The United States has once again begun a national debate about what proves U.S. citizenship. While the policy discussion is important, the real issue is execution.
Policymakers and the public alike expect certainty in who is eligible for federal benefits, who is a citizen and who is entitled to vote. That is not an unreasonable expectation. The United States’ system, however, was designed in a way that cannot answer these questions.
The current system, tasked with delivering answers, is fundamentally fragmented, built on a patchwork of documents and processes that were never intended to function as a unified baseline for proof of identity or citizenship. The result is a growing gap between expectation and reality—one that is increasingly difficult to ignore.
Efforts to adjudicate eligibility for public programs and verify voter participation rely on the same underlying capability: the ability to definitively confirm identity and citizenship status across a population of more than 335 million people. That level of precision cannot be achieved through today’s decentralized framework of locally-generated birth certificates, state-issued identification, and federally-produced Social Security cards and passports. And without a foundational baseline, confidence in citizenship remains out of reach.
This tension is not unique to the United States—but the American response to it is. Many developed nations – including most European Union member countries, Singapore, and South Korea, for example – have accepted a clear tradeoff: greater efficiency and accuracy in identity and citizenship verification in exchange for a centralized framework (a national ID card system.) The United States has consistently chosen a different path, shaped by a longstanding concern about government overreach, surveillance, and the potential misuse of centralized data. Civil liberties advocates have cautioned against the risks of centralized data, while others have defended the flexibility—and ambiguity—of a federated system.1
A practical place to examine the limitations of today’s decentralized system is to look at the systems and credentials currently in use – those most often cited as proof of identity or citizenship in the United States.
The Foundational Problem: Birth Certificates and Fragmented Identity
If there is a foundational weakness in the U.S. identity framework, it begins at birth. Birth certificates are the primary evidence of citizenship for most Americans. They serve as the starting point for obtaining other forms of identification, including passports and driver’s licenses. A birth certificate is likely the first legal document one acquires. Yet the system that produces them is inherently decentralized.
Birth records in the United States are issued and maintained across 57 jurisdictions nationwide and supported by thousands of local vital registrars, each operating under its own authorities, processes, and funding, which may limit the ability to invest in the necessary continued security improvements given the importance of the recordation of birth.2,3 This structure reflects a deliberate choice to keep vital records under state and local control. And in doing so, differences in issuance, record-keeping and data quality persist across jurisdictions, creating a fragmented foundation for documents that are widely treated as definitive proof of citizenship.
Unlike driver’s licenses—standardized and strengthened under the REAL ID Act of 2005—birth certificates have not received comparable federal standardization, despite the 9/11 Commission calling for both to be addressed. Thankfully, through efforts led by the National Association for Public Health Statistics and Information Systems (NAPHSIS), vital records agencies nationwide have improved the ability to confirm the existence of birth records across jurisdictions via electronic verification.4 These modernization efforts include the Electronic Verification of Vital Events (EVVE) system, which enables authorized agencies to electronically verify records directly with issuing jurisdictions rather than relying solely on visual inspection of paper documents. Prior to these advances, verification was paper-based, slower, manual, and more vulnerable to fraud, particularly given the wide variation in birth certificate formats and the limited ability of one jurisdiction to verify records issued by another.
These advances represent meaningful progress. However, the advances focus on enhancing verification—the ability to confirm the existence of a birth record—not standardization, which would ensure that all birth certificates meet consistent criteria that strengthen confidence in the integrity and reliability of the record being verified. As a result, even these important advances fall short of the 9/11 Commission’s recommendation that the federal government establish consistent standards for the issuance of birth certificates.
Strengthening the integrity and standardization of birth records—and ensuring electronic verification systems can securely work across federal, state, and local agencies—would address many downstream risks.
In addition to a birth certificate, many individuals apply for or are assigned a Social Security Number (SSN) through the Social Security Administration, often in connection with birth registration or later employment and tax requirements. SSNs were originally created to track worker earnings and administer the federal retirement benefits system established during the 1930s. What began as an administrative identifier, however, gradually evolved into a broadly used means of verifying an identity across government and private-sector systems. According to the Social Security Administration, more than 548 million unique SSNs had been issued as of August 2025.5
By the mid-20th century, concerns had already emerged about the expanding use of SSNs beyond its original purpose. From 1946 through 1972, Social Security cards included language stating that the card was “not for identification,” reflecting some level of recognition that the card and number were never intended to serve as a universal identity credential. That disclaimer was later removed, and over time SSNs became deeply embedded in financial, employment, healthcare, and government systems.
