Publication Digital Identity

Research Process: Account Creation and Identity Proofing in Online Public Benefits Applications

This publication describes the research process and protocol used in the Digital Benefits Networks research project, “Digital Account Creation and Identity Proofing in Public Benefits Applications.”

Overview

First published in 2023, this research project examines online applications across the United States for six programs: Supplemental Nutrition Assistance Program (SNAP), Temporary Assistance for Needy Families (TANF), Medicaid, Special Supplemental Nutrition Program for Women, Infants, and Children (WIC), Child Care Assistance (CCAP), and Unemployment Insurance (UI) to understand when and how states use account creation, authentication, and identity proofing in initial online public benefits applications.

Through this project, we wanted to answer several core questions, including: 

  • When and how is identity proofing identity proofing used across online applications for public benefits programs?
  • When and how are account creation and authentication processes used across programs?
  • What types of personally identifiable information (PII) do applicants need to supply in order to apply online? 

You can read more about our findings and access the data we collected on the Digital Government Hub. On this page, we share more information about our data collection process and approach.

Data Collection Process and Approach

To answer our research questions, we independently collected information about unemployment insurance applications using publicly-available documentation about UI applications from agency websites, application portals, claimant guides, news coverage, vendor websites, and contracting repositories. To collect information about SNAP, TANF, Medicaid, WIC, and child care applications online, we documented online application processes from beginning to end, using sample applicant data without submitting applications.

We chose these approaches—review of publicly available information about online UI applications and assessments of application flows for other programs—over other methods (e.g., surveys, interviews) to comprehensively capture point-in-time information about programs across states and territories. Given the scope of our project and the goal of reviewing all online benefits applications across six programs nationally, we determined it would be unfeasible to gather this information solely via interviews or surveys (for example, we would be unlikely to receive complete responses, or responses from all agencies).

There are however some natural limitations to this approach. Since we could not ask detailed questions of state agencies at scale, and we sometimes encountered contradictory information about a given online application process, there are some entries in the dataset that are incomplete. In these cases we have coded specific data fields as “unknown.” This data has already been enriched and clarified by informal engagement with administering agencies, advocates, and other technology implementers. Going forward, we will continue to seek out opportunities to engage with state leaders and other partners on this topic. 

When we first conducted this research project in 2023, we had to identify data points that would be most relevant for understanding authentication and identity proofing across applications based on our own knowledge and conversations with stakeholders in our networks. In 2024, we built on our approach from 2023 by adding new data points. For each of the data columns we attempted to encode information in ways that most accurately match what an applicant would encounter. For example, we’ve coded biometric identity proofing methods as “ID Document Upload” and “Video/live Selfie” rather than “Biometrics” to emphasize what a claimant is asked to do. Additionally, for some entries, we had to make interpretations based on the information we could access (e.g., an application notes that users will be asked to answer questions about their credit history; even if we cannot access the questions, this suggests the application is using “Knowledge-based verification” or “KBV”).

Data Collection: UI Applications

Between July 15 and August 27, our team reviewed publicly available information on unemployment insurance applications including agency websites, application portals, claimant guides, news coverage, vendor websites, and contracting repositories. For UI applications, a valid SSN is often required early in the claims process. Because some labor agencies appear to immediately check the validity of SSNs entered, we decided to not enter fabricated SSN information or other sample applicant data into these systems. In general, we also did not register for accounts with these portals; however, in some cases, UI applications use state single sign-ons that are used across multiple benefits applications, which let us access more information for a given UI application. 

After initial data collection, we conducted an internal review of each application entry to ensure accuracy and consistency. We spent approximately 75 to 90 minutes reviewing each labor agency’s unemployment compensation application during initial data collection and quality checks. When entering information into our dataset, we erred on the side of caution. This meant leaving fields blank or marking specific columns as “unknown” if there were contradictions or ambiguities in the information we found. We have also used the Public Notes column in the dataset to document those complexities and open questions. In November 2024, we made small updates to a few entries based on new information from a federal agency.

Data Collection: SNAP, TANF, Medicaid,  WIC, and Child Care Applications

To collect data on SNAP, WIC, TANF, Medicaid and child care applications we used sample applicant data to move through application flows from beginning to end without submitting. This involved creating accounts when account features were used. This approach gave us access to more information and texture about the process of applying for SNAP, WIC, TANF, Medicaid, and child care we could access for UI applications.

We collected data on SNAP, WIC, TANF, Medicaid, and child care applications between June 10 and October 15, 2024. After initial data collection, we conducted an internal review of each application entry to ensure accuracy and consistency. Our team spent approximately 75 to 90 minutes working with each application. We have also used the “Public notes” column in the dataset to document nuances and open questions.

