New Zealand's model identity model
The New Zealand’s government identity service RealMe is lauded internationally and has created opportunities for online efficiencies.
Launched in July 2013, the end goal of the service is for citizens to have a single login and password for all secure online services delivered by public and private sector organisations in New Zealand.
This dream is some way from becoming a reality.
Currently New Zealand’s 4.5 million citizens can use RealMe as their single username and password to login to a range of government departments. However, a verified RealMe account, which can securely prove a person’s identity, can only be used with New Zealand banks BNZ and TSB Bank.
RealMe can be used to open a range of BNZ transactional ac- counts online via their website.
TSB Bank offers the RealMe service to enable a TSB Bank account to be opened via their mobile banking app. Other major banks are expected to be on board during 2014.
RealMe can also be used to order important official documents, like birth, death, marriage and civil union certificates. Other services expected to join in 2014 include life insurance, KiwiSaver schemes and enrolling to vote.
To register people need to visit a NZ PostShop, where they are digitally photographed and their identity is checked against pass- port records. Citizens need to re-enrol every five years.
The advantage for users of the RealMe service is the high level of security: a code is texted to their mobile phone every time their RealMe identity is used.
The advantage to businesses like banks is that it provides a higher level of identity verification than is currently available, because of the hook up with the government.
Users need to consent before the system will provide their identity information to an organisation. Organisations also have to provide an alternative means of establishing identity.
Gartner research director Anne Robins says the federated model the RealMe system follows is a good approach. “It has a very high proportion of uptake,” she explains.
“They haven’t tried to centralise the delivery of the service; if you want to deal with a welfare issue you go to the department. But they have centralised the verification of the identity so that citizens don’t need to do that with each and every agency.”
Some countries in Asia have what is seen as robust centralised identity systems for citizens.
Jason Ha, national manager of the security practice for Dimension Data Australia, says countries such as Singapore or Korea have quite robust systems.
“In Singapore you can do pretty much everything online, including voting, but most of it is fairly well brokered through the single identity, driven by the concept of the Singapore Identity Card.”
The United States of America is viewed as “exceptionally” conservative on the issue, First Point Global co-founder Jan Zeilinga adds.
“If you look at the United Kingdom government, they are pushing out assurance services to external entities.” – Kelly Mills
This case study originally ran in the May-June 2014 issue of Government Technology Review
Demystifying zero trust for government
As zero trust becomes more central to ICT environments, it needs to be considered not just as an...
Cyberwarfare 2025: the rise of AI weapons, zero-days and state-sponsored chaos
Nation-states and rogue factions are rapidly integrating cyber attacks into their military...
Phishing-resistant MFA: elevating security standards in the public sector
Phishing remains a significant issue for government agencies, and current MFA solutions often...