As identity theft and fraud increased, concerns on the overreliance of SSNs once again intensified. In the early 2000s, federal agencies began reducing reliance on SSNs as primary identifiers where alternative methods existed. That shift reflected broader recognition that no single identifier provides sufficient assurance on its own. Today, most organizations rely on multiple enumerators or forms of identification and layered verification measures to reduce the risk of fraud, avoid single points of failure, and strengthen confidence in identity validation processes.
REAL ID: Enhanced Identity Assurance While Accepting Structural Constraints
Even the most prominent effort to strengthen identity standards for driver’s licenses –REAL ID – was deliberately structured to preserve state control and avoid the creation of a singular federal system. Enacted in the aftermath of the September 11 attacks, the REAL ID Act of 2005 established minimum security standards for state-issued identification while stopping short of creating a national identity card, reflecting enduring concerns about centralization and its potential impact on civil liberties.6 Additionally, the statute specifically identified limited federal purposes where a REAL ID would be required, such as boarding commercial aircraft and accessing certain facilities.
The application process for a REAL ID requires the applicant to bring in a series of documents – including some that were likely presented previously if the applicant already was in possession of a state-issued driver’s license. The intent of this step is to create a baseline for that applicant’s identity that will be used going forward. Additionally, the REAL ID Act added a new step to the application process; the requirement to verify the lawful status of each applicant. This additional step necessitated the state to conduct a check against federally maintained records.7
It is important to note that when a check for lawful status occurs, that verification is specific to a single point in time (application) and does not constitute a continuous or comprehensive assessment of lawful status once the document is issued. As a result, the possession of a REAL ID does not confirm lawful status at the time it is presented – even for an official purpose – it only reflects the lawful status at the time of application.8
Just as important, the absence of a REAL ID says nothing about a person’s lawful status, only that an individual does not possess a REAL ID. Current debates are conflating this reality – particularly in discussions around voting. In that context, a flawed assumption has emerged: that possession of a REAL ID proves citizenship, or that the absence of one suggests the opposite. It does neither.
Even when an applicant presents a U.S. passport during the REAL ID application process, that information is not encoded on the issued driver’s license. Which is also why presenting a passport does not transform a driver’s license into proof of citizenship.9 REAL ID was not designed to serve as proof of citizenship, only to serve as evidence of identity using a strengthened identification authentication and verification process.
More broadly, many U.S. citizens and legal residents intentionally do not possess REAL ID-compliant identification—whether due to cost, difficulty in meeting requirements, access to documentation or the DMV, personal choice, or lack of need. Individuals who do not drive or fly may have little reason to obtain one. Individuals may find the process for obtaining a replacement birth certificate time consuming, difficult or costly, depending on location and circumstances. Given the driver’s license’s original purpose – providing evidence that the person is licensed to operate a motor vehicle – many states continue to offer non-REAL ID options and several offer them at a reduced cost.
Passports: Strong Evidence, Not Universal Proof
Passports (or passport cards) are often viewed as the closest thing the United States has to definitive proof of citizenship.10 They are federally produced and issued, include strong security features, are backed by a standardized process, and require verification of identity and citizenship at the time of application. In that sense, they represent one of the strongest credentials in the U.S. framework.
But even passports have limits when considering policy. They are not universally held—millions of U.S. citizens do not possess one, often because they do not travel internationally, the primary purpose for which passports are issued. The absence of a passport, therefore, is not evidence of non-citizenship; it is simply the absence of a need for that credential.
Moreover, the ability to obtain a passport is limited in the same way as the ability to obtain a REAL ID. To apply for a U.S. passport, the State Department’s process depends on the applicant’s ability to produce physical evidence of the same underlying documents that define the broader system. To prove citizenship, this would include presentation of: a state, county or city-issued U.S. birth certificate; State Department issued Consular Report of Birth Abroad; or USCIS issued Certificate of Naturalization or Citizenship. Additionally, a photo ID, such as a state-issued driver’s license. Absent these key ‘primary’ document requests, a mix of additional documents may be reviewed to provide proof of citizenship and identification – for example a child that may not have an established identity outside of a birth record and social security card. An individual may be a citizen because of a birthright, naturalization or derivation (such as when a child is born abroad to a U.S. citizen parent.) Evidence supporting these claims is documented across numerous state and federal systems, many of which are not interoperable. As a result, passports – while amongst the most trusted credential in the United States – ultimately inherit both the strengths and the limitations of this decentralized framework.
