tax credits, including the above-mentioned EITC. In FY 2023, one third of the $65 billion in outlays on the EITC program were made improperly. The Inspector General reported that “Eligibility rules differ for each credit and are often complex because they address complicated family relationships and residency arrangements to determine eligibility.” These rules increase the challenges for the IRS to ensure payment accuracy. The IRS’s taxpayer advocate explained that: “the eligibility requirements are complex, and as a result, the program suffers from a relatively high rate of improper payments that could be reduced if the eligibility requirements were simplified.” Table 1 shows the high and increasing rate of improper payments within the federal Earned Income Tax Credit program over the past five years. Table 2 shows the improper payment for the federal Additional Child Tax Credit from 2019 to 2023.

​​OMB reported IRS Additional Child Tax Credit Improper Payments, FY2019 to FY2023

Beyond tax credits, other major sources of federal improper payments also involve direct payments to individuals:

• Federal pandemic unemployment assistance: The Department of Labor and state workforce agencies are responsible for substantial misspending, estimated to cost $43.6 billion last year. In 2023, Labor’s Inspector General Larry D. Turner testified about widespread problems of fraud identified in pandemic unemployment assistance, including two million multistate claimants, 200,000 deceased parents filing claims, 47,000 federal prisoners, and more than two million suspicious email addresses. The IG provided many legislative recommendations for Congress, including requirements for  state workforce agencies to screen claims against other federal databases and to increase oversight capacity to improve controls. AEI senior fellow Matt Weidener warned that “states that administer both state and federal benefits currently have little incentive to recover what has been mostly misspent federal funds,” adding that “such recoveries require state effort and additional administrative expense, only to have any recovered funds revert to the federal government in the end.” 

• Supplemental Security Income: The SSI program reported $5 billion in improper payments last year. The SSA OIG pointed to several factors in misspending in 2023 testimony: “Improper payments can occur for many reasons, including when SSA does not obtain necessary information from beneficiaries or fails to act on that information once received. Improper payments also occur when SSA makes mistakes in computing payments due to the complexity of calculations and reliance on manual processes.”

Between $233 billion and $521 billion per year wasted on fraud 

Widespread fraud contributes to the federal government’s costly misspending problem. An April report by the nonpartisan Congressional watchdog agency estimated that the federal government loses $233 billion to $521 billion annually to fraud. If fraud and improper payments were its own program, it would be one of the largest line-items in the federal budget following Social Security, Medicare, defense, Medicaid, and interest payment on the national debt. 

As with improper payments, benefit programs for individuals and businesses account for a significant share of federal funds lost to fraud. GAO reports that between “$100 billion to $135 billion (between 11 and 15 percent of total spending) in fraudulent unemployment insurance payments were made between April 2020 and May 2023.” An Inspector General report found that the Small Business Administration lost more than $200 billion in fraudulent payments through pandemic-era programs—including the Paycheck Protection Program—which comprised 17 percent of those expenditures. In April 2024, the Inspector General for Tax Administration announced that it had stopped attempted fraudsters who tried to exploit the Employee Retention Credits and Family Leave Credit program by using employer identification numbers that could have cost taxpayers more than $3 billion. Waste and theft of federal funding was widespread during the pandemic. The Associated Press reported that “fraudsters potentially stole more than $280 billion in COVID-19 relief funding,” while “another $123 billion was wasted or misspent,” which “represents 10 percent of the $4.2 trillion the U.S. government has so far disbursed in COVID relief aid.”  

Technological innovations may increase fraud and misspending risks

Looking forward, rapid technological innovations enabled by artificial intelligence (AI) may increase the threats to benefit payment integrity. A 2024 report by the Financial Crimes Enforcement Network (FinCEN) identified more than $200 billion in suspicious financial transactions in 2021 involving identity-related issues. FinCEN warned that the identity-related fraud may increase in the future: 

The proliferation of data breaches compromising personally identifiable information, synthetic identities, and the rapid evolution of Artificial Intelligence may further enable bad actors to exploit identity processes more easily, quickly, and inexpensively to drive money laundering, fraud, and other cybercrime.

According to Deloitte analysts, generative AI will increase fraud risks by enabling deep fakes and voice spoofing, synthetic identity fraud, document forgery, and other means. The Federal Trade Commission recently initiated a new rule to prohibit government and business impersonation to deceive and exploit American consumers. According to one estimate, Americans lost $20 billion to identity theft in 2022. One can imagine how government agencies will similarly be vulnerable to fraud by committed actors leveraging new technologies. 

