For the identity assurance team, last year laid the foundations of a service that will make it possible for people to use digital government services safely and securely. This year we're building on our progress (the 'hub', privacy principles, supplier framework, research, standards, alphas and white papers, supplier certification, international collaboration, etc) to deliver the “beta” version of the service.
As I walk around the office talking to team members at the start of the year, the change of tone is noticeable. This is a big year for us. We're also aware that this was the last Christmas without a live service to nurture and support.
I'll keep you posted, via this blog, with developments as the service goes live. In the first few months of 2014 we’ll be starting the IDA service in private beta with our identity providers, to allow users to access new HMRC and DVLA services.
We’ll be issuing our response to our Privacy and Consumer Advisory Group’s identity assurance principles, and we’ll be publishing new guidance for departments planning to use the IDA service, in the Service Design Manual. We also have more alphas and OIX white papers in development.
Before the end of this year you'll be able to use our service to prove that you are who you say you are online. A whole new you, if you like.
1 comment
Comment by simonfj posted on
A belated Happy New Year to you and the team Steve.
Although you've got me worried about a "happy new me". I was just getting used to the old one.
I've been tracking your team's approach to the old conundrum. I won't say they're trying to reinvent the wheel. It's more that they're still in this schizophrenic stage of aiming to provide personal privacy, on one hand, and trading it off against a promise that was made by this man at GDS' outset ( http://archive.is/D3AT ), one the other. i.e. That ALL the services would be "personalised".
You might imagine that every National R&E Network manager around the world has been contending with this problem forever, especially as they try to prioritize and share common services internationally. One (smart) comment at terena's last pow wow. "No you cannot use your Facebook account to gain access to the hadron collider" 🙂 It's the levels of security, and attributes "attributed" (by an institution) to an account, which brings everyone unstuck.
Anyway, as you said, it's going to be an interesting year. Big changes, no doubt. I'll know that we are getting somewhere when I can log into these blogs using my gov account. One thing I do know, because I have to personalize services as my memory is so bad. I won't be using a private entity to confirm my identity. They simply won't have an insurance policy big enough to cover my intellectual property:)
Accreditation gives me zero confidence. e.g. We all trust banks, yes?
You're onto something with this idea of "Privacy by Design" which, "should include a user access functionality". All we have to ensure is that a user knows how to use the functionality, and understands it's limitations. Bit of work/education to be shared there.
Onward! (but which way?)