Posts filed under ‘igovt’

UK: e-petition and proof of citizenship

I was both moved and intrigued by Robin Wilton’s plea to support an e-petition “to create a dedicated Military & Veterans Hospital within the UK.”

Moved because it seemed to be a worthy thing to do; intrigued because I wanted to see how they would verify that I met the condition of being a British citizen or resident to sign the petition.

Turns out that all that’s required is a valid address and postcode. If you’re an expat, you don’t even need that. So, “Earnest Hope” became the 41,380th person to sign the e-petition.

It left me wondering just how many other signatures are from people like me? And, does it really matter if the bulk of them are actually from eligible folks?

Also, isn’t there a better way for checking online whether a person is a UK citizen/resident?

That got me thinking about how to verify whether or not a person is a New Zealand citizen or resident. In-person checking is simple enough but what about an online check? Can’t think of a simple way that already exists.

That is where GOAAMS (slides) comes in…


August 3, 2008 at 9:14 pm Leave a comment

Identity systems and trust

On reflection, it turns out that a trusted system may actually be untrustworthy.

I was looking at some of the recorded presentations that I missed at the Managing Identity in New Zealand conference in April. If the delightful Wordle tool could make word clouds from videos, then one of the prominent words in the presentations would be “trust.” There were probably few, if any, presentations that didn’t use that word in conjunction with identity systems.

Just what is the relationship between identity systems and trust? Given that every presenter thought it is a critical component of an identity system, it’s worth trying to uncover the relationship between the two.

To me the word trust seemed to cover a wide spectrum of meanings- different people used the word to mean different things. At one extreme is what I’d call technical trust while at the other is business trust.

A good example of technical trust is Stefan Brand’s presentation about Credentica’s U-Prove™ technology. He would probably define trust in terms of protocols, cryptographic proof, encryption, non-repudiation, digital signatures, message integrity, unlinkability, etc. Trust would, in this case, be the outcome from the technical features of an identity system.

At the other extreme is what a person like the Privacy Commissioner means by trust. She used it to mean “protect them [people] from the many possible harms that can arise from misuse of their personal information”; “to give credible, proveable reassurances”; and “people to feel too insecure to give out their information, and crippling e-govt and e-commerce systems.” She goes on to quote a minister that “Damage the trust of citizens and you damage the notion of citizenship, and governing becomes that much harder.”

I visualise the relationship between technical trust and business trust as two concentric circles. The smaller, inner one is technical trust and the larger, outer one business trust to represent:

– technical trust is a sub-set of business trust, i.e. it is impossible to achieve business trust without first getting technical trust; and

– technical trust on its own is insufficient, i.e. for an identity system to be trustworthy, it must have both technical trust and business trust. Otherwise, we get a (technically) trusted system that is untrustworthy from a business or user perspective.

Vendors of identity systems tend to focus on technical trust and make passing references to business trust. That’s one of the things that make the Liberty Alliance attractive- it has a focus on both technical and business trust.

As an aside, locally we seem to be getting there as evidenced by a recent post Govt moves forward with online ID by Richard Wood.

July 27, 2008 at 11:38 pm 2 comments

Authenticating the Queen’s subjects

I’m just back from attending eGovernment 2008 in Canberra. For me, the big draw was an opportunity to attend a three hour workshop focussed on the UK’s Government Gateway. I sure wasn’t disappointed- the insights into the Government Gateway were quite an eye opener.

Attending the conference also led me to reflect on how online authentication is working for the Queen’s subjects in the UK, Australia, and New Zealand. It’s quite fascinating how each of them reflect diverse approaches and are also very much a product of their times.

First, Australia. Still very PKI focussed, as in standard X.509 certs in the user’s computer. There are some good intentions from the federal policy body AGIMO (Australian Government Information Management Office) to move on to solutions that work for people (not computers) but the mindset of the average government official is definitely digital certs.

A good example of this focus is the success of VANguard. VANguard’s authentication service is probably best described as an authentication broker whose main function is to allow for interoperability of digital certs issued by various CAs. This is a good step so that businesses (it’s mostly business-focussed) can use the same digital cert with multiple RPs. It’s a back-end hub so that various front-ends and portals, such as bizgate in South Australia, can draw on its functionality. Still, it has all the limitations inherent in the old PKI designs.

It’ll be interesting to see how AGIMO’s proposed National e-Authentication Framework will differ from their existing AGAF (Australian Government e-Authentication Framework) which is separate for businesses and individuals.

Back to the UK’s Government Gateway. From the outside, so much of the focus has been on the UK’s plans for a national identity card that people, including me, can’t distinguish the good stuff they have done and are continuing to do in the online authentication space from the bad. Jim Purves, Head of Product Strategy in the Cabinet Office gave terrific insights into the chequered history of the Gateway as well as plans going forward.