Increasing fiscal pressure on federal social welfare spending 

The U.S. government cannot afford to waste hundreds of billions of dollars on fraud or misspending. In February, the CBO issued its latest 10-year budget and economic outlook that offered dire predictions about federal fiscal policy. In 2024, the federal government will spend $870 billion on net interest, or nearly $50 billion more than the entire defense budget. In 2025, federal interest payments will approach $1 trillion–eclipsing the entire non-defense discretionary spending. By the end of the decade, CBO projects that debt held by the public will be $48 trillion (or 116 percent of GDP). At that point, net interest payments will be more than $1.6 trillion, compared to $2.1 trillion spent on defense and nondefense discretionary spending combined.

For Americans who depend on social welfare benefits, the growing pressure on the federal budget from rising debt payments presents several major risks. First among these, rising debt causes higher interest rates and inflation, which disproportionately harm lower-income Americans. Second, CBO predicts declining GDP growth by the latter half of the next decade—averaging 1.9 percent from 2029 through 2034—which will mean fewer economic opportunities and reduced upward mobility. Third, a growing portion of the non-defense discretionary spending will divert revenues away from social programs and toward servicing the massive federal debt. Those interest payments will also constrain policymakers’ future options for using fiscal policy to address future economic downturns and national crises, which will likely pose greater challenges for poorer Americans. 

Ensuring that the federal government does not misspend $200 billion annually, or lose a half a trillion dollars to fraud, should be an area of bipartisan agreement for federal policymakers to address the nation’s fiscal troubles. 

Efforts to prevent improper payments and fraud and improve customer service in federal benefit programs

Republican and Democratic policymakers have supported legislative and administrative reforms to strengthen federal program integrity and prevent improper payments and fraud. However, the persistent problems show that these reforms have proven inefficient to address these challenges to date. Moreover, federal agencies have attempted to reduce the time tax and compliance burden for federal benefit programs. Reviewing past and currently proposed reform efforts shows that more fundamental change is needed to address these costly problems that require fundamental change. 

Improving federal program payment integrity has been a bipartisan policy priority for decades. In 2002, Congress enacted a law requiring federal agency estimates for improper payments. In 2010, the Improper Payments Elimination and Recovery Act required federal agencies to take certain steps to decrease improper payments, including new reporting and increased oversight of high fraud risk programs. The bill also tasked the Office of Management and Budget to oversee federal agency misspending, with targets for improper payment recoveries. A follow-up law in 2012 established the federal “Do Not Pay” initiative aimed to improve data sharing and to further prevent payments to known fraud risks. In 2015, Congress passed the Fraud Reduction and Data Analytics Act, which instructed that the OMB “shall establish guidelines for agencies to establish financial and administrative controls to identify and assess fraud risks and design and implement control activities in order to prevent, detect, and respond to fraud, including improper payments.” Congress enacted the Payment Integrity Information Act of 2019, that required additional increased oversight and reporting to curb agency misspending. In the 2021 spending bill, Congress directed the IRS to take immediate action to curb improper payments within the IRS’s tax credit programs, including implementing open watchdog recommendations. In addition, the House Appropriations Committee approved report language in the 2023 funding bill that required GAO to conduct more ongoing oversight of federal improper payments, including quarterly reports on the topic. 

The Biden administration has also established several initiatives aimed to prevent misspending and fraud, as well as to modernize programs to reduce administrative burdens and improve customer service. In 2021, the OMB issued updated guidance for “payment integrity improvement” initiatives across federal agencies. A Treasury Inspector General summarized these changes as establishing a “more comprehensive and meaningful set of requirements to allow agencies to spend less time complying with low-value activities and more time researching the underlying causes of improper payments, balancing payment integrity risks and controls, and building the capacity to help prevent future improper payments.” In addition, President Biden’s OMB has prioritized improving customer service, including identifying and eliminating administrative burdens. Citing its authorities under the Paperwork Reduction Act, OMB instructed agencies to simplify requests for information, improve communications and outreach tools, and change information collection practices to address marginalized and underserved communities’ access challenges.” A 2023 Office of Information and Regulatory Affairs described efforts to streamline efforts at the Agriculture, Education, Labor, Housing and Urban Development, and Homeland Security departments, as well as the Social Security Administration, as progress reducing the time tax associated with federal benefits. In March 2024, the White House proposed a $1.6 billion initiative to prevent fraud that focuses on “ensuring resource and time for investigation and prosecution of those engaged in major or systemic pandemic fraud,” investing in fraud prevention and identity theft, and “helping victims of identity theft.” 

One focus of executive branch efforts to curb improper payments involves improving identity verification. In 2022, the Joint Financial Management Improvement Program—an initiative with input from OMB, GAO, OPM, and Treasury—published a report on identity control options to reduce improper payments. The report followed a 2020 OMB action to improve transparency about identity-related improper payments. The report highlighted controls that can support identity verification and prevent fraud: “digital footprint, bank account verification, physical address verification, email or phone verification, physical biometrics, and application notification.” TSince 2017, NIST has published standards and guidance for governmental use of digital identities. In addition, the GAO built an “ID Verification Controls Simulator,” which allows users to model and analyze how various controls would affect improper payment rates. 

