Resource material › Identity Verification Service › Information for Public Consultation

Contents

1. Introduction
2. The new service
3. The purpose of the identity verification service
4. How it works
5. Providing a secure service
6. Protecting your privacy
7. Convenience
8. After the consultation
9. Providing feedback
10. Definitions

1. Introduction

A new service is being introduced as a way for people to verify their identity to government agencies online and in real-time to a high level of confidence. The government now wants to hear your views on this.

This document has been prepared by the Department of Internal Affairs and the State Services Commission. It is intended to provide you with information on the proposed new service and gather your feedback on:

• What you think about verifying your identity to government agencies using the Internet; and

• What you think about the identity verification service.

The Internet is changing the way we do things and it is now used regularly across the world to help people access the services they need when they need them. In New Zealand, a new service is being developed that uses the Internet to allow you to verify your identity to government agencies quickly and simply when you need to.

To use some government services, people need to verify who they are. For example, government agencies cannot provide services that involve the exchange of money or personal information unless they have verified your identity. They can only provide services, such as student allowances, if they are sure about who they are dealing with.

The new identity verification service aims to provide you with a quick, easy and secure way to use the Internet to verify who you are. The service will be available from about 2009 and will be introduced in two phases. Initially, people who have received a New Zealand passport or grant of citizenship in the previous 5 years will be eligible to join the service as they will have the most up-to-date verified identities and photos. From about 2010, or once new laws are in place, the full service version will be introduced and made available more widely.

We would like to hear your views on this new service.

It’s completely up to you whether or not you choose to join, or use the service once you have joined. You will continue to be able to verify your identity to government agencies through the current means that each agency offers if you wish.

The service has been designed to include high levels of security and with your privacy as a priority.

Responsibility for the new identity verification service will be with the Department of Internal Affairs because it is the agency which has the greatest expertise and experience in establishing and verifying identity. The Department of Internal Affairs is the government agency responsible for passports, citizenship and registering births, deaths, marriages and civil unions.

The identity verification service will be provided as a part of igovt. Igovt is the working title for a group of online services aimed at helping you to interact with government securely and conveniently online. It also includes a service provided by the State Services Commission that lets you use one ‘logon’ (such as username and password) across government while protecting your privacy.

We are consulting you about the new service to let you know more about the service and gain feedback about its design. This follows on from consultation in 2003, when people were asked for their views on how government agencies could verify who they were dealing with when providing services through the Internet and which government agencies should play a role in the verification process.

Details of how to make a submission are shown in section 9. All submissions must be received by the Department of Internal Affairs by 4pm on Friday 7 December 2007.

You will find information about the proposed identity verification service below. If you have any queries about the consultation process phone 0800 idconsult (0800 432 667).

Back to Top

2. The new service

Currently, establishing and verifying your identity to government agencies can require you to provide multiple documents, which can take time. Additionally, different agencies can require different forms of identification and you can’t always do it online.

The New Zealand Government is exploring ways to make it easier to verify your identity using the Internet. It is developing an identity verification service that is quick, safe, and easy to use while protecting your privacy at the same time. Using the Internet for this provides the convenience of anytime/anywhere access.

Without the proposed identity verification service, each government agency would have to develop its own system to verify your identity each time you wanted to access government services using the Internet. This means that across government there would be duplicated costs of maintaining these systems, unnecessarily high transaction costs and inconsistent or inadequate levels of security protection.

• An effective, reliable identity verification service will:

• avoid the costs of individual agencies building expensive identity establishment infrastructure;

• ensure that opportunities for fraud and misdirection of services are minimised by strong identity establishment processes; and

• enable a new class of online government services to be developed and delivered.

The new identity verification service is part of igovt. Igovt is the working title for a group of online government services aimed at helping you interact with government agencies securely and conveniently online. Initially igovt will consist of two separate but integrated services presented through a single, common front-end.

1. a logon service (the government logon service) that provides ongoing confirmation that it is the same person accessing secure online services. This service is operated and maintained by the State Service Commission. The logon service can be used on its own, without the identity verification service, to provide logon management services to government agencies.
   
   
   
2. an identity verification service (the new service) that establishes and verifies who a person is. The new service will be operated and maintained by the Department of Internal Affairs. The service defines a person’s identity as an individual, i.e. a person distinctly and separately known from all others.

If people choose to use the new identity verification service they will also be using the logon service (the logon service provides logon management for the new service).

