Analysing cloud identity as a service for governments

The OIX (Open Identity Exchange) is a new Internet standards organization that provides the framework to implement Assured Identity.

An example of this in practice is explained in this case study published by the new UK chapter of the OIX, for South Yorkshire’s Digital By Default project.

Bridging the Digital Divide

This is an excellent, leading edge case study (featuring SecureKey) that explains this technical field, and it is also notable for its pioneering work with regards to the concept known as ‘Bridging the Digital Divide’.

For example in the South Yorkshire case study, they describe:

  • Enabling new financial e-services for the “unbanked”.
  • Overcome two-way distrust: The person of the system, and the system of the person. Identity proofing issues were too demanding of this group, and they themselves did not feel their money was safe virtually.
  • The goal is to enable more use of virtual money, via changing payments to be via an O2 Money prepaid VISA card, however this group would fail the required Identity proofing procedures or they would be too onerous.
  • The solution is achieved through a combination of Identity federation and ‘trust networks’ – The financial sector trusts the Credit Union process to implement a suitably robust enough procedure, and they in turn make better use of their on-premise relationship to make it simpler for the customer.

Driving Business Value

We can see the critical role Identity systems will play in helping governments realize the business benefits of Digital Government.

As the SOCITM report identifies the cost to government to perform customer interaction activities drops dramatically the more the process moves online.

This case study is so important because not only does it identify how this cost reduction can be achieved but also does so for a group who are the least connected and have no ‘digital footprint’ at all. Helping this group move online not only validates that the service is universally accessible but also how it can play the critical ‘bridge’ role needed to actually cross the Digital Divide.

In this scenario the project targeted those with no ‘digital footprint’, ie no online use of any kind, and who experienced poverty, social exclusion etc.

In particular the project identified:

“The project aimed to test the hypothesis that if Credit Union customers had a familiar authentication mechanism they would be more inclined to access services digitally, and less inclined to use telephone and face-to-face access channels.”

The initial pilot scope proved successful, where the the CU could perform the Identity ‘enrollment‘ process, creating a one time link between an in-store visit by a customer, their payment card ID and also an online identity entry that includes the same photo. SecureKey created a mechanism where the photo and authorization tokens were linked via a unique identifier.

This means any one who accepts the card can also use it for their own identity proofing procedure, for example the local pharmacy accepted the card in this case, with others such as GPs expressing interest to do so too. So in short the answer is yes, these improved tools do indeed make service access easier and more inviting.

It also helped with adoption too. For example a concern was virtual money would be harder to manage, more easily spent and uncontrolled, when actually features like receiving a balance update via text alert after each purchase, helped improve this too.

A key trend noticed was that while there was little existing use of the Internet or email, there was a high usage of smartphones, so these features could be exploited for this reason, better empowering each individual as well as smoothing some of the many corners they face each day.

As is:
$14 per person per identity proof process
Duplicated ID checking procedures – manual paper-based

To be:
$0 – Cash sent straight to money card
Eliminated visits