Digital ID gets a PR makeover


Denham Sadler
Senior Reporter

The government is planning a major communications campaign around its troubled digital identity project, which has been readied to move into its next phase.

The move comes as the beta version of the government’s digital identity service – myGovID – has had an underwhelming reception. The service has received a rating of just 2.4 out of 5 from more than 200 reviews on the Apple App Store, and a rating of 1.7 out of 5 from 308 reviews on Google Play.

The use of myGovID is set to significantly increase after it replaces the ageing AUSkey system, starting in March.

Pedestrians, crossing, busy, people
Forward progress: Digital Identity is getting a makeover

GovPass is the federal government’s overarching digital identity project. It aims to be a whole-of-government way to verify identity across a range of government and private sector services. It is split into four elements: the Trusted Digital Identity Framework, the exchange gateway, the digital identity services and the service providers.

The project has already cost more than $200 million in the five years since it launched, and there are only two accredited digital identity providers involved with the scheme so far: the ATO’s myGovID and Australia Post’s own service.

The project is being led by the Digital Transformation Agency, and the agency kept it deliberately low profile, with little attempts to make the public aware of the digital identity play.

After being questioned about this by senators late last year, DTA boss Randall Brugeaud said this is deliberate and more effort will be made once the service is more useful to the general public.

The government’s own offering, myGovID, is still in beta phase and can only be used for a limited number of government services. But that will soon change, with myGovID set to replace AUSkey from March.

AUSkey is a secure login that identifies you when using government services on behalf of a business. Users are now being directed to create a myGovID instead in anticipation of the retirement of AUSkey in just over a month.

This will become the first major test of myGovID with a wide range of users.

To mark the occasion, the DTA has posted a new listing on its own Digital Marketplace for the creation of a Digital Identity Communication and Engagement Strategy.

“The next stage of digital identity will see a broader rollout of more services to more people,” the listing said.

“The program needs to expand its approach to communications significantly, to inform all Australians about what it is and isn’t – highlighting potential benefits it offers to everyone and especially for those who choose to make use of it.”

The communications campaign will focus on the use of biometrics, the benefits of digital identity and privacy safeguards involved with the scheme.

“Australia’s history of identity related projects raises concern for some stakeholders and is a central consideration of the digital identity program. The design is based on the critical principles of people having choice of identity provider, privacy and security by design and being opt in,” the DTA said.

The DTA has previously rejected concerns that GovPass will be a repeat of the doomed Australia Card, instead arguing that it will be “privacy enhancing”.

Applications to run the communications strategy close at the end of the weekend, with work starting on 10 February.

Focus group testing conducted by the DTA finding that two-thirds of Australians won’t use a digital identity unless there is a significant successful public awareness campaign.

The focus groups, which took place in March last year, found an overwhelming preoccupation with security and privacy and a reluctance to use the service unless these concerns are fully explained and assured.

It also found that many Australians are not aware of the government’s efforts in the space or what a digital identity is in general.

As of October last year the myGovID app had been downloaded 80,000 times, with 46,000 digital identities created. But feedback hasn’t been great for the service, with myGovID receiving low ratings across both App Stores.

Many reviewers claim they were unable to actually create a digital identity due to a range of issues and bugs, with some dubbing it “unusable buggy garbage” and “useless”. Another review labelled myGovID an “ugly cousin” of Australia Post’s own digital identity offering.

The GovPass project has been plagued with cost blowouts and continual delays. It has been criticised for focusing on developing new technologies and software instead of purchasing existing off-the-shelf services that have been developed in the private sector.

Do you know more? Contact James Riley via Email or Signal.

4 Comments
  1. Jack 6 months ago
    Reply

    Most useless app I have everseen. It has so many bugs and even after I successfully create my digital identity and increase it to Standard strenght, I cannot verify myself to access my company business portal. It is so ridiculous. The support team cannot do nothing and just advise me to wait for the update. It is just unbelievable such a useless project still continue to carry on.

  2. Louis Leahy 8 months ago
    Reply

    This authentication is based on onetime passwords that are easily compromised it is not secure. Secure authentication requires device independent authentication. MyGov ID requires the user to purchase an expensive smart phone to use its system. These devices are under constant attack because they are easy to compromise as they use defective 2 factor authentication. The Governments network security should not be dependent on such user maintained devices it is ludicrous.

  3. Anon 8 months ago
    Reply

    “Privacy Enhancing”? Really? They deleted their Privacy-Impact-Assessment (PIA) from their website (no wonder) – but it’s still on the AWS mirror here:

    https://dta-www-drupal-20180130215411153400000001.s3.ap-southeast-2.amazonaws.com/s3fs-public/files/digital-identity/PIAs/DTA_TDIF_Alpha_Initial_PIA.pdf

    It looks like they failed everything except for 3 things – but read those 3 things – all 3 of them were “not assessed”, and so given a “compliant” by default. Or in other words – THEY FAILED EVERY SINGLE ONE of *all* assessed criteria!!!

    Oops. Expect that amazon mirror to be deleted as soon as they notice they didn’t delete all copies of their failure properly…

Leave a Comment

Your email address will not be published.

Related stories