Providing the two services separately is deliberate and important in protecting privacy. The separation prevents information about who you are (the new identity verification service), being connected to information about your use of online services (the logon service).

We would like to know whether you are likely to use the Internet to verify your identity with a government agency.

Back to Top

3. The purpose of the identity verification service

The purpose of the new service is to allow you to use the Internet as an additional way to prove who you are when you are dealing with government agencies.

Identity verification is about using the identity that you have established to verify you are who you say you are. Once your identity has been established, you can use the Internet to verify who you are to government agencies that use the service and require this proof. This will be able to be done to a high level of confidence and it will be quick and easy to use.

The new service could help people to complete, online, the evidence of identity aspect of an activity such as renewing a passport or applying for a student loan. There may be other steps that need to be taken to complete these activities, but the new service will help with any part that requires a person to prove who they are.

The list of activities requiring identity verification is likely to grow over time. This means that the new service could result in more government services being available using the Internet.

We would like to hear from you regarding the type of services you might want to access that require you to verify your identity.

Over time, the government may consider extending the service so that people can choose to use it to also verify their identity to businesses and other organisations.

The Department of Internal Affairs is working together with the State Services Commission to develop the service.

We would like to know what you think of being able to verify your identity with businesses and other organisations.

Back to Top

4. How it works

Upon receiving your request, the service will create an electronic record that contains your core identity information (your name/s, date of birth, place of birth and sex). These are the things that make it easy for you to prove who you are.

This electronic record will be stored securely in a database held by the Department of Internal Affairs. Other agencies using the service will not hold this identity verification information on separate databases (unless you have agreed to their being sent it by the new service or have given it to them for other purposes). The only way that a government agency can be sent your identity information using this service is if you give permission by accessing the service using your personal logon details.

There are two steps in the process: joining the service and using the service.

Joining the service

You have to apply to join the service.

• In many cases, a government agency will have already established your identity to a high level of confidence. When the service initially starts if you have received a New Zealand passport or grant of citizenship in the previous 5 years you will be able to apply to join the service without having to go through the identity establishment step all over again.

• In other cases, you will have to submit documents and may have to go through other processes to establish your identity – a lot like applying for a passport.

• Having established your identity, your core identity information (name/s, date of birth, place of birth, and sex) will be electronically recorded and held securely in a database.

• A username, password, and token¹ (or something similar) will be provided. They are the “logon”, and required whenever the service is to be accessed.

This process is like obtaining and using a bankcard – an account and PIN number must be set up before the card can be used.

Using the service

Once you have joined, you can use the service to verify your identity to a government agency that uses the service whenever you need to, using the Internet.

• First, you will go to the website of the government agency providing the service you require.

• From there, you will be re-directed to the igovt website, which will ask for logon details.

• Once you have logged on, you will be able to view your identity information and then consent to it being sent to the specific government agency through the Internet. This all happens while online.

• You will then be re-directed back to the original government agency website, which will then know who you are and enable access to the service you require.

• The logon can also be used for ongoing access to that government agency’s online services.

The new service will not replace other methods of verifying identity. If you prefer, other ways of verifying your identity when accessing government services can be used, such as visiting the relevant government agency office.

¹A “token” is a physical device that can be used to provide extra security, over and above a username and password.

The new service will:

• Not be compulsory. People can choose to use or not use the service at any time and can still use existing ways of accessing services if preferred.

• Protect privacy. It has been designed to meet high privacy standards and has been assessed by an independent privacy assessor (you can read more about this below).

• Reduce the opportunities for breaches of security. It uses one logon in a secure environment to enable agencies to verify an identity. It will not send identity information to anyone else other than a genuine, authorised government agency.

The following example shows how a user might use the new service.

A prospective student wants to apply for a student loan online. She goes to the StudyLink website and applies.

StudyLink asks her to verify her identity online. Once she has confirmed that she wants her identity verified, a request is made to the new service. She is redirected to igovt, where she uses her username, token and password to log on.

She then reviews and consents to her identity information being sent. The service confirms her identity immediately and she returns to the StudyLink site to complete her application. This process is instantaneous and seamless.

StudyLink can then finish processing her application. Once this has been completed, the student is notified by email that her application has been completed and is being processed.

Back to Top

5. Providing a secure service

Security of personal information has been a major consideration in the design of the service. Some of the very best security standards, practices and guidelines available will be used to protect information, both while in transit and storage.

For example:

• The only way that a government agency can be sent your identity information using this service is if you give permission after logging on to igovt using your personal logon details.

• The service will provide you with an online way of checking your own service history, including which agencies you have used the service with.

• There will be regular independent reviews by experts to provide ongoing assurance that the security measures are working as intended.

We would like to know whether you believe that verifying your identity using the Internet can be sufficiently secure.

Back to Top

6. Protecting your privacy

The service is being designed with a strong commitment to protecting your privacy. A comprehensive range of privacy measures are proposed, including new laws, technical design, and appropriate administration of the service.

In particular, the technical design is such that the sharing of personal or collective information about your activities with other parties is not possible using the service. The service itself only knows your core identity information (name/s, date of birth, place of birth, and sex).

The government agencies whose services you access still have to provide alternative methods for you to verify your identity, such as postal services or offices that you can visit. There is no way for agencies to share information about anyone through this service.

The individual is in charge

You are in control and can decide whether to use the identity verification service or not. You have to give permission each time your identity information is sent to any other agency. You can choose to stop using it any time you like.

In addition, you will be able to view the history of your use of the service.

Privacy protections

Each agency involved with the service will identify you in a different way, using an identifier or code unique to that agency. There will be no external national unique identifier.

To use an example of how the different identifiers work, the Department of Internal Affairs will retain an "internal system number" as well as the numbers that it gives to other agencies. For example, if an identity verification credential² is obtained, the internal systems number might be 12345. When the same identity is verified to StudyLink a different number would be used (for example: 6789), and so on with another agency.

In this case:

• The Department of Internal Affairs would know: 12345/6789.

• StudyLink would know: 6789

On the basis of information provided by the new service, StudyLink would not be able to compare the services you receive from any other organisation. The Department of Internal Affairs knows the number at each site but would not know what specific services were requested.

There are other ways in which privacy is protected:

• Only a minimum amount of "core identity information" is stored (name/s, date of birth, place of birth and sex).

• Over time, legislation will provide for enhanced trust and transparency, along with penalties for those who seek to misuse the system.

• External and independent Privacy Impact Assessments will give assurance that privacy is being protected.

• The Privacy Act will apply and any complaints will be investigated independently.

• Data from the government logon service and the identity verification service will not be stored together.

• The identity verification service will not know what services you require or what you are, or could be, entitled to.

²A “credential” is a set of verified identity attributes in electronic form.

The identity card issue

The new identity verification service is not a national identity card. It has a number of features that clearly make it different.

• National ID cards are mandatory. The new identity verification service is not. A person has a choice as to whether they join, or use the new service.

• A person’s identity information (and possibly much more) is held on an ID card. The new identity verification service only stores a minimum amount of core identity information (name/s, date of birth, place of birth and sex). This information is held securely in a database.

• All of a person's identity information is available through an ID card, even if that information is not required. The new identity verification service gives agencies only the information they require.

• A national ID card typically can enable biometric information (e.g. fingerprints), to be passed electronically to another agency. The new identity verification service will not do this.

• Checking for theft or identity fraud is more difficult when using an ID card. The new identity verification service does that each time it is used.

Privacy Assessments

The Privacy Commissioner has been kept informed of the proposal. Privacy assessments will be ongoing. Previous privacy impact assessments are available online at www.e.govt.nz/services/authentication/ library/docs.

We would like to hear from you about whether you believe the identity verification service will ensure your privacy is protected.

Back to Top

7. Convenience

One of the major aims of the new service is that your identity will only have to be established with government once. You can then avoid the cost and effort of repeatedly having to provide documents to many different government agencies to prove who you are.

Once you have established your identity with the new identity verification service, you will be able to use that information as many times as you like to verify who you are with government agencies that use the service.

There will be a helpdesk and other customer support when help is needed. The helpdesk will be able to sort out problems with username, password, lost tokens, or any problem with logging on or using igovt or in accessing services.

Administration of the new service

Below are a few key points about the administration of the service:

• For most people, an identity verification credential will be based on the details held in relation to their passport, permanent residence or citizenship. If these details are not what the applicant wants recorded by the identity verification service they will have to go back to the agency that issued those documents, (if the person has changed his or her name since gaining residence or citizenship, for example).

• Not all identity verification information is sent to government agencies - the agencies will need to specify what information they require and it will only be sent if a person specifically agrees. For example, if an agency only needed to know your name and date of birth, that is all that the service will supply to it (assuming you consent). Your place of birth and sex would not be provided.

• An identity verification credential expires every 5 years. The reason for building in a renewal every 5 years is to ensure the integrity and security of the service.

