[radiator]

> ... asked to confirm that they are not the same deceased stranger every 12 months since the system, administered by Capita, does not log a disproved link.

This is a bug in their system. Rather than fixing it, they prefer repeatedly and unashamedly asking old people whether they are dead.

[zimpenfish]

To be fair, there have been several stories (normally "world's oldest person!!!" type) where relatives have been claiming pensions and benefits for sometimes decades after the actual person died.

Whether the number of those stories and the amount of money involved is worth the hassle to the people not defrauding governments is left as an exercise to the reader...

[bachmeier]

To be fair? That's like saying "To be fair, some people try to steal money from banks, so it's okay if the ATM sometimes doesn't work."

[ajross]

More like, "some people try to commit fraud, so banks are required to implement AML/KYC processes to make the attack more difficult". Repeatedly asserting one is not dead is, if you think about it, more or less analogous to the documentation requirements for managing a large account at an investment bank.

Is it the best solution? Likely not. But the problem is real and does demand a solution of some form.

[logifail]

> Is it the best solution? Likely not. But the problem is real and does demand a solution of some form.

From the original article: "According to the Department for Education (DfE), which oversees Teachers’ Pensions, death register entries may be matched to scheme members even if personal details differ. The DfE told the Guardian that once a possible match has been identified, the beneficiary may be asked to confirm that they are not the same deceased stranger every 12 months since the system, administered by Capita, does not log a disproved link."

The problem is with the approach in attempting to reduce fraud.

Once a false positive from an incomplete match from the death register is proven false - when the pension recipient tells you they are still alive - you don't need to check up on that same incomplete match every 12 months, because you already know it's false.

Demanding "a solution of some form" completely misunderstands the problem and is the same approach that gave us the Post Office scandal.

[ajross]

> same approach that gave us the Post Office scandal.

I don't follow? This is just a data quality problem. Should it be fixed? Obviously. But everyone deals with bad data. You can't fix that, you just optimize around it.

The Post Office scandal was emphatically NOT about a data quality problem. It was that they were criminally prosecuting people to cover up their data quality problem. Again, everyone has bad data.

[logifail]

> Should it be fixed? Obviously.

The system, administered by C[r]apita, does not log a disproved link... so we get:

DfE: "Hello, are you dead or is our wrong data match from last time still wrong?"

The repeated asking of the same question is them covering up a data quality problem!

[g_p]

> This is just a data quality problem

Isn't this really a process problem (i.e. a missed requirement), so that after the first instance of a queried match (for whatever reason), the unrelated death record (which will have some kind of unique document identifier or can have one derived from the information on it and date of issue) can be excluded from being matched against the subject user? (As realistically you could have 2 people with same name and DOB, it seems like the issue here is not data quality.)

It sounds like nobody created a requirement in the design stage for the ability to say "I've checked this, it's not the same person, don't flag this same death entry again". That's maybe not something envisaged at requirements time, but the need for it now becomes apparent.

[aetherson]

AML/KYC regulations are, well, as the name suggests, anti-money laundering regulations, they aren't about the customers defrauding the bank. The bank presumably doesn't need to have regulations to incent it to keep its customers from defrauding the bank itself.

[AnthonyMouse]

Not only that, AML/KYC regulations are extraordinarily ineffective. It appears that some people thought they were a good idea and passed them without ever following up to see if the benefit is worth the cost, and the answer turns out to be a resounding no.

[zimpenfish]

> passed them without ever following up to see if the benefit is worth the cost

Pretty much the same for all the work UKGOV does to try and combat "fraud", sadly - they always end up spending multiples of the amount they'd save[1]

[1] whilst at the same time enabling fraud of their own like the fast-track PPE contracts, etc.

[swells34]

This is a stupid take. Partly because of the use of acronyms for key terms, but also from the "constantly bothering a person is okay because it makes good security easier for us". There are plenty of good solutions that don't require you to heckle old ladies, and regular queries are generally bad security policy anyways. Regular boilerplate check-ins just breed complacency, after the 30th one do you think the person checking in is going to make sure the voice they are talking to on the other side is the right person? People get lax doing busy-work they know could and should be done by a computer. You ever had a job where you had to change passwords every 90 days? Opposite of security.

