Identity Assurance: Is It Time For A Government Rethink?

Identity Assurance

Last week the Government Digital Service (GDS) made two announcements about Identity Assurance, revealing that Her Majesty’s Revenue and Customs (HMRC) is going to be the first department to use the identity platform. This marks a change from previous confirmation that Universal Credit would be the first and was announced alongside updated privacy principles in a bid to highlight how privacy is at the heart of the services which will be provided in the scheme.

In recent months, the UK Government has talked on a number of occasions about the upcoming Online Identity Scheme, positioning it as an opportunity for UK citizens to access services and payments online.

The programme will involve eight named private sector organisations holding a digital “passport” for enrolled UK citizens, which will enable that person to access Government online services, such as tax enquiries. The question is, with security concerns around data breaches and ID theft continuing to feature highly in the news, is the planned Government rollout of the scheme supported by the citizens who will be using it?

Our annual Unisys Security Index revealed that 91% of UK residents surveyed support the Government’s plans for the scheme. However, only a very worryingly low number would put their trust in private companies (9%) to manage their identity credentials – exactly the type of organisation the Government has entrusted with the Online Identity Scheme.

In addition only 15% of respondents said they would trust credit card companies to manage a digital identity scheme, whilst an abysmal 4% of the respondents stated their trust in social media providers. However, the overwhelming majority of UK citizens (61%) confirmed they would trust the Government to look after their digital identity data.

It is clear that consumer opinions counter the Government plans for the scheme, yet it is not altogether surprising when you consider a UK citizen’s point of view: “I pay the Government to identify and verify me when I am born (birth certificate), when I marry (marriage certificate), when I die (death certificate) and when I travel (passport and driving license).

“Why should I then have to pay an outside private organisation to verify who I am when I transact with the Government online, when I’ve already paid the Government? Let the Government – possibly the Passport Service (which is also the National Records Office) – be my identity provider of choice.”

The findings suggest that the Government should look more closely at the Identity Assurance model and take note of consumer preferences for a Government owned identity provider. This is timely since the commercial model for Identity Provision by the private sector is, to say the least, not particularly clear. The ongoing changes to the scheme, including the recent announcement that Universal Credit will no longer be the first application of the project, plus the results from the Unisys Security Index survey, provide a moment for the Government to review its identity management strategy.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone
Neil Fisher

Neil Fisher is vice president of Global Security Solutions at Unisys. Previously, he was the vice president of Identity Management within the Unisys Global Public Sector. Prior to joining Unisys, he worked at QinetiQ where he was the focus for security capability development and latterly led their Business Development efforts for the newly formed Security Business. Neil has a broad and rich security background based on a full career in the Army where he was involved in counter terrorist operations and technology support to them as well as being a telecommunications and communication security expert. In his career he has been the Head of Crypto Policy, Head of Information Policy, led Special Project Programme teams on Search, IEDD, and Surveillance. He holds a Bachelor of Science degree in telecommunications systems engineering, and is a UK Chartered Engineer.