The benefits of a common local-central ID authentication system
The arguments for putting services online are well rehearsed: better customer service and lower delivery costs. Getting higher risk transactions online where we are giving out benefits in cash and kind, or sharing sensitive personal information should, however, be backed up by effective and reliable identity assurance (IDA).
But how can local authorities be sure the people they are dealing with online are who they say they are?
In 2013, Warwickshire County Council carried out an Alpha project with Government Digital Services (GDS) to answer that question and to show that local government could take advantage of the IDA services being developed by GDS. We successfully demonstrated interoperability, and in the process we carried out the first end to end test of the government's new IDA solution.
The results of this Alpha project are available on the Open Identity Exchange (OIX) web site. One report, 'Interoperability between central and local government Identity Assurance schemes' provides the context, an overview of the project and technical, business process and user experience conclusions. Another offers the technical findings.
What we learned from the project was that a common central and local government IDA approach brings a number of benefits as follows:
- customers could use a single identity, whether interacting with central or local government. Ultimately the same identity could be used in the private sector too
- a single identity would be easier to use, increasing online take-up
- the security of the government's IDA solution has been rigorously reviewed by CESG, the UK's National Technical Authority for Information Assurance, something that individual local authorities could not realistically achieve
- the Privacy and Consumer Advisory Group's privacy principles are built in, and can only be met by involving multiple identity providers, again beyond the reach of individual local authorities
- the adoption of a common solution reduces organisational risk, and should reduce organisational cost through economies of scale
- it is cheaper and easier for third-party system suppliers to integrate a single government IDA solution into their products.
Warwickshire County Council is currently working on a second discovery and alpha project with GDS to design and build an attribute exchange solution. Built on top of the IDA solution, attribute exchange has the potential to radically transform service delivery, but what does it mean?
Attribute exchange is the electronic exchange of information about a customer and would be used to prove eligibility for services in real-time during an online transaction, removing the need for paper proof of eligibility. It means that the service provider and attribute provider can be assured that the customer is who they say they are and that the customer can give explicit permission for data about them to be shared.
One example where attribute exchange could prove extremely useful is in the administration of Blue Badges - currently a time-consuming process that requires the applicant to provide paper proof of eligibility. If eligibility for those who meet even the primary eligibility criteria could be proven automatically and in real-time using online attribute exchange, approximately £1.5m could be saved annually across the public sector through process efficiencies.
It is early days yet, and a number of things need to come together to make attribute exchange a reality, such as potential attribute providers need to be ready to plug in to the attribute architecture (providers most likely to be of interest to local government are DWP, HMRC, Home Office and DVLA) and third party system suppliers need to be engaged.
The best way to make all of this come about is to build a robust local government business case. Local government needs to:
- identify all of the services that require identity assurance and attribute exchange
- understand the cashable savings that could be delivered
- identify the customer service benefits that would be delivered.
With attribute exchange in place, local and central government would be well placed to deliver what digital by default promises: online services so good that people choose to use them.
Ian Litton participated in the Identity Assurance discussion session at the recent Local Digital event 'Government Digital Service (GDS) Local-Central Discovery Day'. Read coverage of this event.