Tweak existing UK digital ID scheme, don’t launch overlapping new one: Stakeholders

Observers and participants in the UK’s digital identity ecosystem are coming together in expressing that whether or not Right to Work checks are the appropriate mechanism for cutting back on illegal immigration, as proposed by Prime Minister Keir Starmer, a mandatory, government-issued digital ID is not.

They say the Digital Identity and Attributes Framework provides the basis to perform the same function (whether or not that function will have its intended effect), but without alienating the public and being consigned to history’s dustbin by the successive government.

Umazi CEO Cindy van Niekerk points out to Decrypt that under the current system, service providers and employers are often sent scans of ID documents like passports, which are often stored by there relying parties and could attract hackers looking to steal personal data. The observation raises the prospect that any digital ID could be better.

But around the industry, many believe the current moment is an opportunity for something much better than an improvement on the legacy paper-based system.

UK lawyer and digital identity expert Richard Oliphant points out that the DIATF and One Login represent a pair of voluntary digital ID schemes already in operation. His six-step plan for the UK government to fix its self-made mess starts with educating the public about those two schemes during the consultation period for a prospective new one. In a LinkedIn post, he suggests abandoning the mandatory ID plan, restricting One Login and the associated digital wallet to public services, and allowing DIATF-certified providers to store government-issued verifiable credentials (VCs) in their wallets. Those DIATF providers can fight it out in the private sector. His final recommendation for the government is to acknowledge that concerns about surveillance and mandatory digital ID are not confined to civil liberties activists.

The plan right now is for One Login to be used for public and private sector services.

Government Digital Service Director for Digital Identity Natalie Jones said at the recent Think Cybersecurity and Digital Identity for Government that One Login will be the only way to access central government services by the end of 2027, Think Digital reports.

David Crack, chair of both CDD and the Association of Document Validation Professionals (ADVP), similarly calls for a less drastic change to enable Right to Work checks with less cost and disruption.

That means modifying the supplementary code for Right to Work and updating the employer’s guide, setting a specification for the right kind of VC, and letting it live in digital wallets from the private sector, Crack writes.

David Birch told The Independent that the UK needs a workable digital ID infrastructure they can use to present verifiable credentials, but not a digital ID issued by the government.

In a comment on Crack’s post, Yoti CEO Robin Tombs foreshadows an age token, interoperable between providers and reusable, needing only a clear minimum standard from Ofcom. Crack suggests the same is possible for Right to Work checks.

OneID Director of Market Development Adrian Field defines the terms of the debate and breaks down the costs, harkening back to the government’s own call for a “digital backbone” from the government to enable the private sector as part of its “blueprint for modern digital government.”

He recommends the development of a decentralized digital ID strategy that could underpin other strategies, again centered around the DIATF.

Financial markets and fintech commentator Chris Skinner warns in his blog that the new scheme is “dead on arrival.”

“What’s weird,” Skinner writes, “is that we all know that we need protection, security and some form of identity scheme, the thing is what scheme do we want?”

The combination of zero knowledge proofs tokenized as VCs and user control (a function of decentralization) can provide the security that people want, he argues.

Instead, Skinner sees the current idea as a retread of Labour’s ill-fated 2010 attempt to set up national ID cards for the UK: “Looks like it’s all going to happen again.”

Article Topics

biometrics  |  David Crack  |  digital ID  |  digital wallets  |  Gov.UK  |  Richard Oliphant  |  UK digital ID