What should a national digital ID look like?

The Australian government has re-energised its planning for a national digital ID, with finance minister Katy Gallagher predicting this week that an ID verification service would be operational within 12 months. This seems ambitious.

Various well-meaning and well-funded projects have tried to tackle this problem for nearly a quarter of a century. None have succeeded. Experience has already shown that creating a large-scale digital identity is much harder than it looks.

Can an entire integrated national ID system be created in 12 months? Probably not. But a solid start can be made using existing consumer-grade digital credential technology, which would then provide the core infostructure on which a truly general-purpose system could be built.

Why digital ID projects fail

The most important problem with these projects has been the resistance of businesses to the new system.

Businesses are generally reluctant to rely on the authentication of incoming customers by third-party “identity providers”. There are special cases where identification by post offices is accepted by banks for certain narrowly defined purposes, such as certain Know Your Customer (KYC) checks, but these cases have been difficult if not impossible to broaden to general-purpose identifications.

Further reading: Market Failure of the Standard Model of Digital Identity.

A national identity represents uncharted waters

National digital IDs tend to work only in countries that already have national IDs, such as Singapore and Estonia. But in Australia, a national ID is unprecedented. The same goes for most comparable economies, including the other Common Law countries.

While Australia’s identification processes are uneven or fragmented, they are also flexible. A new centrally administered digital ID will be more rigid.

We have common patterns. They constitute a grammar of identification comprising official facts and figures, formulas such as the 100 point check, and habits such as checking an adult’s age using their driver licence.

But every business does it differently — as they should! — because identification is key to risk management. When it comes to risk, you can think globally all you like but you must act locally. 

Any general-purpose ID proposal must account for the total cost of adoption. When it comes to identification and risk, novelty is expensive. Businesses’ identification protocols and habits have evolved to help mitigate impersonation risks. These processes are far from perfect, but they are well understood and well entrenched.

Business process reengineering is formidable and expensive

Imagine taking a brand-new digital ID to HR when starting a new job, or to the bank to open a new account, or to a store to buy a new phone, or to uni to enrol in a course, or to a doctor GP to register as a new patient.

Until now, onboarding and registration processes have mainly used official government ID documents, such as driver licenses, passports, Medicare cards, and birth certificates, and occasionally even utility bills. These are familiar to all businesses. They’re entrenched in business processes, databases, websites, forms, call centre scripts, and internal training programs.

Businesses know how to assemble the data from various documents into their own picture of who a customer is, in the context of their specific business relationship.

The process isn’t perfect, but businesses are free to control most of it. In particular, they can take what risk professionals call “compensatory measures” when necessary, such as when an applicant doesn’t have all the normal documents, or their driver licence has expired, or their utility bill is unusual.

With a new, unfamiliar, and more rigid digital ID, everything we’ve just described will need to be rewritten. Before that, legal counsel will have to sign off on the new identification process, after reviewing the new digital ID legislation for adequacy and applicability in the business context.

What promises will a government make around a general ID? What terms and conditions will apply?

Radical new legislation doesn’t automatically take effect. The repeated experience in federated identity systems in comparable settings is that the switching cost is always prohibitive.

Further reading: Jerry Fishenden’s definitive history Federated Identity for Access to UK Public Services: 1997–2020 (PDF) and my own analysis from 2011, Identities Evolve: Why federated identity is easier said than done (PDF).

Existing technology can improve things more quickly 

While a “new Australia Card” will take a long time to implement, we could at least make a start. 

A new government-issued ID might simply endorse a set of attributes — and yes, that could be a useful additional signal to help establish that someone is who they say they are. The more signals that are available, the better.

What should a general-purpose digital credential or token look like? 

One thing all experts would agree on is a state-of-the-art technology stack, fit to serve for at least ten years. 

The following basket of features and standards for digital identities represents the current global consensus for best practice: 

  • tamper-resistant hardware-based wallet;
  • decentralized peer-to-peer presentation mode to preserve privacy and operate offline;
  • probably an NFC interface for in-person usage providing speed, privacy, and security, the same as Tap to Pay;
  • a digital interface to present the credential to online forms, akin to Click to Pay; and
  • cryptographic security.

These features mitigate against identity crime. Stolen personal details become useless to imposters when presentations are made cryptographically instead of through plain text entry. The same logic supported the evolution from magnetic stripe credit cards to chip cards and smart wallets: these formats cannot be skimmed and cloned.

An infostructure for protecting all data  

As they say in the classics, we have the technology! The features listed above are widespread in smartphones and similar personal devices. They underpin the now-standard customer experience of retail digital payments.

Apple and Google are working with the European Union and various US departments of motor vehicles (DMVs) to carry digital IDs and digital driver licences in their respective wallets.

If this technology becomes widely accessible (as it must for a sensible national ID) then it can also carry digitised versions of other credentials. Driver licences, passports, birth certificates, Medicare cards and more can be deployed in this common digital credential stack.

We could do the same with any other important facts, such as proof of age, professional licences, educational certificates, employment status, social security entitlements, and health certificates. 

Businesses could provide the option to Click to Present these details from a secure digital wallet, in place of plain text data entry into web forms, making all these verification processes immune to stolen data.

It’s worth remembering that existing in-person identification processes are still reasonably robust. Imposters don’t use counterfeit passports or driver licences. Almost all identity-related crime is perpetrated online with stolen data.

So we just need to make the data better.

With the proper digital wallet technology, we can make all the official credentials already in common use vastly more reliable.

With the proper technology substrate, we can combat identity crime long before establishing a new national ID.

Lockstep’s Data Verification Platform is a scheme to rationalise and organise data flows between data originators such as government and the risk owners who rely on accurate data to guide decisions. Join us in conversation.

If you’d like to follow the development of the Data Verification Platform model, please subscribe for email updates.​