The GIN (Government Issuance Number) is created at birth, but not provided to the citizen (or parents) until the citizen needs the number. To assure that no other person acquires a citizen’s GIN, a DNA scan is done to prove authenticity. At birth, a child’s DNA test will be issued to collect the needed genetics for biometrics. That scan will be inserted into the HHS database which generates a GIN. This means that not even a parent can acquire the GIN of the child.
If the child needs an account in their name, but under the responsibility of the guardian (such as telephone service), the guardian can acquire a special GAON which will require both the child’s and guardian’s ID card. This will continue until the guardian terminates the line, or until the child receives their GIN, and therefore have to acquire a GAON for all of the services that are under their name. When it comes time for the child to acquire their GIN, they will go to the HHS office where a worker will take a cheek swab of the person, and verify that with AI and a database for verification. If the two matches, then the worker will prepared everything the person will need.
The worker will emphasize to the person that the GIN should never be given to anyone including significant others. Gaining the GIN will allow a bad actor to do a lot of damage including transferring GBI payments to another account, or otherwise close accounts through the government portal. This is because the automated system with the government has no way of verifying the DNA. The GIN is a compliment to DNA comparison. The only entity that the GIN should be disclosed to is a government agent, or telephone number. All government telephone numbers begin with 1. The government will never call asking for a GIN. Instead, they might receive an automated message to call the government entity at a number that begins with 1.
The person should bring their computer, and smartphone with them. Once they are ready to receive their GIN, the case worker will help the person with creating a government account. They will also be encouraged to provide 2FA, and have an authenticator app to install on their device. 2FA is essential to protect the account even if the bad actor acquired credentials. If so, the bad actor will need the 2FA code which is only available on the handheld device of the person the account belongs to. Any new devices will initiate a 2FA code, and if the bad actor fails to provide this code, a message will be sent to the person notifying them of an login attempt that failed. At the very least, they should change their password, and notify HHS about the potential breach attempt. The government will never ask for a 2FA code, even if person calls the government.