Verizon “temporarily removed” as GOV.UK Verify ID provider
The number of companies presently supporting ID platform as it undergoes development has been reduced to seven as Verizon looks to gain external certification
A total of seven companies are presently accredited to support the GOV.UK Verify ID assurance platform after it was confirmed that Verizon has been “temporarily removed” as a contracted provider.
Confirming that it is not presently providing ID services to support the platform, the company said it was looking to complete additional independent certification as required as part of its contractual terms with the government.
Planned to link up gradually with 50 government services online, Verify, which was classified as a ‘live’ service in May, aims to allow an individual to select one of several pre-chosen companies to perform a check on their identity in order to access government online services. The platform is designed to confirm identity at a level of assurance (LOA) 2 security standard that would stand up in a civil court.
A spokesperson for the Government Digital Service (GDS) said that as part of its contractual framework, all providers chosen to support GOV.UK Verify had demonstrated that they were able to deliver a “secure, trustworthy” service, as well as gaining external accreditation.
However, the government said that, “Recent changes to Verizon’s contracting structure mean that the service in its current form has not yet fully completed the external certification process. Verizon is working with Cabinet Office and independent auditors to make sure their service meets the contractual requirements, is fully accredited, and gives the best results possible for users.”
With work underway by Verizon to obtain additional certification, users will not be able to select the company to provide identity verification to access any participating government services.
Aside from the issue of accreditation, earlier this month GDS said it was continuing to try and improve the service in a number of key areas including usage figures and the rates of successful creation and reuse of certified accounts.
Based on the government’s own performance figures, the service completion rate, defined as the proportion of visits to GOV.UK Verify that result in successful user sign-in or account creation, has been recorded consistently between 43% and 30% for the last three months.
GDS said it was also focused on maintaining the platform in areas such as an improved ability to detect and report malicious transactions within the service, while trying to encourage increasing use of the platform within government.
“We want departments across government to increasingly adopt GOV.UK Verify because it’s secure, straightforward and meets the needs of their users,” said GDS in a blog post.
To try and meet the aims of improved uptake, GDS said it has worked to develop the overall hub site of the service through user research.
The ongoing development of the platform has come at a time when GDS is also opening up discovery work around potential the implications for using the platform or its design standards to access local government and private sector services.
In the area of financial services in particular, the government has worked with the Open Identity Exchange (OIX) over how private organisations may benefit from digital identities that build on Verify and its standards.
The Tax Incentivised Savings Association (TISA) - a body representing leading UK banking groups and pension providers – is in the process of developing a prototype digital ID for UK financial services consumers that makes use of Verify.
TISA director general David Dalton-Brown said the key challenges of this work were based around meeting the required level of verification to support existing regulation and ensuring a solution can be provided through 100% digital means.
“TISA’s work with the Verify team have been very helpful in understanding the key issues in developing a digital ID for UK financial services – we continue to work with and support the work of the Verify team,” he said.
Although the Cabinet Office has previously said that the functions of the legacy government Gateway system would be superseded by GOV.UK Verify, it is understood that this will only apply to services for individual applicants and not companies or organisations.
The head of GDS' identity assurance programme has previously said that no plans existed to consider using Verify for other Government Gateway functions like business service transactions with departments.
Dalton-Brown said that the TISA digital identity project was designed to support individual consumers and therefore aligned with the aims of Verify.
However, a source with knowledge of the wider identity market has argued that the level of assurance provided by the GOV.UK Verify platform was far below that required for opening a bank account. As such, the same individual said there remained unanswered questions about how the platform, and OIX's wider work, may comply and meet wider European and international accreditation standards for online identity based on Verify standards.