03 Dec Hop, Skip…Digital ID
It is true, that every time I have had to take a copy of some sort of physical identification, like my actual passport, to then get certified by a recognised Justice of the Peace (JP) to then submit an application, online or offline, I wonder, how could this process be easier?
I have been privy to this arduous process recently as I tried to apply for registration with healthcare body, AHPRA. I ran into many a brick wall. Firstly, I had lost my birth certificate, you know the one…that one identity document that is right up there with a passport as the most important piece of identification in the arsenal . It tells anyone who needs to know, where you were born, how old you are and who your parent/s are too. An Australian birth certificate coupled with a piece of photo ID, like a passport or licence, is everything you need to identify yourself to official authorities. Right then, I will use my passport….nope, it expired more than 2 years ago. Turns out you can’t get a passport without a birth certificate and you can’t get a birth certificate without 3 official, certified documents. I have been trudging through a world of administrative pain to complete the process. One piece of digital identification could have saved me a truckload of angst and time.
Enter the Digital Transformation Agency campaigning for a digital identity. This definition lifted from the Digital Transformation Agency website, “A Digital Identity helps Australians to verify their identity in a safe and secure way, to access government and other services online. It removes the need for individuals and businesses to visit a shopfront with their identity documents – saving time and money.”
Let’s just be straight, the idea of a digital ID to access many services over and over is not a bad idea. Many of our public services are available online through MyGov as a central portal, some key examples are the Australian Tax Office, Medicare and Centrelink. I use all these services regularly. I receive emails, notifications and refunds through these services. So they have my bank details too. In fact, to sign in I needed to provide many personal details, just as a I would if I was applying for healthcare registration or a passport.
The purpose of online agencies is to reduce face to face contact with a government public service employee, and to tie in the necessary far reaching elements of mygov.au. The government currently does this without the need for a digital identity but you have to sign in through https://my.gov.au/ and receive a code via email/text, this is called 2 factor authentication. It reduces the risk of a security breach.
A single digital identification aligned with government services and beyond is an opt-in system. You don’t have to have a digital identity to access the services, you might in the future though. If the government had a better track record on data privacy then maybe there wouldn’t be such a backlash but there are things that have happened throughout the pandemic that have made government services almost impossible to access any other way than online, 5km movement restriction, anyone?
There is a similar push for digital identity in the U.K. Forbes wrote about the goals of a digital identification system like this, “a successful distributed Digital ID must be scalable, flexible, inclusive, capable of deployment and take-up across the entire of the U.K., and capable of adapting to change – not least in new technologies such as quantum computing.”
What is required as part of a campaign for citizenry to adopt digital ID is a public education campaign so that the majority of the population are able to contribute and participate. The benefits to a functioning democracy that is able to communicate with its citizens in regards to all manner of public services is progress on the messy part paper, part digital system we currently are engaged, whether we believe it or not.
Faster Networks help businesses protect their digital assets. We are a cyber security partner that brings the best software solutions that anticipate and fix digital vulnerabilities. Our areas of expertise includes Vulnerability Management, Security Orchestration Automation and Response (SOAR), Application Security, Infrastructure Security, Distributed Denial of Service (DDoS) Protection and Application Pentesting.