US Social Security Number (SSN)
Last updated
Last updated
This component represents a US Social Security Number (SSN).
It allows the user to enter a Social Security Number in the format 078-05-1120, with or without the dashes.
The user input is sanitized to remove any non-digit characters.
The user input is validated:
to ensure that it contains exactly 9 digits, otherwise the field value is considered invalid
and to reject known invalid patterns, such as numbers starting with 000, 666, or 9, or numbers that are all the same digit (e.g., 111-11-1111)
The value is formatted as 078-05-1120 when displaying the value.
The value is stored in the database as a string of 9 digits including two separator dashes, for example 078-05-1120.
NOTE: Storing the value with dashes is a design choice which seems to match the most common usage.
Because a Social Security Number is a sensitive piece of information, by default the value of the field is not shown entirely:
In editable modes, the value is obscured, like a password field.
In readonly modes, such as the View and PDF modes, only the last four digits are shown, like •••-••-1120.
For editable modes, you can configure the field to behave in the following ways:
Always visible
Field is always shown in plain text
078-05-1120
Always obscured
Field is always hidden
•••••••••
Reveal on demand
Field is hidden by default, but can be revealed when the user clicks a "Reveal" checkbox. Useful for verifying the value while keeping it hidden from onlookers by default.
078-05-1120 or •••••••••
For readonly modes, such as the View and PDF modes, you can configure the field to behave in the following ways:
Visible
Field is fully shown in plain text
078-05-1120
Obscured
Field is fully hidden
•••-••-••••
Show last four digits
Only the last four digits are visible
•••-••-1120
These options are controlled in Form Builder or using configuration properties:
at the form control level, using the "Control Settings" dialog
at the form level, using the "Form Settings" dialog
in configuration properties
The default properties are as follows:
Because the SSN is a sensitive piece of information, we recommend that you handle this data in the following ways:
First, consider not requesting this information from users unless absolutely necessary.
Second, if you request it, consider making only transient use of it, such as calling a verification service, without storing it in your database.
Finally, if you do store it, consider encrypting it in your database, and ensure that you comply with data protection regulations such as GDPR. Orbeon Forms , which satisfies this requirement.
Blog post:
