Social Security Number verification by javascript and web service

As part of my project, I am required to provide my client a functionality that can verify user’s input Social Security Number by using CBSV’s web service. I’ve read the documents in CBSV’s website, including Consent Based Social Security Number Verification Service (CBSV) | Web Services, but can’t see any example of using jQuery and AJAX. Anyway, here’s what I’ve done so far.

function checkSSN(ssnfield,fnamefield,lnamefield,dobfield)
    var ssn = $("#"+ssnfield).val();
    var first_name = $("#"+fnamefield).val();
    var last_name = $("#"+lnamefield).val();
    var middle_name = get_Middle_name(first_name, last_name);
    var date_of_birth = $("#"+dobfield).val().replace("/", "");
    var age = getAge($("#"+dobfield).val());
    var minor = (age >= 16)?"N":"Y";

        url: "",
        type: "POST",
        dataType: "xml",
        data: {"ssn":ssn, "firstName":first_name, "middleName":middle_name, "lastName":last_name, "dateOfBirth":date_of_birth, "minor":minor},
        contentType: "text/xml; charset=\\"utf-8\\"",
        success: function (data) {
        error: function (xhr, st, er) {
            console.log("Request error:" + er);

function getAge(dateString)
    var today = new Date();
    var birthDate = new Date(dateString);
    var age = today.getFullYear() - birthDate.getFullYear();
    var m = today.getMonth() - birthDate.getMonth();
    if (m < 0 || (m === 0 && today.getDate() < birthDate.getDate()))
    return age;

function get_Middle_name(fname,lname)
    if ((typeof fname == 'string' || fname instanceof String) && (typeof lname == 'string' || lname instanceof String))
        fname = fname.replace(/\\s+/, "");
        lname = lname.replace(/\\s+/, "");
        var middle_name = "";
        var full_name = fname + " " + lname;
        var count_words = countWords(full_name);
        if(count_words >= 3)
            var array_of_names = full_name.split(" ");
            for(var i=1; i < array_of_names.length - 1 ; i++)
                middle_name += array_of_names[i];
            middle_name = "";
        return middle_name;
        return "";

function countWords(s){
    s = s.replace(/(^\\s*)|(\\s*$)/gi,"");//exclude  start and end white-space
    s = s.replace(/[ ]{2,}/gi," ");//2 or more space to 1
    s = s.replace(/\
"); // exclude newline with a start spacing
    return s.split(' ').length;

function _webSSNVerification_forSignUp()
    checkSSN("personalInfo_personalSSN", "personalInfo_personalFName", "personalInfo_personalLName", "personalInfo_personalBirthday");

In the php file that contains the form, I have this piece of jquery code to register event of the SSN textbox after user enters value in it.

    this.addEventListener("blur", _webSSNVerification_forSignUp, true);

And these are the messages that I got in the console.log

OPTIONS 500 (Error) jquery-1.7.2.min.js:4
No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘localhost’; is therefore not allowed access. jquery-1.7.2.min.js:4
send jquery-1.7.2.min.js:4
f.extend.ajax jquery-1.7.2.min.js:4
checkSSN common.js:519
_armSSNVerification_forSignUp common.js:584

My question is, what did I do wrong? How can I call the CBSV webservice to check user’s input SSN?

Please help. Thank you.

prolly this
No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘localhost’; is therefore not allowed access. jquery-1.7.2.min.js:4

Are you able to test/run this script running on a non-localhost webserver (or set it up so it sends out appropriate headers as if it wasn’t “localhost”)?

Did you do all of this?

SSA provides a test environment for CBSV Web Service so that CBSV Web Service clients in
development can connect to this test environment and perform Interface testing of their software with
CBSV Web Service. SSA recommends that the Requesting Parties set up and configure an independent
test environment to connect to SSA’s testing environment. The test environment must be implemented to
replicate the Production environment, including network connectivity, network security, WSS, and SSN
Verifications to ensure proper handling of the responses returned to the client software.

They say you need to ask them ahead of time when you’ll be testing, you need secured certificates, blah blah. Not sure why they bother, since SSN’s are public knowledge and while supposedly “may not be used for identification of anything other than Social Security”, it doesn’t matter since it’s been used as everything from state drivers’-license numbers to something the local hairdresser can use as a cheap/easy ‘unique id’ for her database…

thanks. My client already contacted them about the security thing. Hope they should reply soon. Thanks again for all your help.