In 2024, the Social Security Administration issued a new proposed rule, “Use of Electronic Payroll Data to Improve Program Administration,” to facilitate SSA’s plans for using payroll data and information to prevent misspending. In particular, SSA framed the new initiative as a means to reduce overpayments through Social Security Disability Insurance and Supplemental Security Income programs, since overpayments are required to be paid back and can cause financial hardship on beneficiaries who receive payments and then are required to pay it back either out of pocket or through reduced future payments. “These automated payroll information exchanges will address the inefficiencies associated with self-reporting and manual verification by introducing a more streamlined approach,” reasoned Commissioner Martin O’Malley. “These exchanges will prevent inequities caused by improper payments by enabling Social Security employees to adjust SSI payments before they are issued and help us more efficiently administer SSDI.” 

Recent legislation to improve federal program integrity

In 2024, preventing federal misspending continues to be a bipartisan policy priority for both political parties on Capitol Hill. The following are some examples of initiatives proposed during the 118th Congress: 

• The House Budget Committee Republicans’ budget called for a 50 percent reduction in improper payments, which would result in $1 trillion in savings over a decade, by “improving data sharing among agencies, enhancing data and eligibility verification, and incentivizing states and federal agencies to comply with anti-fraud rules.” 
• In February, Senator Ron Wyden and Sen. Mike Crapo, the chair and ranking member of the Senate Finance Committee, released a bipartisan framework for reforming unemployment insurance programs. The plan included establishing new rules for states administering federal unemployment benefits to vet claims against databases to improve program integrity. The framework would also modernize IT systems to improve customer service.
• In May, the House Budget Committee approved the “Improper Payments Transparency Act,” and the “Enhancing Improper Payment Accountability Act.” The first bill would require the administration to include estimates and information about improper payment rates in the annual budget submission to Congress.The second bill would expand existing improper payment oversight rules to additional federal programs (those with a budget over $100 million) and require federal agencies to submit reports to Congress on anti-fraud measures.
• In May, the Senate Homeland Security and Governmental Affairs Committee approved a bipartisan bill that would make permanent a pilot program that allows federal agencies to share information from Social Security’s death master file that prevents federal payments to the deceased. 
• Senator Mike Braun introduced the IRS Improper Payments Act, which would require the IRS to set performance targets for reducing improper payments, among other reforms.

The past and ongoing bipartisan support for enhancing program integrity and preventing fraud indicates the seriousness of the challenge, and provides reason for optimism that a potential political consensus to address the problem. However, decades of experience indicates that the federal government’s traditional approach to preventing misspending and fraud—which has generally focused on improving transparency, making estimates, encouraging oversight, and in some cases increasing information sharing—has been insufficient. That Sen. Braun introduced legislation to require the IRS to set “performance targets” nearly four years after Congress passed legislation requiring the IRS to take immediate action to curb improper payments indicates that this traditional approach is unlikely to prevent hundreds of billions in annual government misspending. Rather than pass new laws to direct agencies to “do better,” policymakers should take a new approach to fighting waste and abuse: digital identity verification.

2. Government digital identity models 

A promising strategy for modernizing government benefit delivery and improving program integrity involves updating the technologies that governments and people use to access public benefits.

Around the world, governments are increasingly establishing digital identity systems to facilitate secure interactions with government agencies. Several countries—most notably Estonia and India—have successfully established digital identity systems to help people access government services and secure interactions. Such systems work by pairing a chip-enabled ID card with a PIN that the user memorizes, much like a personal bank card. Unlike Social Security numbers, which are effectively in the public domain and available for wide misuse, the modern digital approach makes it very difficult to misappropriate one’s identity. India’s Aadhaar system is now used by more than a billion people. The European Commission plans for all European Union citizens to have access to a digital ID by 2030. 

There is also growing interest in cryptographically secure digital identities. For example, at least eleven states have established mobile drivers’ license options for people to use digital IDs, while more than half of the states are working to implement similar programs. 

But the most comprehensive models have been implemented in Estonia and India.

Estonia 

Since 2002, Estonia’s digital identity program has become a global model. The digital ID allows Estonians to conduct business and interact with the government electronically, with nearly all services—outside of entering or dissolving marriages—able to be conducted online. The ID regime is central to Estonia’s e-governance model, which is based on decentralization, integrity, interconnectivity, open platforms, transparency, and strict rules over data collection. For example, the e-governance regime provides citizens “the right to see their personal information and how it is used by the government via log files.” The e-governance model has been developed to manage the nation’s significant cybersecurity risks, including the historic 2007 cyberattack by Russian hackers.

