iPhones could be used for citizen ID

Smartphones are among a variety of technology that could be used by the government to authenticate people on public-sector websites
Written by Tom Espiner, Contributor

Smartphones could identify citizens for access to official services, the government has said in a review of new technologies for public ID.

On Tuesday, the government asked technologists to come forward with ideas for authentication technologies that citizens can use to log on to public sector websites.

Directgov chief technology officer David Matthewman told an audience of IT professionals at the Innovate '09 conference on Tuesday that the government is looking for authentication methods or tokens for use across all government websites.

"It could be biometric fingerprints in the long term," said Matthewman. "In the short term, it could be an applet on an iPhone, it could be a smartcard. We are agnostic and we are looking for your opinion."

The government is in the process of rationalising its centralised departmental websites so that they can be accessed through the Directgov portal. For different services, such as the DVLA and Identity and Passport Service, citizens at present need separate, different keys. The government is looking at ways of authenticating citizens using a single key for all services: in the US, the same thinking has led to the adoption of the OpenID protocol and multiple authentication providers.

Matthewman said not only do citizens need to be able to trust the government website they are visiting, but the government needs a reliable way of establishing the identity of the person when online.

"Creating a single sign-on is quite straightforward, but how do I trust the website?" said Matthewman. "I got 17 pieces of spam this morning telling me to logon to HMRC and give my tax details."

Matthewman said any key or token would have to be interoperable, and may be made available to businesses.

"We believe there is scope for an identity utility that might be leveraged by the private sector," said Matthewman. "We'd like to hear ideas about how you would exploit the opportunity."

Matthewman told ZDNet UK that ID cards would be a part of the government's authentication efforts, but that citizens would be able to use other tokens.

"ID cards are part of this, but we are credential agnostic," said Matthewman. "ID cards are not the only game in town. We recognise the need for choice."

Andrew Tyrer, network security platform leader at the Technology Strategy Board (TSB), told ZDNet UK on Tuesday that citizens being able to specify their own privacy settings for their dealings with government was important.

"Privacy and consent informs this work," said Tyrer. "We will address privacy and understand the concerns."

The TSB is a non-departmental public body that distributes government funds to start-ups and innovative organisations, and encourages knowledge sharing. Tyrer added that the TSB intends to launch an £8m trusted services competition in March, where technology companies will compete with the tokens or keys they have devised. Directgov will be the "challenge holder" or arbiter of the competition.

Editorial standards