Consequences, Guardrails, and Path Forward
Identity Fraud
The consequences of the United States’ fragmented identity framework extend far beyond eligibility or voting debates. Every year, millions of Americans become victims of identity fraud—often spending years attempting to restore their financial records, credit histories, and personal reputations. The operational and financial consequences are enormous, not only for individuals, but for banks, businesses, healthcare systems, and government agencies forced to absorb the downstream costs of weak identity assurance. At its core, identity fraud exploits the same structural weakness discussed throughout this article: the United States was never designed around a single, authoritative identity framework. Instead, identity is pieced together across disconnected systems, relying on static data points that – despite concerted efforts to protect them – can be stolen, replicated, or fraudulently reused. Once compromised, these identifiers are difficult to truly “reset,” allowing fraud to persist long after the initial breach.
Guardrails
A strong identity framework should include guardrails that better protect individuals from identity fraud and misuse. Rather than relying primarily on static identifiers, modern systems can incorporate layered protections such as multi-factor authentication, secure digital verification, real-time fraud alerts, stronger identity proofing at enrollment, and the ability for individuals to monitor when and how their identity records are accessed or used. Additional safeguards could include more consistent standards for identity verification across government and private-sector systems, stronger audit capabilities, and mechanisms that allow compromised credentials or identifiers to be more effectively isolated and replaced after fraud occurs. None of these measures eliminate risk entirely, and each raises legitimate questions about privacy, data governance, and implementation costs. But they demonstrate that stronger identity assurance is not solely about government control or eligibility determinations—it can also serve as a meaningful protection for individuals navigating an increasingly digital and fraud-prone environment.
Long-term Integrity and Building for the Next Generation
What this moment calls for is a realistic and forward-looking approach grounded in the recognition that the United States did not build a unified system to establish identity and citizenship at scale. Addressing that reality requires balancing time, cost, complexity, and long-term benefit—and likely pursuing a multi-part approach rather than a singular solution.
To start, the federal government could establish minimum standards for the issuance and verification of birth certificates, consistent with the recommendation made by the 9/11 Commission more than two decades ago. Such an effort would be complex, costly, and time-consuming, and should require close coordination with states, territories, public health officials, security experts, privacy advocates, and risk management professionals. Lessons learned from the implementation of REAL ID—including the operational, political, and civil liberties challenges associated with modernizing identity systems—would be critical to informing any such effort. For example, REAL ID implementation and REAL ID enforcement are not the same thing. States issued compliant driver’s licenses long before federal enforcement deadlines were activated. Strong standards for the issuance and verification of birth certificates would benefit all U.S. citizens.
Some may view the issuance of a national biometric smart card as one potential approach to strengthening identity assurance and verification. Such a system could establish a stronger and more consistent identity baseline moving forward, while also highlighting the importance of addressing longstanding challenges associated with fragmented historical records and underlying data quality. Like any large-scale identity initiative, implementation would require substantial infrastructure across federal, state, and local governments, as well as private-sector partners, to read, authenticate, and verify credentials at scale.
A biometric smart card system would also involve significant upfront investment, ongoing operational costs, continuous technology modernization, and broad adoption to achieve its intended benefits. As with any identity solution, the effectiveness of the credential would depend in part on the reliability of the records and processes used to establish identity in the first place. Policymakers may therefore wish to consider how a smart card could fit within a broader identity modernization strategy, including the sequencing of foundational data improvements and supporting technologies.
In evaluating future options, policymakers may also consider whether mobile or digital credentials, similar to mobile driver’s licenses, offer advantages over a physical card model. It is possible that future identity ecosystems could rely more heavily on biometric verification itself rather than a card-based credential. Several viable paths exist, each involving different tradeoffs related to cost, infrastructure, privacy, governance, and implementation timelines.