[ajross]

> This is a stupid take. Partly because of the use of acronyms for key terms

I thought that was clear enough in context. But: "Anti-Money Laundering" and "Know your Customer". They come up a lot in discussions here. Also, FWIW: if you're unclear about what someone meant, calling them stupid is a really terrible way to educate yourself.

[carom]

AML and KYC are about funding terrorism, not fraud.

[tedivm]

I honestly have to ask if you read the article. The only reason this is happening is because of how their system works, not because of any laws. When they detect that someone with a similar, but different, set of identity information dies they reach out to see if that person is the same as the one paying out the pension to. The problem is that once they confirm it is not the person, they keep asking anyways.

This woman had to confirm three times in one month, and then still had her pension stop.

[kylebenzle]

That is indeed exactly how much of the world works. We have the irs because some people would refuse to pay their fair share of just asked to. We have speed limits because some people will force too fast otherwise.

[SkeuomorphicBee]

That is throwing the baby out with the bath water. The amount of fraud doesn't justify creating such burden on users. The problem is there is a market failure in the form of misaligned interests (the provider's best interest is to make the process as difficult as possible, not only to curb fraud, but also to avoid paying actual customers). This can only be fixed with government oversight and steep fines (so steep that they are more expensive than doing right by their customers).

[zimpenfish]

> This can only be fixed with government oversight

It's a system contracted out from UKGOV being administered on behalf of UKGOV. If government oversight worked, it would have worked already, surely?

[frutiger]

> The problem is there is a market failure in the form of misaligned interests

Misaligned interests don’t create market failures. Usually imperfect information or costs/benefits borne by third parties do.

[pydry]

To be equally fair, "Crapita" (as private eye calls them) is an incompetent joke that scores government contracts through corruption and then pays the bare minimum (below minimum wage in one case) to the providers of its services. There are lots of examples like the one a above.

[flir]

> as private eye calls them

...and their customers... suppliers... partners... employees...

[TheOtherHobbes]

Crapita costs the UK far, far, far, far more than "dead" pensioner fraud does.

[PaulHoule]

I think had relatives in Poland in the 1980s who were collecting social security for a dead person.

The U.S. has a database of social security numbers of the deceased which is quite interesting for a few reasons. It is closely guarded because social security numbers are assigned sequentially by geographic region so if you know someone’s SSN you can get their date of birth or vice versa.

If you manage to get in that database you are really in trouble because every financial institution has a copy of that list and there is no procedure to get you off. It is quite literally a “financial death sentence.”

[withinboredom]

> because social security numbers are assigned sequentially by geographic region so if you know someone’s SSN you can get their date of birth or vice versa.

This has been false for decades. (early '90s, I think?)

[yjftsjthsd-h]

If it stopped being true in 1990, then it remains true for anybody over the age of 34, which is not exactly a small chunk of the population. (Though yes it's a good thing they stopped doing sequential numbers)

Edit: https://www.ssa.gov/employer/randomizationfaqs.html seems to say that the change was only implemented in 2011, which would mean that even more of the population is unaffected.

[withinboredom]

My sisters were born after 1990, and they have random ssn's ... especially compared to my brother and I who were born before 1990 (we were all born in the same city). I think the scheme implemented in 2011 is a more random one than the previous scheme or maybe it wasn't implemented everywhere before 2011, and took 20 years to implement (which is also believable).

[somethingwitty1]

SSNs are no longer distributed in that fashion. They are randomly assigned since 2011. But they also weren't sequential. They were divided up by regions and doled out to more local areas.

[PaulHoule]

Each state is sequential. If you know where somebody is born, it is sequential.

[toast0]

> social security numbers are assigned sequentially by geographic region so if you know someone’s SSN you can get their date of birth or vice versa.

Note that enumeration at birth is a recent policy change. Before enumeration at birth, people would not get assigned a number until they (or their parents) asked for one. So while there is a sequential numbering (before that changed) and its tied to geography, the sequence and geography is connected to time and place of assignment, not time and place of birth.

For example, my parents got SSNs for me and my siblings all at once, sometime in the 80s, I beleive as it became required to claim dependents on tax returns. I don't think our SSNs are sequential, but they're close; however my siblings and I have different birth years and could have been born in different states than where we were enumerated.