The Estonian digital ID is connected to a network of public services—600 in total— and a commercial sector of 2,400 businesses. Estonians receive a digital ID and an 11 digit code that verifies the person’s identity to access digital services and make transactions. Virtually all Estonians now have a digital ID. The ID can be used to verify identity to log into bank accounts, to vote, to check medical records, services, and prescriptions, to form companies, and to pay taxes. As of 2016, data was stored across 900 different databases, a model of decentralization aimed to address the risks of a potential cyberattack.

The Estonian model also provides swift enrollment and delivery of government benefits. The digital ID has increased the efficiency of many public sector services. According to a government report, the e-governance model has saved two percent of the nation’s GDP “due to collective use of digital signatures,” “more than 800 years of working time annually,” and a reduction of red tape that allows businesses to be typically be established within five days or a few hours. The Estonian model provides swift enrollment and delivery of government benefits. A newborn child is automatically enrolled in government systems and parents are notified about the child’s eligibility for various government benefits.

These efficiency gains extend to the private sector with nearly all businesses established online and the vast majority of banking transactions conducted electronically. Relying on the national digital ID reduced costs for the private sector by allowing companies to forgo establishing their own identity management systems. The compliance cost of taxation has been reduced to just minutes. A review of the Estonian e-governance and digital ID system by PWC described the benefits as including facilitating travel, health care access and record keeping, remote voting, and secure banking.

India

Fifteen years ago, India lacked a national identity system, posing considerable challenges to its vast population. A majority of the population lacked access to banking and at least one in three people did not have a birth certificate. In 2010, India established the Aadhaar (“Foundation”) program, which provides a randomly generated twelve-digit identification number and card to each Indian citizen that is linked with biometrics— fingerprints and iris scans—for verification purposes. Like the Estonian digital ID model, the Aadhaar system was designed to be secure and interoperable, allowing government and private sector entities to exchange data using multiple interfaces and authentication mechanisms to verify identity. 

By 2022, the Indian government reported that 1.3 billion people had enrolled in the biometric digital identity system, comprising nearly all Indian adults. The Aadhaar system provides a range of benefits for citizens, the government, and the private sector. With a biometric ID, people are able to access government services, including efficient electronic transfers, and the banking system in a trusted way. For example, a 2019 survey found that 80 percent of ID holders reported that the system had improved the delivery of government benefits. For the government, the digital ID has yielded efficiencies in government program management and significant fraud reduction, with the cost of administering the program a fraction of estimated fraud savings. According to research published by UCLA, the Aadhar ID program, which cost $1.5 billion, achieved $12 billion in savings from reduced fraud. For the private sector, relying on the government-sponsored digital ID has also reduced the cost of enrolling customers. Critics of the program have raised concerns that the collection of biometrics creates significant privacy risks. However, supporters counter that the benefits of providing identity to marginalized people outweigh these risks. 

European Union and other countries 

In 2021, the European Commission announced a framework for a voluntary digital identity system available for all citizens of European Union countries. The plan was to allow citizens to “to prove their identity and share electronic documents from their European Digital Identity wallets with the click of a button on their phone,” as well as to “ access online services with their national digital identification, which will be recognized throughout Europe.” The initiative is part of a broader European Union plan to achieve broader digitization goals by 2030. In 2024, the European Union Digital Identity regulation was finalized, which requires European Union member countries to offer a digital identity wallet by 2026. The European Commission describes a central aim of the new regulation as to strengthen government payment integrity and benefit delivery, including “making it easier for citizens to access government services online and boost uptake” and to prevent fraud by improving identity verification. 

In 2022, the Digital Identity Working Group, including government representatives from eight countries—Australia, Canada, Finland, Israel, New Zealand, Singapore, the Netherlands, and the United Kingdom— issued a set of principles for establishing digital identity systems. The report recommended alignment between national digital identity programs to support “cross-border use and benefits,” harmonizing legal and policy frameworks, and establishing “interoperable technical models and infrastructure.”  

Digital identities and electronic benefit administration in the United States

In the United States, states have begun establishing digital IDs and drivers’ licenses that can be stored on a person’s smartphone and used to verify his or her identity with government authorities. According to IDScan.net, more than half of the states have established or are working toward mobile drivers’ licenses. Eight states currently offer digital drivers licenses that can be accepted by the Transportation Security Administration at participating airports for the purpose of commercial air travel. 

States are also providing opportunities to access federal and state-managed benefit programs electronically. According to Code for America, all states have established online systems for accessing at least one of the following federal benefits programs: 

• Medicaid
• Supplemental Nutrition Assistance Program
• Temporary Assistance for Needy Families
• Child Care Assistance Program 
• Special Supplemental Nutrition Program for Women, Infants, and Children

Colorado, Georgia, Michigan and Nevada have created online applications for all of these programs.

In 2023, the Senate Homeland Security and Governmental Affairs Committee passed the Improving Digital Identity Act with bipartisan support. The bill would establish a task force to review federal identification verification rules and provide guidance on establishing digital identities, including to protect personal privacy. The Committee explained that “enhancing digital identity across federal, state, and local governments, in coordination with the private sector, to avert fraud, prevent identity theft, and enable individuals to verify their identities online more easily and reliably can result in a more secure online environment.”

Login.gov

In 2017, the General Service Administration (GSA) established Login.gov as a tool for the federal government to provide people with a single and secure means to log on to federal government websites. GSA estimates that 100 million Americans have used Login.gov, and, as of August 2024, “10 million monthly active users and 40 million monthly sign-ins across nearly 50 agencies and states.”  The service is used by a majority of federal agencies (including 21 out of 24 CFO Act agencies) and a growing number of states and localities. An October 2024 GAO review of Login.gov reported that sixteen agencies reported that Login.gov “improved their operations by decreasing the workload for agency employees, addressing existing security issues, and employing new technology.” The report also showed that eleven agencies reported that it improved customer service while seven agencies highlighted cost savings achieved..

The service includes a three-step, non-biometric identity verification process and incorporates security measures, including multi-factor authentication, to protect users’ accounts. GSA allows users to verify their identity in person at post offices by bringing a state-issued identification card, a Social Security number, and phone number. They also can conduct remote identity proofing, which may involve information sharing with third-party vendors, including Lexis-Nexis and ID.me. In October 2024, GSA announced plans to offer facial recognition for users to access Login.gov. The agency also reported providing support services in multiple languages 24 hours per day and 7 days per week that can be accessed by phone or email. 

Importantly, the General Services Administration has begun using Login.gov and its secure, identity verification tools to support federal and state efforts to reduce misspending. In August 2024, GSA reported: 

Cash benefits, such as unemployment insurance, are particularly subject to identity fraud. To modernize and strengthen these systems against fraud, Login.gov partnered with the U.S. Department of Labor Unemployment Insurance (UI) to provide identity verification services to states administering UI benefits. Arkansas was the first state to use Login.gov in its UI system, launching a pilot in 2022. The program was a success, leading to partnerships with other states: Hawaii, Utah, Massachusetts, New Hampshire and West Virginia. With the Department of Labor and Login.gov, these states were able to modernize their UI Systems to protect their programs against identity fraud while still ensuring access to Login.gov’s systems.

This partnership should be a focus of Congressional and nonpartisan oversight to identify how and whether the broader use of Login.gov to support states’ management of federal unemployment assistance reduces improper payments and achieves taxpayer spending. 

3. Policy, administration, and implementation issues and ongoing government efforts 

With governments around the world modernizing identity verification and streamlining access to public and private sector services using digital identities, the United States should move toward the digital identity model, including by building upon the ongoing adoption of Login.gov. The potential benefits include substantially reducing federal misspending and fraud, while significantly reducing the administrative burden for accessing federal benefits. The latter could substantially reduce poverty and improve the quality of life for many Americans. McKinsey analysts Axel Domeyer,  Mike McCarthy, Simon Pfeiffer, and Gundbert Scherf described the potential of a successful digital ID program design and adoption as the following: 

Digital ID is a key enabler for modernizing public services such as those related to healthcare, welfare payments, certifications, and licenses. It boosts convenience for users, eliminates potential travel costs, and minimizes waiting times by allowing remote online authentication. From a government perspective, the technology enhances administrative efficiency—reducing paperwork, speeding up processing, and reducing the risk of identity fraud.

To be clear, establishing a digital identity to facilitate benefit enrollment would not address all of the federal government’s improper payment challenges, nor all of the issues that create an administrative burden for accessing federal benefits. However, a federal digital ID could address key challenges of identity verification and support information sharing across federal programs. Such streamlining could enable better oversight while also improving benefit access and enrollment processes.

NIST Digital Identity Guidelines 

The National Institute of Standards and Technology has long established national standards for information technology and security. For example, in 2002, Congress passed the Federal Information Security Management Act (FISMA) which authorized NIST’s standard-setting authorities. This role under FISMA was reauthorized in 2014. Since 2017, NIST has published and updated standards and guidance for governmental use of digital identities: 

The guidelines cover identity proofing and authentication of users (such as employees, contractors, or private individuals) interacting with government IT systems over open networks. They define technical requirements in each of the areas of identity proofing, registration, authenticators, management processes, authentication protocols, federation, and related assertions.

In 2024, NIST is in the process of finalizing the process of its fourth revision to these guidelines, a process that incorporated feedback from nearly 4,000 comments. 