Another path is prospective: establishing identity and citizenship at the point of origin and building forward through secure, standardized, and interoperable processes. This approach acknowledges a hard truth—that retroactively resolving identity questions for millions of people may never be fully achievable—but it also recognizes that this reality should not preclude progress. The United States can still build a stronger and more coherent system for future generations, even if it cannot completely resolve the past.
Doing so requires a shift in mindset—from short-term political ownership to long-term institutional integrity. Too often, transformative ideas stall because success may be realized on someone else’s watch. Yet the most consequential governance decisions are those that endure—built not for immediate credit, but for sustained national benefit.
If we want absolute clarity on identity and who is entitled to the rights and benefits of citizenship, we must be willing to accept the systems that make such clarity possible. If we are not willing to accept those systems, we must accept a degree of ambiguity.
We cannot simultaneously reject centralized identity systems and demand definitive, real-time determinations of identity, citizenship and entitlement. We cannot rely on fragmented data sources and expect uniform outcomes. And we cannot treat the absence of data as proof of status without risking both error and injustice. These are the competing expectations that are challenging us today.
A productive path forward would focus on strengthening the integrity of foundational documents, improving interoperability across systems, and establishing clear boundaries between identity verification and rights determination. This approach would preserve core values while addressing operational realities.
References
1 The United Kingdom illustrates the complexity of this debate. Historically, it operated without a national identity card system, relying instead on a decentralized collection of records and credentials. In 2006, the UK enacted legislation to establish a national ID card and centralized identity register, citing security and immigration concerns. But the program faced significant public and political resistance over privacy and government overreach, and it was repealed in 2010. Today, the UK once again relies on a decentralized approach—demonstrating that even close allies continue to struggle with the balance between operational certainty and civil liberties.
2 57 jurisdictions: 50 states, five territories, District of Columbia and New York City.
3 The most recent widely cited publication discussing the number of local vital records registrars was published in 2009 and noted there were “over 6,000 local vital registrars nationwide.” National Research Council (US) Committee on National Statistics, Vital Statistics: Summary of a Workshop (Washington, DC: National Academies Press, 2009).
4 The modern verification efforts created by NAPHSIS reflects the decentralized design. The EVVE system does not create a centralized database; it works by querying records held by the issuing jurisdiction. It can confirm that a record exists and matches—but it does not standardize how that record was created, formatted, or ensure that the record is effectively secured, and it is limited to records that have been digitized by the issuing jurisdiction.
5 https://www.ssa.gov/history/hfaq.html
6 It is also worth noting, that at the time the REAL ID Act was enacted, states had been issuing driver’s licenses for over a century. States strongly believed that licensing authority should remain at the state level and were also mindful of the significant revenue those programs generated.
7 REAL ID was attempting to correct the vulnerabilities identified post-9/11 attacks with respect to state-issued driver’s licenses – to increase the confidence that a person boarding a plane, for example, is who they claim to be and was lawfully present at the time the driver’s license was issued. Interestingly, the REAL ID Act fell short of requiring a check for ties to terrorism.
8 It is important to note that there are limits to the federal government’s data on non-U.S. citizens and residents. Although there have been many attempts – over decades and across Administrations – at improvements and modernization to U.S. government’s systems and records, the United States does not maintain an accurate and real-time database of every immigrant’s and visitor’s real-time status – therefore, it would not follow that anyone absent from such a database is undeniably a U.S. citizen nor would it follow that anyone absent from such a database is illegally present in the United States.
9 Even in the limited case of Enhanced Driver’s Licenses (EDLs)—one of the few state-issued credentials that incorporates a citizenship determination—their role is narrow. Issued by only a handful of states and primarily intended for land and sea border crossings, EDLs are optional, limited in scope, and not widely adopted. They do not function as a universal or scalable solution for proving citizenship across the population. If anything, EDLs reinforce the broader point: even where citizenship is embedded into a credential, it remains fragmented, inconsistent, and insufficient to meet demands for definitive, nationwide verification.
10 The U.S. passport card is a wallet-sized, plastic passport. The card is proof of U.S. citizenship and identity. The card is for U.S. citizens who travel by land and sea from Canada, Mexico, Bermuda, and some Caribbean countries. The card is not valid for international travel by air. https://travel.state.gov