The Gateway is very privacy-protective, very focussed on providing authentication and SSO for the UK Government’s online services. They are introducing SAML 2 soon but that also has the downside of continued support for all the current protocols. They’ve had some significant funding challenges in the past but now have “strategic investors” from within government so the future is bright. Trust and confidence in the Gateway is at an all-time high.

Purely speculative on my part but I think they’ve got a big cloud on the horizon- when the national identity card folks come calling. That could potentially lead to a fundamental change in approach. That’s the unfortunate steamrolling impact of the national identity card. Also interesting how they handle pan-European interoperability but, with a strong Liberty Alliance foundation, I imagine they are well placed to handle that.

So, how does NZ stack up? The proper comparison is with the GLS or Government Logon Service (which will be re-branded igovt later this year). There’s no doubt that the GLS is the most privacy-protective of the lot and has all the right moving bits.

Once the IVS or Identity Verification Service and then GOAAMS or Government Online Attribute Assertion Meta System is added to igovt, then it’s a whole new ballgame for NZ.

But, there is clearly one area that the GLS should look at- adding a web services (ID-WSF) capability in addition to the current browser re-direct (ID-FF). That will provide many new opportunities off the same infrastructure, such as acting as an authenticating receiver for XML messages. The UK’s Government Gateway currently does that for all electronic tax filings direct from standard tax and accounting packages.

All in all, interesting times and much thinking…

July 2, 2008 at 11:45 pm 1 comment

Banking on online identity verification

It’s interesting to see how some see business opportunity out of government regulation while others see only downsides.

During April’s Identity Conference, Kiwibank boss Sam Knowles complained about how the proposed anti-money laundering law provides no value, only an unnecessary regulatory burden.

For a bank which markets itself as a New Zealand bastion against domination by foreign (i.e. Australian) banks, it would do well to look across the Tasman at the example set by the branchless retail bank ING Direct.

According to an article in Australian IT, “ING Direct has led the way in using anti-money-laundering identification processes to come up with a method for opening an account purely online. The Dutch bank has claimed bragging rights for the first end-to-end online account opening facility in Australia…which uses an almost instant online identity verification process instead of the traditional 100-point security check to allow customers to open savings and term deposit accounts.”

“ING Direct has taken advantage of new AML [anti-money laundering] legislation that allows financial institutions to replace the traditional 100 point security check, which uses physical documents such as passports, with electronic AML compliance checks.”

According to the bank, “We were able to show the Government that electronic verification was robust and an alternative method to face-to-face. The legislation now says you have to conduct verification but it doesn’t prescribe the channel.”

From my perspective, this is cool. It works for people, it works for banks (even more so for branchless retail banks). And, it’s another small step forward in unlocking the Internet’s potential for higher-value transactions.

But the way that ING Direct verifies a person’s identity isn’t without potential flaws. Australian customers fill out an online application form and their identity is checked by FCS OnLine, a third-party identify verification service.

FCS OnLine seems to be offering online identity verification by checking information submitted by applicants against public databases. It’s difficult to see how relying solely on knowledge-based identity verification provides sufficiently robust results. On the other hand, presumably they overcome privacy requirements based on active consent from applicants.

So, if the outcome is desirable but the online identity verification process employed is suspect, it would be desirable for a better process to be used.

What that would be? For a start, one that is robust, economical, and user-centric. Even that’s quite a tall order. And, as far as I know, one that doesn’t exist- yet.

That’s where the wheel turns a full circle and New Zealand banks, including Kiwibank, may one day come out ahead if policy issues related to private sector use of igovt (specifically, the Identity Verification Service) mentioned in a Computerworld article are resolved.

Which raises the question of when is government a justifiable party?

(Hat tip to a colleague for the link to the Australian IT article and getting my blogging juices flowing again.)

June 16, 2008 at 11:51 pm 6 comments

Identity Conference 2008, Wellington

There’s been a lot of national interest in this colossal undertaking at Te Papa. Experts have been poking at it, looking at what’s inside. Given its size, the experts have been taking it slow but the NZ Herald thinks that “an initial examination had still yielded a lot of useful information.”

Of course, that’s the squid at Te Papa but it probably applies to the Identity Conference as well.

The Conference was two full-on days. Having been quite closely involved, it’s hard for me to stand back and be objective. However, based on hurried conversations, it does seem to have lived up to the high expectations of a global-quality event looking at identity from multiple perspectives.

All five of the international speakers- Malcolm Crompton, Eve Maler, Roger Clarke, Dick Hardt, and Stefan Brands- were great. Dick Hardt was a clear crowd favourite doing what he does best- 1137 slides (give or take a few hundred) of a localised (as opposed to a localized) Identity 2.0 presentation. That’s one of those things you can find new things to enjoy each time.

Malcolm also came across very well as did Eve. Roger was at this combative best while Stefan was probably more engaging in yesterday’s open debate at which he handled tricky questions like ongoing IP issues with IBM over Idemix and the contribution of David Chaum to his patents. Stefan also provided the interesting tidbit of how the Microsoft acquisition was hastened by competitors’ interest.

