Australian government officials have played down the prospect of confusion with both the commonwealth and some states creating different digital ID systems.
They have also responded to concern the new digital ID system will be too complex for the elderly, those with disabilities and indigenous and remote communities.
Australia this year will move to a digital-based identification system that replaces the old 100-points ID verification process that hackers compromised to steal people’s identities and, in some cases, their life savings.
Speaking with ChannelNews Australia at a briefing this week, representatives from the Department of Finance said the government had a tentative rollout date of July 1, although the date depended on the timing of legislation passing through federal parliament.
The government had been accepting submissions on the new system up until January 19 and was in ongoing consultations with the states.
Sources told ChannelNews that the Optus and Medibank data breaches had moved public opinion to be in favour of a secure ID system. Previously there had been widespread opposition to it, according to polling.
Australians will not receive a physical card, as was proposed for the Australia Card abandoned after the 1987 federal election. Officials describe a digital ID as an expansion of the existing MyGovID verification system where users provide their credentials and a generated code to access services.
Concern has been expressed about unnecessary duplication with NSW, Victoria and Queensland and possibly some other states releasing their own accredited digital ID systems.
The NSW Government held a conference in December where it detailed its advanced parallel development of its digital ID system. Biometrics in the form of 3D images would be used to enhance user security.
The Department of Finance also played down likely confusion about which digital ID you use to access a particular service.
Officials at the briefing said the different forms of digital ID would allow users to choose a preferred ID system for accessing different services across government, and private services such as banking.
“The legislation will enable the expansion of the Australian Government Digital ID System to include state, territory and private sector organisations that choose to participate,” a spokesperson said.
“Our intent is for a person to be able to choose a Digital ID provider, set-up their Digital ID and then use it when and where they choose, to access private and public sector services.”
The federal and state governments were having ongoing discussions on this.
However, officials cautioned there were likely to be rules that limited a particular digital ID’s reach.
Under the proposed legislation, private organisations could also apply to be accredited as “digital ID services”.
Australia Post, MasterCard and OCR Labs, which provides optical scanning recognition for government and private companies, were already accredited.
Australia Payments Plus, a joint venture between Bpay, eftpos and NPP Australia, is an accredited exchange used for checking credentials.
Banks and other financial institutions have expressed interest in registering an accredited digital ID but are not part of the system yet.
The government will require all accredited digital ID systems to observe the same three levels of security standards.
A test by ChannelNews Australia of registering an Australian Post digital ID at the basic security level successfully used the same data that could be available to hackers, such as a passport, driver’s licence and Medicare card number. It would offer only limited access to some services.
You register your biometrics to gain the highest level of digital security. You create a multi-point image of yourself generated live on your phone or tablet. It’s similar to establishing face recognition on a smartphone.
The multi-point image is checked against your held passport photo (in future also your driver’s license). Your digital ID can then be used to access the most secure services.
Officials said the verification would fail if you submitted a static photo.
They seemed confident that biometrics would make it impossible for hackers to steal and use a person’s digital identity. Establishing your credentials only needed to be done once, they said.
While a digital ID might enable access to multiple services, it wouldn’t of its own accord signal an increase in the flow of personal information about you between agencies, which was a key concern in the 1987 Australia Card debate.
The biggest challenge will be enabling digital IDs for the elderly, those with disabilities, and indigenous and remote communities, who are totally removed from the world of ID authenticator apps, two-factor security, and biometric verification. They will need a mountain of help setting up their digital IDs and transacting.
There’s the people without either a passport or driver’s licence wanting the highest level of security through biometrics.
The officials said the system was committed to “inclusion” and support for those groups. The commonwealth would always have an option for them, they said. In any case, digital IDs would not be compulsory for commonwealth government services.
But do these disadvantaged people then miss the extra boost in security offered by a digital ID? Do they remain vulnerable to being hacked and having their identities stolen?
The officials said the digital ID system could later be expanded beyond government and financial services to include services such as a Power of Attorney.
They ruled out replacing familiar identifiers such as your Medicare number with a digital ID. It’s a case of if it ain’t broke, don’t fix it.
In the end, we need a digital ID system in Australia, if we are to keep the cybercriminals at bay. But the system has to be simple enough to understand for the digitally challenged to use it. They are probably the most vulnerable consumer group when it comes to identity theft and other cybercrimes.
---
Autor(en)/Author(s): Chris Griffith
Quelle/Source: Channel News, 02.02.2024