GDS Verify director expects online IDs for everyone in a 'small number of years'

Single ID pass could save billions and spur innovation says Janet Hughes

The programme director for GOV.UK Verify - the decentralised online ID assurance scheme from the British government - has said that within a "short number of years" everyone will have their own online ID.

"We think that pretty soon, in a small number of years, everyone will have identity accounts, just like everyone has email and bank accounts," said Janet Hughes. "Bank accounts and credit card accounts to make payments, email accounts to send messages, identity accounts for a repository of trust and to access a whole range of services online."

"When you have proven your identity once, you can use that account to access a whole range of services. Not just for central government, but for local government, the health sector and even the private sector."

GOV.UK Verify is designed to provide a single trusted login across all Government Digital Services, which could include filing a tax return or applying for Universal Credit. The decentralised system relies on eight companies to deliver the data-driven scheme, which requires users to sign up once to be trusted across all services in as little as 15 minutes. Rather than a centrally held database, users will pick one of eight service providers, such as Experian. Read more: UK government identity scheme launched - What is GOV.UK Verify? GOV.UK Verify explained

According to Hughes, there are 80,000 different ways to go through the process of proving your identity - and the scheme accommodates people who may not have a driving licence, or even a mobile phone.
She said that the scheme should make identity more resilient - because if one company has a problem, the other seven can pick up the slack - and that the market-driven approach will spur innovation and drive efficiencies.

And she also claimed that by having just the one platform cut across all digital services, Verify could cut billions in costs for identity assurance.

To allay security concerns, Hughes stated that it's rarely the technology that is difficult for any implementation, but rather about relationships. Much more important than the technology, she said, is establishing what the rules and what the standards are.

"It's really easy to understand the power of data," Hughes said. "[But] we need to establish the rules of the road, we need users to trust our services, we don't want people to freak out when we start talking to them about accessing their data and using it."

Failing to do so would alienate the public, and it "will be another generation before data-driven services can happen again."

"We need to protect people's privacy when we're doing this - even if people don't understand what's happening with their data we need to take responsibility for managing it in a responsible way that protects our privacy and keeps it secure," she said.

That's the reasoning behind a monthly advisory session that GDS has with a collection of privacy experts, who see what the Verify team is up to - like a "fully open book". The advisory group consists of groups like NO2ID, Big Brother Watch, the ICO, and various universities, who helped devise GDS' standards for using public data.

And these "will apply just as much to any other situation where we're dealing with people's data," Hughes said. "It's all about putting people in control of what's happened to their data, to make choices, making it transparent for people, enabling them to opt out, to make sure people can feel confident and trust what we're doing."

"It's something that takes up a huge amount of my time - making sure we do that."

Join the CSO newsletter!

Error: Please check your email address.

More about ICO

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by By Tamlin Magee

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts