Biometrics back on DTA agenda
Biometric identifiers: Still a thing at the Digital Transformation Agency
The Federal Government is running a private beta of its digital identity platform ahead of a planned public test early next year.
To use the service, people will need to supply personal details, documentary evidence of their identity and upload a selfie to complete the identification process.
Dubbed Govpass, the heart of the service is being built by and initially operated by the Digital Transformation Agency. It leverages the existing Document Verification Service, and introduces a biometric element that uses the recently announced Face Verification Service (FVS).
Launched in November, the FVS initially provided the Department of Foreign Affairs and Trade and the Federal Police access to citizenship images held by the Immigration department, but has been designed with expansion in mind. Other agencies will be provided access, and images from visa, passport and drivers’ licences are to be added in the future.
Rachel Dixon, very much the public face and voice of the former Digital Transformation Office’s bold identity plans in 2016, remains head of the identity program at the since renamed and repurposed Digital Transformation Agency.
However it was one of her team, Drew Andison, policy lead for Govpass who made the announcement about the new service in a DTA blog on Friday.
Interestingly that blog makes no mention of the use of biometrics – although this detail is set out in the initial Privacy Impact Assessment (PIA) for the Trusted Digital Identity Framework (TDIF) now known as Govpass.
According to a DTA spokesperson; “Facial recognition is, like many other aspects of the Govpass project, still being discussed with our government and non-government stakeholders. Users would be able to access more complex government services online if they choose.”
According to the blog post to use the service people will first set up a Govpass account.
To do this they input their name, email and phone number which will be verified by email or SMS. The user then submits details from three ID documents to Govpass, which will confirm their veracity using the existing Document Verification System.
If the user agrees then an encrypted message – equivalent to a token in online payments – is provided to a central exchange, which can be accessed by service providers to confirm the identity of someone online.
The verifier will initially be a single federal government agency. The blog post however indicates that more verifiers are intended to be added and that over time this could be expanded to include banks or state governments.
The exchange has been set up “double blind” in that it will not hold identifying or personal information itself or details of the service that the person is trying to access. It will however be a rich source of meta data which some stakeholders are concerned may be exploited through function creep in the future.
The two-factor authentication process teams what the user knows (name, email, phone number) with what the user has (identity documents such as driver’s licence or passport).
To add a third factor determining ‘who they are’, and to ensure that the person inputting the details is not an identity thief, Govpass will use the Face Verification Service according to the PIA.
While the technology for this element has yet to be selected the DTA has been looking at using smartphones to take a selfie, which can then be uploaded for verification via the FVS.
It has been ten years since the Federal Government pulled the plug on the last proposed biometric Access Card, which would have replaced 17 existing card or voucher systems; and 20 years since the Australia Card was thwarted.
Time to get back in the biometric water it appears.
The initial PIA conducted for the DTA by Galexia was provided to government December and is now available publicly. A full PIA is scheduled to be delivered to government this month.
The first PIA notes stakeholder concerns about the use of the biometric and the lack of extensive community consultation.
It notes that in the demonstration prototype users are asked to submit a photograph of their face and a biometric ‘template’ is created based on this photograph and checked against the FVS.
To satisfy privacy requirements, the IPA has called for a strict prohibition to be placed on the biometric being used for any secondary purpose and that any biometric data be destroyed as soon as the photo is verified.
According to the IPA, stakeholders expressed concern that a national data set of photographs could be created if function creep allowed the images to be retained and shared.
What was of even greater concern was the fact that the prototype TDIF involved a single Federal Government identifier and a single Government exchange.
The PIA noted that this centralisation had taken stakeholders by surprise and raised concerns that this might represent a “throwback” to previous schemes.
“Even after detailed discussions and explanation on the details of the TDIF most stakeholders still viewed the single Commonwealth IdP (identity provider) as an updated version of the Australia Card/Access Card.
“Stakeholders were strongly of the view that such an important and far-reaching decision should have been the subject of extensive community consultation and debate, with many stakeholders calling for a public discussion paper and/or legislation; and almost all stakeholders struggled to see any justification for the establishment of a single IdP – a common question was “what is the problem that needs to be solved?”,” notes the PIA.
According to Drew Andison’s blog the problem is that; “Everyone, at some stage in their lives, needs to deal with government to get things done. At some point in this process you will be asked to show some form of identification.
“People have told us they often need to provide too much information to prove who they are, and are asked to provide the same information each time they interact with a different government agency.” Govpass is the DTA’s solution to that problem.
Dr Roger Clark, a board member of the Australian Privacy Foundation, said that one of the biggest issues with the scheme was that it had a “choke-point” that all traffic passes through.
“Moreover, critical data will be retained by that choke-point. So the government would have achieved the very thing they need to establish the hub of a national ID scheme.”
He said that the consultative process with the DTA had been a “disaster” though he welcomed the approach and professionalism of Galexia with its PIA. Dr Clark said that the DTA had; “Scheduled another talk-fest on 29 March, but they still appear not to be prepared to have an actual consultative process.”
Where the DTA is very hands on is regarding the creation of the platform – it’s building Govpass itself after the Government last September abandoned its original plan to buy a solution.
In a letter sent to the 70-odd organisations that replied to its 2016 Request for Information, the then Digital Transformation Office’s procurement team said it was no longer in the market.
Besides building the system, there is all the surrounding structure to be established. The PIA for example notes that most of the security arrangements for the TDIF had not been developed at the time of its review and that it was also “the subject of fairly minimal governance arrangement” and still lacking enabling legislation, COAG agreement, any Memoranda of Understanding between the parties involved, or a formal board.
Despite these hurdles, according Mr Andison; “The DTA wants to make sure it gets this project right.
“The product is currently in a private beta stage of development. This means we have working software that we are testing with real users, but we’re using test data.
“By the middle of this year, we plan to have a product available to be tested by selected individuals.
“Early next year, a public beta will be available to everyone to test on a limited number of services.”