GDS Verify director expects online IDs for everyone in a 'small number of years'

Single ID pass could save billions and spur innovation says Janet Hughes

The programme director for GOV.UK Verify - the decentralised online ID assurance scheme from the British government - has said that within a "short number of years" everyone will have their own online ID.

"We think that pretty soon, in a small number of years, everyone will have identity accounts, just like everyone has email and bank accounts," said Janet Hughes. "Bank accounts and credit card accounts to make payments, email accounts to send messages, identity accounts for a repository of trust and to access a whole range of services online."

"When you have proven your identity once, you can use that account to access a whole range of services. Not just for central government, but for local government, the health sector and even the private sector."

GOV.UK Verify is designed to provide a single trusted login across all Government Digital Services, which could include filing a tax return or applying for Universal Credit. The decentralised system relies on eight companies to deliver the data-driven scheme, which requires users to sign up once to be trusted across all services in as little as 15 minutes. Rather than a centrally held database, users will pick one of eight service providers, such as Experian. Read more: UK government identity scheme launched - What is GOV.UK Verify? GOV.UK Verify explained

According to Hughes, there are 80,000 different ways to go through the process of proving your identity - and the scheme accommodates people who may not have a driving licence, or even a mobile phone.
She said that the scheme should make identity more resilient - because if one company has a problem, the other seven can pick up the slack - and that the market-driven approach will spur innovation and drive efficiencies.

And she also claimed that by having just the one platform cut across all digital services, Verify could cut billions in costs for identity assurance.

To allay security concerns, Hughes stated that it's rarely the technology that is difficult for any implementation, but rather about relationships. Much more important than the technology, she said, is establishing what the rules and what the standards are.

"It's really easy to understand the power of data," Hughes said. "[But] we need to establish the rules of the road, we need users to trust our services, we don't want people to freak out when we start talking to them about accessing their data and using it."

Failing to do so would alienate the public, and it "will be another generation before data-driven services can happen again."

"We need to protect people's privacy when we're doing this - even if people don't understand what's happening with their data we need to take responsibility for managing it in a responsible way that protects our privacy and keeps it secure," she said.

That's the reasoning behind a monthly advisory session that GDS has with a collection of privacy experts, who see what the Verify team is up to - like a "fully open book". The advisory group consists of groups like NO2ID, Big Brother Watch, the ICO, and various universities, who helped devise GDS' standards for using public data.

And these "will apply just as much to any other situation where we're dealing with people's data," Hughes said. "It's all about putting people in control of what's happened to their data, to make choices, making it transparent for people, enabling them to opt out, to make sure people can feel confident and trust what we're doing."

"It's something that takes up a huge amount of my time - making sure we do that."

Join the newsletter!

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about ICO

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by By Tamlin Magee

Latest Videos

More videos

Blog Posts