Medicaid Applications

In our data collection, we targeted online enrollment processes for Modified Adjusted Gross Income (MAGI) Medicaid. Historically, the federal rules that require states to allow MAGI-eligible groups to submit applications and forms online or via telephone have not applied to non-MAGI populations, although this is changing under a new rule from the Center for Medicare and Medicaid Services (CMS) to align non-MAGI and MAGI application requirements. (Non-MAGI pathways for Medicaid eligibility are based on age or disability). In our data collection process, we encountered several cases where non-MAGI Medicaid was included on the same portal as MAGI Medicaid or alongside other benefits applications. During our data collection process, however, we noticed that it was sometimes difficult to ascertain whether a given portal allowed users to apply for non-MAGI Medicaid. For this reason we did not include non-MAGI Medicaid as a benefits program category in the published dataset at this time.

Integrated Applications

Our data documents which programs a person would see as included on an application (of the six we included in our project for examination). We recognize that on the backend, state agencies may have different definitions for integrated or combined applications.

The data we captured represents applicant experiences when applying to all benefits available on a single application flow (e.g., SNAP + TANF + MAGI Medicaid). We decided to approach data collection this way both for practicality and also to document the most comprehensive experience possible for each application flow. In some cases, if a user applies for only SNAP or only MAGI Medicaid their experience may be slightly different than what we’ve documented here. 

Some states also offer simplified, stand-alone SNAP applications in addition to combined applications (e.g., kynect in Kentucky, or North Carolina’s ePASS). In instances that states have multiple applications that cover the same programs, we have selected one application to include on map visualizations, typically deferring to the application that includes the most benefits programs.

Detailed Description of Data Fields

FieldEntry OptionsDetails
State/territoryTextState/territory for given application
Benefits ProgramMulti-select (SNAP, TANF, Medicaid (MAGI), Childcare, WIC, UI,Benefits programs that application/portal allows users to apply for. Some portals may allow users to apply for other programs (e.g., LIHEAP) but we only document which of these six programs is included
County administered (one or more programs in application)CheckboxTracks whether programs like SNAP or TANF are county-administered in a given state
Administering Agency/AgenciesHyperlinked TextRecord name of agency(ies) responsible for administering programs included on the online application and hyperlink to agency website.  Typically only one agency, but there may be multiple agencies responsible for programs included in a single application/portal
App linkHyperlinkRecords application link

App. Imgs

Img. attachments
Includes images of portal landing page, login screen, and application pages as relevant. 
Screenshots in this column help substantiate the information we record about whether an account is required for an application, whether account is required to return to a case, whether email is required for an account, password requirements, use of additional account security measures, password recovery measures, whether SSN is required, etc. May also include images of help pathways (e.g., chat features, FAQs)
Does application/portal include eligibility screener prior to starting application?
Single select (Yes-Required; No-Not present; Optional to complete)
Documents whether portal includes required or optional eligibility screener ahead of application

Login to start

Single select (Yes; No; Optional; N/A; Unknown)
Records whether an account (login/registration) is required to start the application or claim

Sometimes, portals let you start an application and register during the application process
Login to Submit Online?Single select (Yes; No; Optional; N/A; Unknown)New field in 2024
Records whether an account is required to finish/submit application or claim online
If no account needed to apply, is an account required to return to case/claim later? 
Single select (Yes/No/N/A; Unknown)
Sometimes an application or portal will not require a user to login or create an account to submit an application, but will have the individual create an account following the application process or to return to claim. Marked N/A if an account is required to submit application

Email Required for Account?
Single select (Yes/No/N/A; Unknown)If an account feature is in use, even if optional, records whether email address is required to create an account. If no login/account creation present, marked N/A.

Account login type
Multi-select (Login through external credentials (e.g., Facebook, Gmail, ID.me, etc.); State SSO)Records other information about the login type. For example, several states require applicants to use statewide Single Sign On (SSO) logins to access an application portal. Other states also use federated identity mgmt approaches (e.g., allowing applicants to login to a portal with their existing credentials from another provider, like Apple, Google, or Facebook, or in some cases, identity provider ID.me).

PW Reqs
Multi-select (LUDS (Lowercase letters, Uppercase letters, Digits, Symbols); Min/max length; Number; Letter; PIN; Special Character
Upper/lower case; None; N/A; Unknown)
Records available information about password requirements using options from the dropdown menu. Marked unknown if unable to access PW set up stage or information in other parts of the website. Marked None if no password requirements are present (e.g., need PW but no specifications on what it is) or N/A  if no account is used.  
If a user is asked to create PIN instead of PW, (rather than PIN used for an additional security measure) document that by selecting “PIN” in this field. Mark none if no password requirements present.

Use of Account Authentication/Security Steps

Single select (Yes; No; N/A; Unknown)
Documents if identified additional authentication measures beyond password

Account Authentication/Security Options

Multi-select (Code via SMS; Authenticator App; Email Validation Link; Security Question(s); PIN; Security Image; Code via email; Code via phone call; Security Phrase; Unknown)
This field captures information about additional authentication/account security options used. In addition to any selected features, there may be more in use that we did not find documentation for.
Password Recovery OptionsMulti-select (Self-service: security questions; Self-service: code via SMS; Self-service: code via email; Self-service: Link via email; External process; Non-self-service: Phone Call; Self-service;Non-self-service: Contact Administrator; Unknown)Documents how individuals are able to recover passwords

SSN required?
Single select (Yes; Yes if user indicates they have an SSN; No; May be able to submit without disclosing; Optional; Unknown)Documents requirements related to submission of SSN in an application.

For “may be able to submit without disclosing” SSN is stated as required, but user not forced to fill in field in application.

“Optional” only describes cases where SSN is explicitly listed as optional

Driver’s license or state ID # Required?
Single select (Yes; No; May be optional)This field is most relevant for UI applications

The “May be optional” option for this field captures cases when an application or website indicates that a Driver’s license # is requested but can be omitted (e.g., in cases where a user does not have one).

Did we find information on visible parts of the application or website telling users that the system will run back-end checks or comparisons on PII to confirm identity/eligibility?
Single select (Yes; No)
We can assume that many applications are comparing self-asserted PII to databases (and know this to be the case for UI agencies that reference the Integrity Data Hub), but sometimes this is specifically stated. We record this information as available.

Database/source comparisons (back-end)
TextLists all Database/source comparisons that are named

For UI, this is often the Integrity Data Hub or SSA. May also see references to IRS, SSA, or DMV, IEVS, UCSIS. Assume this is happening more often than we find documentation for.

Data comparison info

Img or PDF

Screenshots to document evidence for any info in previous two fields.

Active ID Proofing Required?
Single select (Yes; No; Optional; Not Always; Unknown)Documents whether applicants encounter any identity proofing user experience or active steps. There may not be sufficient information to assess this, particularly for UI applications, in which case mark “unknown.”

When answering “No” (meaning, no identity proofing required) this determination should be based not just on an absence of information suggesting active identity proofing, but on info about the process (e.g., instructional video, claimant guide; move through process of completing app) that makes it reasonably clear that there is no active ID Proofing required.

When may active ID Proofing be used?

Multi-select (e.g., Before initiating application; During application submission; After application submission; Unknown; N/A)
This field documents when during an application flow a user encounters active identity proofing requirements, if any.

This field is a multi-select field, so we can select multiple options where relevant (for ex. Sometimes there is a situation where identity proofing is prompted during app, but user can circumvent and complete later)

“Before initiating application” tries to capture cases where we found evidence to suggest that a claimant would need to verify their identity before creating an account on a portal, during account creation, or immediately after registering an account.
Identity Proofing Methods
Multi-select (KBV; ID Document Upload; ID Document Mail in/fax; ID Document Submission: In person; Consent to Identity Check; Video/live selfie; Selfie; Present ID Document; Video Call)
Documents known methods used for identity proofing

Choice in ID Proofing Method?
Single select (Yes; No)
This field captures whether a user has a choice in the method of identity proofing they undertake, if identity proofing is used.

ID Proofing Screens/Info Pages
Img.
This field includes images of identity proofing steps/instructions within an application or from an agency website/informational materials.

Publicly named Identity proofing vendor
Text
As available, documents identity proofing vendor(s) involved. This may be apparent on the site, or available via searches of the agency site or news sources. If unknown or N/A, left blank.
Does portal include document uploader for applicants?Single select (Yes; No; Unknown)Documents whether portal includes document uploader that applicants can access.
What actions can someone take on portal described in this entry?Multi-select (Apply for benefits; File Weekly Certification; Renew benefits; Report a change; Upload documentation; View/manage Appointments; Check Application Status; View Notices; View Payment Amount/Benefit Coverage;
Voter Registration)

This field attempts to document what actions an individual can take on a portal. Because we were not submitting applications and actually managing benefits, it is possible that more application features are available than we could successfully identify. 
How does application/portal direct user to access help with application/portal?Multi-select (Phone Call; FAQs
Chatbot; Video Tutorials; Contact form; Help Ticket
Email; User Guide; Unknown)
Documents how an application/portal directs users to get help with the application. 

In general, we were interested in documenting how users are directed to get help using the portal, rather than how they were directed to get information about program policy (e.g., through a UI claimant handbook).

We attempted to document this as comprehensively as possible, but it is possible there are additional help mechanisms for specific applications that we did not identify.


Attachments (optional)
PDFs or ImgsField to capture additional informational context (e.g., user guides, FAQs, etc.)
Public Notes
Text field
This field documents public notes that explain any open questions or unknown data points and high level takeaways about an application.

Access the Dataset

Check out the full dataset + our analysis on the Digital Government Hub.

Questions or Feedback?

As always, we’re eager for your feedback! Did we miss something when reviewing a state’s application? Do you have research questions you’d like us to try and answer using the information in this dataset? If so, email us at digID@georgetown.edu.