Centrelink frees up ID protocol

Welfare agency Centrelink has decided to make an internally developed smart card and ID authentication protocol freely available to external organisations.

Welfare agency Centrelink has decided to make an internally developed smart card and ID authentication protocol freely available to external organisations.

Dubbed the Protocol for Lightweight Authentication of Identity (PLAID) smart card authentication, the protocol will firstly be used in conjunction with Centrelink ID cards to secure staff access to buildings and IT systems. The agency has around 26,000 employees.

In a statement, Human Services Minister Joe Ludwig claimed existing technology in this field had been "at risk of breach by hackers", but PLAID would prevent the cracking of authentication systems and foil smart card cloning, at Centrelink and other groups.

"The idea is that commercial operators will build on PLAID by developing security software and hardware for other organisations to purchase and use," he said. "Centrelink will save money buying an ID authentication system, rather than building and maintaining a system in-house."

The Federal Government's GovDex site claims in an overview of the project that PLAID was "cryptographically stronger, faster and more private, than most or all equivalent protocols currently available either commercially or via existing standards".

The terms of the licence under which the technology is distributed specifies that its intellectual property rights remain the Federal Government, but the government grants users a perpetual, irrevocable, worldwide, non-exclusive, royalty free and no-charge licence to use, reproduce, communicate, sub-licence, incorporate into other products and distribute PLAID and its source code, subject to the inclusion of a copyright statement.