Design: Tax ID (SP/GP) as encrypted on Profile, Task, Modal, and Post Onboarding Q

Question

Design: Tax ID (SP/GP) as encrypted on Profile, Task, Modal, and Post Onboarding Q

fiorella-io opened this issue 2 years ago · comments

Show tax ID as encrypted on Profile, so SP/GP can use their SSN (critical for the ad campaign).

Problem Statement: The Navigator currently doesn't encrypt SSNs which diminishes the experience for Sole and General Partnership business.

Benefit Hypothesis: Upon supporting secure Tax ID/SSN management within the Navigator, then Sole and General Partnership business will have a better experience in the Navigator. Also, upon securing their Tax ID/SSN SP/GPs can then use the tax calendar.

Assumptions:

Soma's notes from Spike - https://docs.google.com/document/d/1e5nRGgk1q7k1hoZauSO791uTTaQnQjqZEW7CgzgfB6M/edit
V1 has started to be developed: SSN will be treated like a password, users can change it, but not view it. It will be shown as *****1234. If users want to change it, they have to re-enter the entire number

Success Criteria:
Think about V2:

If the user hasn't submitted any information on their tax id - certifications modal, profile, or task screen (tax id): let user see their tax id as they type, once submitted hide it with ***
If the user already wrote their tax id, but did not yet get it validated by Treasury, let user select eyeball to see their tax number before submitting. Once the user submits and we verify the tax id with treasury, lock the tax id number and add ***.

Flexible:

Hide the number with (***)
Show the last 4 digits
Show what they type, once submitted then hide with (***)

v3:

Show number with eye-ball toggle once tax id is locked - UPDATED
Enabling users to manage their Tax ID and SSN from their Navigator profile - unclear what this means

Out-of-scope:

Enabling the tax calendar for SP/GP

Draft User Stories:

Feature Readiness Check List:

Amanda Beall · Answer 1 · Thu Oct 13 2022 23:15:03 GMT+0800 (China Standard Time)

Notes from 10/13 meeting with Soma and dev team

Soma's doc - https://docs.google.com/document/d/1e5nRGgk1q7k1hoZauSO791uTTaQnQjqZEW7CgzgfB6M/edit

FOR V1

dev team suggests that we treat SSN as a password - can change it, but not view it (ex- *****1234)
Users would have to re-enter the number to change for V1

Next steps

For V1 devs are ready to write the story.
Design should start thinking about V2 - revealing the tax ID and change the way the current buttons in Task work

Amanda Beall · Answer 2 · Thu Oct 13 2022 23:36:48 GMT+0800 (China Standard Time)

@fiorella-io @Jesslax @dsullivan-fearless - Took a stab at updating the ticket info based on the Dev meeting. I think the "Flexible" and "Post-MVP" sections could use some validation from yall

Jess Lax · Answer 3 · Thu Oct 13 2022 23:56:03 GMT+0800 (China Standard Time)

v2 looks good, updated v3 which we can discuss when v3 gets priortized

dsullivan-fearless · Answer 4 · Fri Oct 14 2022 04:50:22 GMT+0800 (China Standard Time)

@Jesslax @CeciliaRam @amandabeall @fiorella-io I've been doing some research on handling PII and SSNs in particular, and found language from the DOJ regarding disclosures and notice requirements related to the privacy act - https://www.justice.gov/opcl/overview-privacy-act-1974-2020-edition/ssn For us to discuss as a continue to plan this work.