FB pixel

Australia’s digital identity trust exchange to launch by end of year

TEx to work through myGov digital wallet and enable minimal data sharing
Australia’s digital identity trust exchange to launch by end of year
 

Australia will roll out its comprehensive digital identity program by the end of 2024 as the government prepares to formally announce its national Trust Exchange, or TEx, which will enable digital identity verification across a host of services and transactions.

NewsWire reports that Government Services Minister Bill Shorten will make the announcement during his address to the National Press Club on Tuesday.

Services Australia will oversee the process of bringing TEx from its current proof-of-concept stage to full public implementation. Credentials will be housed in the myGov wallet, and will store personal data such as date-of-birth, address, citizenship, visa status, qualifications, occupational licenses, safety checks and other information the government already knows. Users will control what data is shared to meet ID requirements, minimizing the potential to provide unnecessary sensitive information.

A digital token system will also enable a simple transaction to verify details without the exchange of any personal information at all – a so-called “digital thumbs up.”

“You choose which information to share from your digital wallet and consent to its use,” says Shorten’s prepared speech. “You will have a record in your myGov wallet of what you shared and with whom you shared it.”

Shorten will reportedly point to examples of ID verification or identity exchange such as booking a hotel room with digital ID, or “the case of someone going to the local RSL (Returned and Services League of Australia) and wanting to prove they’re from interstate or that they’re over 18.” They could just hold up their phone to a scanner, which would retrieve a token that vouches their identity. “None of that information needs to be kept by the club. The token will be a valuable promise to the club, but of zero value to a cybercriminal,” because it contains no data, only a confirmation.

The government is leaning heavily on the message that the TEx digital identity scheme will make data safer with its “rigorous privacy and security standards.” Data protection protocols are to be tighter than the EU’s General Data Protection Regulation (GDPR).

Services Australia scolded over lax myGov fraud response

The Commonwealth Ombudsman has dropped the hammer on Services Australia, in a report summarizing its investigation into the agency’s response to myGov fraud arising from unauthorized linking to member service accounts.

The report, “Keeping myGov secure,” says unauthorized linking “is where a genuine myGov customer’s member service account is linked to a ‘fake’ myGov account without the customer’s knowledge or authorisation.” The Mandarin quotes ombud Iain Anderson, who says “people have told us about the stress and anxiety they experienced when their personal information was stolen, and fraud committed in their name.”

Services Australia, says Anderson, has not done enough to strengthen security for unauthorized linking leading to tax fraud. His report finds that “myGov’s current security controls do not adequately protect people from unauthorized linking where identity theft has occurred,” and notes an “apparent lack of formal processes for managing shared risks across the myGov ecosystem.”

There is also bureaucracy in the way, as “Services Australia’s ability to provide a coordinated response to customers reporting data breaches and fraud may be limited by its enabling legislation.”

The report puts forth four recommendations and two suggestions to help Services Australia get its data protection ducks in a row. They generally urge the agency to take a look at its current processes and work together with other agencies to implement better controls, such as multi-factor authentication (MFA) for high-risk transactions.

“Agencies who administer a system or program involving multiple agencies, such as myGov, should ensure they have a holistic view of associated risks to identify opportunities to improve the system and support other participating agencies to uplift their capability,” says a section entitled “Lessons for all agencies.”

“These agencies should also understand the levels of risk involved in the system and ensure risks that could impact other participants are managed effectively, including through identifying and managing shared risks.”

The overarching message? Do better at fixing the problem of unauthorized linking and other scams.

Related Posts

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Saudi Arabia’s Absher digital identity for financial inclusion and transactions

The Absher platform in the Kingdom of Saudi Arabia has emerged as the core pillar of the country’s efforts towards…

 

Malawi begins biometric voter registration pilot to test new system

A trial voter registration process will begin in Malawi tomorrow September 13 to put the country’s new Electoral Management Device…

 

Biometrics pilots, launches and investments foreshadow next areas for growth

Biometrics pilots, a patent, predictions and acquisitions paint a picture in the most popular news items of the week on…

 

Biometrics firms pitch privacy in age assurance ahead of US court battle

The U.S. is facing its first constitutional debate connected with age verification in 20 years: The Supreme Court will have…

 

Google announces beta test for digital IDs based on biometrics and US passports

A new type of digital ID based on U.S. passports in Google Wallet has been introduced ahead of beta testing….

 

Permira finalizes $1.3B majority stake acquisition of BioCatch

Permira Growth Opportunities has completed the acquisition of a majority position in behavioral biometrics and fraud prevention business BioCatch, four…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events