The senior public service Chief Executives, Minister, and Privacy Commissioner all hit the right pitch with considered views. And, lest we forget, there was the official launch of igovt.

The final panel discussion chaired by John Campbell helped round off the Conference with a business focus. The workstreams in between catered for niche academic and sector interests. One of these that I particularly enjoyed was an insight into Maori perspectives of identity, whakapapa, and the opportunities/challenges that the Internet presents.

So, all in all, two days well spent. Compared to some of the international conferences that I’ve been to, a focus on managing identity and poking at it from many angles gave the Identity Conference a distinctive identity of its own. One that was also distinctively Kiwi.

April 30, 2008 at 11:37 pm Leave a comment

Why igovt?

For some time now, we’ve been aware of a paradox: we are building and operating user-centric services but use government-centric language to describe them. The launch of the igovt website is a small yet important step towards changing that.

Take the Government Logon Service (GLS) as an example. According to our website, which is intended for a government agencies audience, “In a nutshell, the GLS is an all-of-government shared service to manage the logon process for online services of participating agencies.”

The very name, description, and use of a Three Letter Acronym are so government-centric. What does an average person, say a student who just wants to check his/her account online, make of this? Do we really want to try and explain to people what a “logon” is?

There is of course logic in using government-centric language, especially in the early days of a new service for which there are few, if any, precedents and mental models. Describing as accurately as possible what a service does from a functional perspective allows for precision. It helps external experts and interest groups get an in-depth understanding of what the service does and, sometimes more importantly, what it doesn’t.

But it is more than choice of language alone. It’s also about perspective.

Protecting privacy has been a major driver for the all-of-government authentication services. An important way of designing in privacy is the separation of who a person is (identity) from what they do online (activities) so that data aggregation and building profiles of people aren’t possible. Two different government departments operate two different services based on their respective strengths.

This world-leading approach has been highly acclaimed by privacy experts. Yet, from the view of a person or organisation interested in getting better and quicker government services, it just means more complexity that they have to try and understand and overcome to get to what they are really interested in- the service they want.

The second issue therefore is that people don’t want to integrate and coordinate government’s services; they want government to do that. This desire is reflected at a strategic level in the Development Goals for the State Services. At an everyday level, it means that we had to find a way for our privacy-protective design to be presented to people as a single, integrated online service without diluting the design itself.

And, it was apparent that the time to act was now, before the Identity Verification Service was launched and before future authentication services further increased complexity.

The result is igovt. It is not “just another brand” but, over time, will represent a significant shift. A shift to using user-centric language; a shift to government integrating multiple online services from multiple government agencies for people without any dilution of security and privacy protection; a shift to making it easier and more convenient for people and organisations to get government’s services.

Though there are many models we can learn from, there aren’t any tried and trusted models that we can simply adopt. It is therefore neither possible nor appropriate to try and make the shift in one giant leap. Instead, it’s more of a journey from inside-out thinking to outside-in, learning along the way.

The next step in this journey is to re-brand and re-describe GLS as the first igovt service.

[Original post at]

April 23, 2008 at 10:02 pm Leave a comment

igovt public consultation

There were so many insights from attending focus groups during the igovt public consultation that it’s hard to pick just one. Certainly, one that made a lasting impression was a lady with a disability who spoke emotively about how the service would make a huge positive difference for her in getting services from government. For her, the notion of having to prove who she was once to government and then being able to choose to use the Internet to verify her identity- both across government and the private sector- was compelling.

So, what was the igovt public consultation all about?

Late last year the Department of Internal Affairs, with the support of the State Services Commission, consulted with people about igovt. Specifically, the consultation was about the Identity Verification Service, one of the two igovt services.

The details and context for the service have evolved since the previous public consultation in 2003. It was therefore important to seek the views of the public about key aspects of the proposed service before the service design was finalised.

Public consultation was also essential for continuing the transparency that has been a hallmark of developing igovt services. In particular, for services based on policy principles such as opt-in and acceptability, it is important to check with people that the service design has resulted in a service that is indeed of value to them.

The public consultation process asked people to get information from the website and send in submissions. At the planning stage for the consultation it was clear that we needed to be more proactive to get deeper and wider participation.

21 focus groups were therefore held in 8 places across New Zealand- Whangarei, Manukau, Tokoroa, New Plymouth, Porirua, Westport, Christchurch, and Invercargill. The workshops were three hours long and included a demonstration of how the service would work. It turned out that the demonstration was critical in helping people understand the service and thereby provide well-informed responses.

I was personally present at a few of these workshops to do the demonstration and also answer any questions about the service that people had. For me, it was an immensely rewarding experience. To get firsthand insight into people’s views is far richer and meaningful than getting it from a report.

The public consultation report (PDF) has now been received and published with a Summary Report.

[Original post at]

April 17, 2008 at 10:42 pm Leave a comment

Older Posts

This blog is no longer updated. See the About page for more info. I'm currently active on Twitter.

Follow me on twitter