IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

UK gov unveils plan for nationwide digital identity scheme

The government's fresh attempt to tackle digital identification will aim to improve upon the failed Verify project from 2013

The UK government has revealed its plans to introduce new legislation to securely handle the introduction of digital identities for use throughout modern society.

Announcing the news on Thursday following a consultation period, the Department for Culture, Media, and Sport (DCMS) said it sees digital identities being used in place of physical documents like passports and driving licences.

Online verification that requires scans of such physical documents will soon offer the opportunity to use a digital identity instead. The digital equivalent can also be used to buy age-restricted items in retail stores, such as alcohol.

The digital identities will not replace physical documents, the DCMS said, but can be used if anyone wants to - there will be no obligation to create a digital identity in the UK.

A new governing body for the technology will be formed, called the Office for Digital Identities and Attributes (ODIA), and companies that are tasked with handling the personal information associated with the digital identities will need to apply for a new, to-be-created trustmark to show they have the adequate protections in place.

“The ODIA will have the power to issue an easily recognised trustmark to certified digital identity organisations, to prove they meet the security and privacy standards needed to handle people’s data in a safe and consistent way,” said the DCMS.

“The ODIA will ensure trust-marked organisations adhere to the highest standards of security and privacy.”

The DCMS said it will bring the legislation forward when parliamentary time allows it to. In order for it to be implemented into law, a legal gateway that allows organisations to securely carry out verification checks needs to be established and proper checks will need to be made to ensure the digital identities are legally equal to physical documents.

Such digital identities will be accessible via mobile apps and websites, and are thought to help tackle the “record high” levels of fraud in the UK with an estimated 5 million cases in the year ending September 2021, the DCMS said.

Centralised vs decentralised identities

The proposed rollout will operate on a centralised model - it will see designated third-party organisations manage the digital identities of many people in the UK. This goes against the model suggested by Microsoft, which also published its views on the topic of digital identities on Thursday.

Related Resource

Multi-factor authentication deployment guide

A complete guide to selecting and deploying your MFA authentication guide

The whitepaper title on a strip of swirling blue and purple diagonal across the pageFree download

Microsoft said simply digitising a physical document like a driving licence and using it as a like-for-like replacement allows companies to see more information than perhaps may be necessary. Instead, it proposed a decentralised model which sees the individual own their identity fully and also the power to reveal or revoke parts of the digital document as needed.

“With decentralisation, you can prove the person is the genuine owner of the real-world identity by verifying their digital signed credentials,” it said. “Individuals can use a secure, encrypted wallet to store their identity data and easily control access to it.

“A decentralised identity could replace the need for usernames and passwords altogether and work with other forms of authentication to provide the required level of attestation.”

Government’s competence in question

The UK government has attempted to implement a secure digital verification for a number of years, most notably culminating in the widely admonished Verify project.

Verify was introduced in 2013 by the Government Digital Service and was slammed by the likes of the National Audit Office and internal Parliamentary committees for missing every one of its targets and “failing the public”, three years after its advent.

A panel of experts, assembled in 2020 to debate a techUK report on digital identification, called the government’s call for evidence “vague” and branded its response to the topic as “woeful”.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Europe's first autonomous petrol station opens in Lisbon
automation

Europe's first autonomous petrol station opens in Lisbon

23 May 2022
Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers
ransomware

Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers

26 May 2022