These standards should inform the development of a federal digital ID. For example, the Government Accountability Office recently reviewed Login.gov and evaluated compliance with the NIST guidelines. As discussed above, GAO found that agencies reported benefiting from the use of Login.gov.However, the Congressional watchdog agency also identified ways to improve how Login.gov is used. For example, a dozen agencies cited challenge due to Login.gov’s noncompliance with NIST guidelines, specifically the second of the NIST guidelines identity assurance levels, which includes evidence that “supports the real-world existence of users’ identities,” such as “a passport or driver’s license, and remote biometric evidence, such as a ‘selfie.’” Specifically, GAO found that remote identity proofing needed additional enhancement: 

NIST’s identity-proofing process has a third step called verification. This step involves users providing a “selfie” of themselves to match to the photo from the state-issued ID that was provided during the resolution step. Currently, Login.gov’s identity-proofing process does not include this step. To address this, GSA reported that it started a pilot in May 2024 that intends to provide a remote identity proofing option. However, as of August 2024, GSA has not provided an estimated timeframe for when this option will be available to the public.

While this finding highlights an area of improvement for Login.gov, it also reveals how legislative branch oversight can leverage the NIST guidelines to monitor compliance with best practices and to promote public and government agency confidence in digital identity technologies.

NIST has taken proactive steps to promote public confidence in these guidelines. For example, in 2024, NIST, Georgetown University’s Digital Benefits Network, and the Center for Democracy and Technology announced a collaborative project to research and further develop the guidelines through “ public workshops and working sessions to encourage community dialogue, gather input, and foster a deeper understanding of the applicability of digital identity risk management in the public benefits ecosystem.” NIST explained that the purpose of the project was to “develop resources that help providers balance security, privacy, equity and usability.”

Joint Financial Management Improvement Program’s Identity Verification Key Practices 

The Joint Financial Management Improvement Program (JFMIP), which is a project involving the Office of Management and Budget, the Office of Personnel Management, the Treasury Department and GAO, published a report identifying key practices for using identity verification to reduce improper payments. The report explains that while many factors contribute to the problem of government improper payments, “One potentially significant factor is applicant identity—verifying that the person who is attempting to interact with a federal program office is who they claim to be.” The JFMIP report provides six key considerations for a federal agency or program office for considering identity verification, including identifying and analyzing program risks, establishing risk tolerances, determining, designing and implementing controls, and sharing data and information. 

GAO’s ID Verification Controls Simulator

Federal experts have also taken steps to begin modeling how strengthening identity verification could address federal misspending. For example, GAO built an “ID Verification Controls Simulator,” which allows users to model and analyze how various controls would affect improper payment rates. GAO explains: 

The Identity (ID) Verification Controls Simulator is an interactive illustration of concepts identified throughout the corresponding Joint Financial Management and Improvement Program (JFMIP) Report, which program offices or a central management entity could consider for the purposes of enhancing identity verification, and potentially reducing improper payments to increase payment integrity.

The model allows analysts to predict how strengthening ID verification would result in “both improper- and proper-payments prevented,” administrative costs, and the program’s reputation (including participation burdens as well as privacy and security implications). Broadly, the model demonstrates the relationship between strengthening ID verification controls with a stronger reduction in both improper and proper payments with more stringent program rules resulting in decreased participation and satisfaction with the program. 

Policymakers could simulate the effects of establishing a federal digital ID. GAO should be tasked to consider modifications to the model’s assumptions given the potential for a digital ID to streamline and reduce the time tax associated with accessing federal benefits. 

Federalism and the example of REAL ID showing resistance to federal ID standards 

In the United States, the largely state-based legal identities regimes reflect the nation’s long standing federalist traditions. The lack of a federal identity regime has resulted in a complicated balance of federal and state laws governing identity management and verification. 

Following the 2001 terrorist attacks, the 9/11 Commission recommended federal standards for drivers licenses to address security vulnerabilities. In 2005, Congress enacted the REAL ID Act which established standards for state-issued diverse licenses used for the purposes of travel and accessing federal and secure buildings. The federal standards included the information required to appear on the card, as well as an electronic system for verifying the ID and other security measures to prevent tampering. States were required to update their systems to meet these standards within three years. The law provided funding in the form of grants to states to enable implementation. 

As of 2018, only 37 states and D.C. had established identification programs that complied with the federal law and DHS guidelines. In 2022, DHS announced the latest enforcement delay, pushing back the deadline that a federal REAL ID will be required for commercial air travel until 2025. The twenty year timeline for implementing federal ID standards highlights the challenge that Congress and federal agencies face to require states to comply with federal law and update their practice for issuing identities. 

Security and privacy 

Managing cybersecurity is a longstanding challenge for the federal government, as well as for the private sector. In 1997, the GAO identified information security as a high-risk area for the federal government. Congress has passed laws requiring federal agencies to update security practices, notably the Federal Information Security Modernization Act . However, ongoing audits by numerous inspectors general and the GAO show that compliance remains a problem. A recent review found that, as of 2020, only 7 of 23 federal agencies’ information security programs were judged to be effective by federal watchdogs. 