[Spooky23]

Closely guarded? It’s not available to the public. There’s probably a few million people who can access the death register in some capacity.

SSNs aren’t secure credentials without validation, period.

[wslh]

To be more fair: it is easy to check if they are alive or not. This is not rocket science.

[gruez]

How is it easy? How do you make sure the old person in front of you is really the pensioner and not her 80 year old daughter?

[rad_gruchalski]

And how’s a photo with a newspaper better?

[wslh]

Sorry, but we have not doing this for centuries if not milleniums for trillion of people before us?

[lazide]

We haven’t at this scale, no.

For most of human existence, you would already know if Bob or Jane was dead, since you’d have gone to their funeral or knew someone who had.

[wslh]

Sorry, I am missing something. Are you saying that the people that are dying every day, in the developed world, is uncounted by a big margin? What is that margin?

[gruez]

For most of human history pensions and social security did not exist, so there was little incentive lie.

[jazzyjackson]

bureauracratized welfare and government identification is relatively new

[userbinator]

In these times, it is only easy in-person.

[mvc]

Even in these times, once you've done the work to disprove the alleged link, it should be easy to log that fact.

[smeej]

Even so, a pension system for UK schoolteachers probably does have the bandwidth to get an in-person identity check done.

[m-p-3]

How do you reliably do it at a massive scale? Other than using some kind of biometrics, there's the possibility of impersonation.

[breezeTrowel]

Simple. The article states they use the UK's death registry. The problem is they have no way to flag an erroneous match for longer than 12 months.

[acdha]

“Massive scale” is a distraction because society is even more massive. For example, if you’re talking about school pensions you have a school system with employees and that means you could do things like have someone check ID in person, and perhaps require a non-relative witness if there’s any question. Doctors offices could similarly be enlisted to certify that person X is the patient they’ve been seeing.

The problem with this is simply that it’s not absolutely free, and the people promising savings through outsourcing need it to be free to make their promises happen. Cutting budgets everywhere removes the slack you need to deal with things like this.

[jacquesm]

You'd think if they are able to reliable set up a contribution scheme that works at scale that they could set up a system to ensure they only pay out to individuals that are still alive.

The possibility of impersonation isn't limited to pension pay-outs but many other things as well. A once-per-year on-site visit would work and would just be a cost-of-business item, and that cost could be lowered substantially by collaborating with other entities who take an interest in such information (banks, governments etc).

[pjmorris]

They send pension checks out to specific addresses and accounts at exactly the same scale. Does it seem unreasonable to add 'attempt to call the pensioner' into the 'maybe they are deceased' part of the verification protocol?

[otikik]

So is to add an extra field “different deceased person with same name”

[Simon_ORourke]

True, and colloquially much of the longevity attributed to countries like Japan may have some basis in this type of fraud. However, every bill comes due eventually and you typically need to present a death certificate in most countries or answer one of these proof of life surveys.

[dazc]

Reminded of the story where a dead body was taken to a post office in Ireland in an attempt to withdraw pension money...

https://www.bbc.co.uk/news/world-europe-60091753

[cracadumi]

Reminds me of Sogen Kato's story :

https://en.wikipedia.org/wiki/Sogen_Kato

[itronitron]

hmm, I wonder how long it will be until someone makes a 'pensioner-bot' that passes for a deceased relative.

[15457345234]

> administered by Capita

if you know

[philjohn]

Oh, I know. This is the same Capita pensions who recently suffered a data breach.

I worked for a company who was acquired by them and, well, as you said, if you know, you know.

[cushpush]

>repeatedly and unashamedly asking old people whether they are dead.

Mortifying

[bananapub]

I mean, in a broader sense it isn't a bug. the government outsourced it to Capita explicitly so there's a responsibility gap into which people can fall and lose their money. it's not like these services suck and are hostile to normal people by accident - if the Powers That Be wanted it to not suck then they wouldn't structure systems like this.

[sorokod]

There is no gap, or rather it is artificial and created on purpose. The government is accountable (not responsible, there is a difference) for the entire process to work without any gaps.

[batch12]

Death comes for us all. Maybe they should come up with a way to confirm this for all of their beneficiaries.

[lloydatkinson]

This is par for the course with Crapita