The user choice model, which allows UK citizens to choose from a list of approved ID assurance providers, is a response to the UK government’s “digital by default” access for public services strategy, said Stephen Dunn, lead architect for the ID Assurance Programme. A recently published UK civil service reform plan called for the exclusive use of online access to government services except in limited use cases where “a digital channel is not available”, Dunn noted.
The third-party approach will provide an element of user choice for citizens attempting to access public services online, as well as avoid the need for a centralized database of ID authentication credentials stored by the UK government. Firms seeking to become approved ID assurance providers for the program can access a set of Good Practice guides at the UK Cabinet Office website.
Dunn said the new ID Assurance Programme would create an identity ecosystem that addresses some of the security and privacy concerns of the ill-fated National ID card legislation, which was repealed in 2010. “We’re not going to build a large, centralized government database” of all citizens, he assured, adding that such an approach would fail to build trust in the system. “We need to give users control over how they verify identity”, Dunn continued, and the new ID Assurance Programme incorporates feedback from industry and interest groups on how to build a more trusted system to deliver online services.
The architecture of the new ID program, Dunn asserted, puts in place limitations that help to preserve privacy, and all government services regardless of department will be channelled through the new ID Assurance Program platform to authenticate a user’s identity.
In short, the new model requires users to select an approved ID verification provider – possibly one they have a pre-existing relationship with, Dunn noted – and the ID Assurance Program will then use this relationship to execute a transaction with the government department. The model is what Dunn called a “distributed hub infrastructure that allows” ID information to be passed to a government service “while providing privacy to the user”. When the procurement process for approved ID verification providers wraps up in late October, a list of preliminary providers will be made public.
The design of this program is public, and the methods used to protect user privacy have also been made public, added Mike Pegman, lead security architect – Universal Credit, Dept. of Work and Pensions, who was involved in creating the system’s architecture.
“We are building an attack surface that is manageable and understood; we are building in prevention of denial-of-service attacks through high-availability architectures”, Pegman said. “Multiple ID providers give customers a choice” he continued. In terms of security, “the market is segmented, so even if one identity provider is attacked, the customer still has a choice”.
The decentralized scheme, Pegman contended, addresses the issue of availability, because in the event of a failure the customer can move to a different ID provider. And if one of these providers does fall victim to a denial-of-service attack, he concluded, then the rest of the ID verification ecosystem will still remain intact.