Widespread weaknesses in cybersecurity practices has resulted in major data breaches that have exposed Americans’ sensitive and personal information. Notable federal data breaches include the 2015 hack of the Office of Personnel Management’s security clearance files, which affected more than 20 million Americans, and the 2006 breach of the Department of Veterans Affairs, which compromised 26 million. More recently, federal agencies also suffered major cyber attacks when Chinese and Russian hackers breached software used to manage networks, resulting in the exfiltration of sensitive information.

Beyond government vulnerabilities, American companies have been hacked exposing sensitive data, including Americans’ Social Security numbers (SSNs). In 2017, hackers breached Equifax and stole the personal information of 145 million Americans. As a result of this breach and others, pilfered SSNs are often used for identity theft. 

Fraud and identity theft remain a costly problem in the United States. For example, the Federal Trade Commission reports that Americans lost more than $10 billion to fraud in 2024, based on 2.6 million fraud reports. 

The challenges of safeguarding sensitive information poses both an opportunity and a challenge.

Federal policymakers and the American people should recognize that SSNs should no longer serve as the primary method for authenticating identity and accessing services.

A new, more secure identity management system could be welcomed by the American people, but the government’s poor track record of cybersecurity and complying with its own rules for information security may undermine the public’s trust and confidence in a federal digital identity program. 

Government information technology management and data sharing 

Along with federal information security, information technology management is also on GAO’s “high risk” list of major challenges for the federal government. Federal agencies spend nearly $100 billion annually on IT. Modernizing and improving federal management of IT systems and acquisitions programs has been the focus of several laws over the past decade. 

For example, the Federal Information Technology Acquisitions Reform Act of 2014 updated federal law to empower federal civilian agencies’ chief information officers with border authority to manage IT acquisitions. The Modernizing Government Technology Act of 2017 established a Technology Modernization Fund (TMF) intended to support modernization projects, which has received and invested roughly $1 billion in funding. The TMF operates as a working capital fund, designed to leverage a funded appropriation to support IT modernization projects, including cost-saving reforms that allow federal agencies to return funding to the TMF. In addition, the executive branch has undertaken several initiatives to modernize IT, such as the establishment of the OMB’s U.S. Digital Service and the General Services Administration’s 18F. GAO reports that the TMF provided “about $187 million…to expand the usage of Login.gov by strengthening its security and anti-fraud protections, addressing identity verification barriers, and improving ease of agency adoption.”

Recent GAO reviews have found that federal agencies have made progress addressing watchdog recommendations to improve IT management. However, as of May 2024, GAO reports that more than 200 IT recommendations remain open. Key recommendations include modernizing the federal student aid program, a challenge many Americans discovered when they or their children applied for student aid in 2024. Similarly, a 2016 recommendation to update aging systems and improve high value IT assets, including major Treasury, Veterans Affairs, and Social Security Administration systems, remains unfinished.

A related challenge for federal IT management involves data sharing, access and utilization, specifically widespread federal misspending. Past reform efforts have attempted to address data sharing needs, such as allowing multiple federal agencies to access Social Security’s death master file. This access would help ensure that federal benefits are not awarded to the deceased. But federal agencies and Congress have not taken the necessary actions to access or use data to reduce fraud. For example, the IRS not using available wage data which may stop fraudulent refunds. Moveover, Congress could provide additional statutory authority for agencies to share information and data, such as allowing the Small Business Administration and Social Security Administration to prevent misspending in various loan programs. GAO reported in 2019 that the Department of Education should “obtain data to verify income information for borrowers reporting zero income on Income-Driven Repayment applications,” and recently estimated that doing so could save $2 billion over a decade.

A national initiative to establish a federal digital identity regime should anticipate and overcome potential IT challenges. Moreover, policymakers should anticipate potential challenges related to acquisitions management, such as the challenge of the federal government contracting with business to provide technology solutions to support a federal digital identity system. In addition, the federal government may need to upgrade existing information technology systems to interface with a digital ID system. One opportunity may be to leverage the Technology Modernization Fund. According to GAO, TMF has received $1.23 trillion in funding as of 2023, yet awarded only $636 million for projects, which suggests that considerable unspent funding may be available to support a significant IT modernization project that has the potential to yield considerable cost savings. GAO’s review revealed that few of TMF’s projects have yielded cost savings to date.

Ensuring vulnerable populations have access to identification and government benefits

Establishing a federal digital identity system to access certain government benefits should anticipate the needs of vulnerable populations, such as the homeless, or current or former foster youth. For example, many Americans do not have driver’s licenses or state identification, which currently serve as the mainstays of identity verification. In 2024, the Center for Democracy and Civic Engagement at the University of Maryland published data showing that approximately 21 million Americans lack a current driver’s license, and that Black and Hispanic Americans were disproportionately less likely to have them: 

Over a quarter of Black adult citizens and Hispanic adult citizens do not have a driver’s license with their current name and/or address (28 percent and 27 percent respectively), compared to about one out of five adult citizens who identify as Asian/Pacific Islander (21 percent) or White (18 percent). Eighteen percent of Black adult citizens, 15 percent of Hispanic adult citizens, and 13 percent of Asian/Pacific Islander adult citizens do not have a license at all, compared to just 5 percent of White adult citizens.

