OCR Labs granted accreditation as first private 'trusted' government ID operator

The digital identity services provider now joins Australia Post and myGovID as an accredited trusted identity provider.

Australian-based OCR Labs has become the first accredited non-government operator that provides digital identity services to the private sector under the federal government's Trusted Digital Identity Framework (TDIF).

By becoming an accredited provider, OCR Labs now ensures its private sector customers, such as those in banking, finance, and telecommunications that are using its identity services can "trust that their identity information can be verified, and is protected", Minister for Employment, Workforce, Skills, Small and Family Business Stuart Robert said.

"We want Australians to have confidence that their information is private and secure, regardless of who holds it. It has become increasingly important in this digital age to be able to establish trust, particularly online," he said.

OCR Labs applied for accreditation in February and was required to undergo a series of evaluations to ensure it met the TDIF standards, rules, and guidelines that set out best practices for digital identity services.

OCR Labs satisfied 262 TDIF requirements, including protective security, privacy assurance, risk management, usability, and accessibility, and demonstrated it met the applicable requirements of the fourth iteration of the TDIF, which was published in May 2020.

The company will be required to continually demonstrate it meets the TDIF obligations by undertaking annual assessments.

OCR Labs intends to further enhance its TDIF accreditation to Identity Proofing Level 2 Plus before the end of 2021.

"Digital Identity underpins the government's Digital Economy Strategy that will allow Australian businesses like OCR Labs, and in particular small business, to capitalise on the opportunities that digital technologies are creating, enabling them to grow and create jobs as part of Australia's economic recovery," Robert said.

The federal government's myGovID was the first to be granted a TDIF accreditation, followed by Australia Post's Digital ID. Eftpos said it has also applied for its ConnectID to become TDIF accredited.

Elsewhere, the federal government announced it has transitioned to the Australian Immunisation Register (AIR) to source all information related to the nation's COVID-19 vaccine rollout.

Previously, data was a mix between self-reported information about the number of doses administered by each jurisdiction, and the aged care and disability sector, and AIR for primary care.

The transition to AIR will now include information about doses administered by the Australian Defence Force, Department of Foreign Affairs and Trade, and Australian Institute of Sport (AIS), which vaccinated the Australian Olympic Team as part of primary care, as well as the total number of doses for each jurisdiction from all channels and data derived from AIR, plus metrics on people with at least one dose and people who are fully vaccinated.

The Department of Health touted the move as one that would provide access to more "comprehensive and consistent data".  

"Transitioning to AIR reporting ensures data is consistent and aligned across all reporting," it said.

"Jurisdictions have access to AIR so all governments in Australia have the same information base. The update of vaccination information into AIR is generally within 24 hours of the vaccination taking place."

Collating COVID-19 vaccination data comes off the back of Australia's Data and Digital ministers agreeing on Friday to a national data sharing work program, following the signing of the Intergovernmental Agreement on Data Sharing by all Australian governments at the National Cabinet in early July. The agreement to work on a data-sharing work program was first raised during a meeting between the ministers back in April.

According to the communique from the latest meeting, the ministers have agreed to take action to address national priority data sharing areas. These initial areas will include natural hazards and emergency management, waste management, and road safety, with plans that future priority data sharing areas will include family, domestic, and sexual violence, closing the gap, and veterans' health.

Further, the ministers agreed to reform the federal and state and territory data sharing system under the work program by developing an Australia Data Network, standardising operating procedures for data sharing activities, improving data discoverability through machine-readable metadata for data sharing priorities, and adopting a share-once use-often model for aggregate de-identified administrative data.

"The intergovernmental agreement on data sharing recognises data is a shared national asset and aims to maximise the value of data to deliver outstanding policies and services for citizens. The agreement commits all jurisdictions to share data as a default position, where it can be done securely, safely, lawfully, and ethically," the communique said.

The communique also detailed that the ministers discussed opportunities to explore possibilities of how digital birth certificates could be used for "future interoperability to support citizens' engagement with governments".

In April, the New South Wales government announced it was working on the development of a national digital birth certificate. The NSW government said it is looking into how to incorporate it with the federal government's myGov. 

Related Coverage