Digital ID presents challenges for some accessing public benefits online: report

Picture this: you’re a 61-year-old retired truck driver looking to access public benefits. You discover the system has been moved online. You don’t have a home computer, and when your phone asks you to prove your identity with a selfie, your first instinct is to put it under your tire and drive away.

This is the problem that the Digital Benefits Network (DBN), a project of the Beeck Center for Social Impact + Innovation at Georgetown University, is hoping to solve. The DBN has collaborated with the Public Policy Lab on research into peoples’ experiences with digital identity processes and technology when accessing benefits. It works on the principle that directly engaging with the stories of beneficiaries is critical in designing systems that balance security with accessibility.

A summary online says the team “engaged 33 participants across Boston, Massachusetts; Phoenix and Tucson, Arizona; and Yonkers, New York.” The effort focused on people who have recently applied online for programs like Medicaid, SNAP, and Unemployment Insurance (UI), and “honed in on four key inquiry areas: access, consent, support, and trust.”

Key findings for the biometrics industry in the “Digital Doorways to Public Benefits” report include the fact that beneficiaries are split on comfort level with biometrics, and that biometric verification can “come with usability issues and doubt.”

It quotes “Terrance” (an alias), a participant from New York, who fears identity theft: “If someone wants my information or picture or ID, like a lot of people on Craigslist now, for like, gigs and stuff and jobs, they want your your identification, like I don’t even know you – why would I give you that, you could steal my identity and give it to somebody else?”

To build trust, the report recommends several actions and practices.

First, clear and simple communication about what’s being done with a user’s data, and why. People want to know, for instance, why they’re asked to submit the same data multiple times. Explain your purpose and process for collecting data, and respect data minimization. For those who want to talk to a human, “invest in maintaining and strengthening human support pathways.” Inclusivity should be a guiding principle.

Second, only ask users to create an account if absolutely necessary. “Structure the password creation process to make it easier for beneficiaries to make strong security choices.” Multiple clear pathways for multifactor authentication help, as do established, easy password recovery processes.

Third, take a risk-based approach to online identity proofing, and “if proofing is necessary, ensure there are multiple ways for beneficiaries to prove their identities.”

Finally, it cautions against defaulting to biometrics: “Be cautious about adopting alternatives like biometrics and mobile driver’s licenses (mDLS). Collecting biometrics as part of identity proofing means that someone (likely a third-party vendor) must be responsible for managing the retention and deletion of biometric records. Biometrics are much harder to change than passwords if exposed in a breach.”

On mDLS, it offers similar advice: “approach the integration of mobile driver’s license programs with caution, and employ strong privacy guardrails and data minimization practices.”

The Digital Benefits Network and Public Policy Lab will host a webinar to review the research on Monday, September 15th from 3-4 p.m. ET.

Article Topics

Beeck Center  |  biometrics  |  digital ID  |  digital identity  |  digital trust  |  social protection