Ensuring that all Americans have ample opportunity to obtain a federal digital ID should be a priority of any initiative. Such measures could involve extensive outreach and partnering with state and local governments, as well as civil society organizations, to engage high-need communities and individuals.

Policymakers should also consider how lack of regular access to electronic devices would prevent some Americans from using or participating in a digital ID program. For example, The Joint Financial Management Improvement Program identity verification report describes how using digital information to verify identity “may not be ideal for those who lack access to a personal electronic device.” The report explains how other common mechanisms may not work for people who lack access to banking, computers or phones,or housing. Any initiative to establish a digital identity should proactively address potential risk that vulnerable populations may lose access to government benefits or otherwise may be marginalized by the implementation of a new identity verification regime. 

The question of non-legal residents, identification, and access to benefits

Another major question that policymakers must consider when designing a digital identity model would be how and whether illegal immigrants should be eligible. Deciding whether and how illegal immigrants should be eligible involves one of the most contentious debates in public policy, particularly how to treat those individuals who have been living in the United States for long periods—such as people covered by the Obama administration’s Deferred Action for Childhood Arrivals (DACA) and the Deferred Action for Parents of Americans (DAPA) communities. Federal and state policies and programs affected by any federally supported digital identity system could reflect existing law, benefit eligibility, and government enforcement issues, while Congress, the White House and policymakers address these complicated questions. 

4. Federal Policy Recommendations 

Adopting a federal digital identity system could yield many benefits for the United States. 

First, a well-designed digital ID for certain social welfare programs has the potential to significantly reduce the administrative burden associated with federal benefits, potentially increasing enrollment and participation. Better program uptakeould have significant benefits for lower-income Americans. 

A federal digital ID also could substantially reduce spending through stronger identity verification. Over time, a federal digital ID could replace Social Security numbers as the de facto national personal authentication mechanism. A more secure digital ID could substantially reduce identity theft and fraud and provide substantial cost-savings for both the private and public sectors. 

In the short run, federal policymakers should pursue incremental reforms to begin establishing a limited and voluntary digital ID, including the following recommendations: 

1. The Office of Management and Budget, Office of Information and Regulatory Affairs, and the Joint Financial Management Improvement Program should launch a federal initiative to establish a voluntary digital ID, building upon Login.gov, to reduce the time tax of federal benefits and to strengthen federal program integrity. The initiative should expand upon and strengthen services provided by Login.gov, which is used by 80 million Americans as well as federal and state government agencies.

2. Congress should direct the Government Accountability Office to evaluate alternatives to Login.gov for establishing a federal digital ID, and to examine how a digital ID initiative could affect program integrity, along with the time tax or administrative burden associated with federal programs. Moreover, Congress should direct GAO to review and provide recommendations for whether a voluntary federal, digital identity could affect improper payments, including by expanding the use of Login.gov.

3. Congress should direct the relevant federal agencies, including Treasury Department, in consultation with the Social Security Administration, the General Services Administration, the Department of Labor, and other relevant agencies, to use Login.gov or an alternative digital ID system for securely administering means-tested federal benefits. The system should incorporate default enrollment with voluntary opt-out.

Best practices for implementation 

Any federal initiative to establish a digital ID for government benefits should align with the following guidelines or establish the following best practices: 

1. The NIST digital identity guidelines should serve as a framework particularly for safeguarding user privacy. 
2. The program should establish interoperable data management, starting with the public sector but potentially to include the private sector in the future. 
3. The digital ID should incorporate Estonia-like transparency functions, allowing Americans to review how their data is being accessed and used. The federal government should ensure that Americans are aware of how to use these tools.
4. For the best combination of uptake and voluntarism, a federal initiative to establish a digital ID for welfare benefits should incorporate default enrollment with voluntary opt-out.

Conclusion

The United States faces two major challenges administering federal benefits. One challenge is that many at-risk Americans are unable to access federal benefits that they are entitled to, in part due to the administrative burden of enrolling in and accessing federal benefit programs. Another is preventing improper payments and fraud which cost the federal government billions of dollars every year. To date, policy reforms to address these challenges have fallen short.

But based on the successful experience of other countries, establishing a voluntary federal digital ID has the potential to both improve federal social welfare program enrollment and benefit delivery while also strengthening program integrity by introducing stronger identity verification. In 2025 and beyond, the White House and Congress should work to establish a federal digital ID, potentially building upon the successful Login.gov program, to strengthen program integrity and accessibility.