We would like to hear whether you think the identity verification service will be useful to you.

An identity verification credential can only be used by the person it is issued for

A person can only verify their own identity using the new service. It is intended that an identity verification credential will expire if the person it was issued to has died. If a government service is required on behalf of another person, this will have to be discussed with the relevant government agency. No decision has been made at this point about the use of the new service by or for children.

A phased approach to introducing the service

The new service is proposed to be introduced in phases, beginning in 2009 and within existing laws. Initially, people who have received a New Zealand passport or grant of citizenship in the previous 5 years will be eligible to join the service, as they will have the most up-to-date verified identities and photos. Then, over time, processes will be developed to cover those who have received permanent residence in the last five years. Eventually, the service will be extended to establish people’s identity “from scratch” so that any person who wants to join the service can.

From 2010, or once new laws are in place, the full-service version will be introduced and made available more widely. The intention is that the identity verification service will be available to everyone who can establish their identity to the standards required by the Department of Internal Affairs and who accepts the service’s terms and conditions.

We would like your thoughts on whether people who don’t have a New Zealand passport or grant of citizenship should be able to register in the initial phase of the service.

Cost

At this point there has been no final decision on charging you for using the new identity verification service. We would welcome your views on this.

We are interested to know whether you feel that people should pay to use the service.

Back to Top

8. After the consultation

At the conclusion of the consultation, the Department of Internal Affairs will receive a report covering the views that have been expressed throughout the process. These views will be carefully analysed and used to refine the design of the service, as well as in development of supporting laws.

A report on the consultation will be made publicly available online. People can also request a copy to be emailed to them.

No individual will be identified in the report. The report will focus on the themes that come out of the consultation rather than singling out individual views.

Back to Top

9. Providing feedback

The Department of Internal Affairs is undertaking public consultation on the new service to let people know more about the proposed service and gain feedback about the design. This follows on from consultation in 2003, when people were asked for their views on how government could verify who it was dealing with when providing services through the Internet and which government agencies should play a role in the verification process.

To send you views, you can:

• Complete a submission response form online at www.dia.govt.nz/idconsult, or

• Download a submission response form from www.dia.govt.nz/idconsult to type and email your views, or

• Download a submission response form to complete by hand and post (call 0800 432 667 if you would like us to send you a form instead of downloading it).

• You can also write to us without using the submission response form.

Submissions returned by post should be sent to:

The Department of Internal Affairs
Identity Verification Consultation
freepost idconsult
PO Box 10526
The Terrace
Wellington 6143

(Note: No postage stamp is required if you quote ‘freepost idconsult’).

Submissions returned by email should be sent to idconsult@dia.govt.nz.

Please send your submission to arrive by 4pm on Friday 7 December 2007.

Back to Top

10. Definitions

All-of-government	Government agencies working together.
All-of-government Authentication Programme	The State Services Commission led programme to develop, operate and maintain all-of-government standards and services related to online authentication.
Authentication	The process of initial establishment and ongoing confirmation, to the required level, of the identity of one or more parties to a transaction.
Authentication key/ Hardware token	The “key” used by an individual to authenticate his or her identity using the Internet. Authentication keys include passwords, one-time passwords, software tokens, hardware tokens and biometrics. A hardware token is a specialised hardware device to protect cryptographic keys. It performs cryptographic operations. Use of hardware tokens normally requires a password or biometric.
Biometrics	Physical characteristics or behavioural patterns of a person such as fingerprints, thumbprints, hand geometry, iris patterns, speech patterns, face geometry, keyboard-typing patterns.
Core identity information	minimum set of information about the person (name/s, date of birth, place of birth, and sex).
Establishment of identity	The initial confirmation of a person’s identity and recording of a person’s core identity information (name/s, date of birth, place of birth, and sex).
Government Logon Service	The government logon service is the central infrastructure operated by the State Services Commission providing logon management. It: - Provides customers with a logon or key, such as a username and password or one time passwords - Validates logon and logon attributes when a logon is presented by a customer.
Government Agency	A government organisation listed in schedule 1 of the Ombudsmen Act 1975.
Identity	The set of verified attributes that together uniquely describe/define a specific individual.
Identity Verification Credential (IVC)	A set of verified identity attributes provided by a living person recorded in an electronic form containing the individual’s official name/s, date of birth, place of birth and sex. Each IVC has a unique serial number internal to the identity verification service and is linked to one or more high-strength keys provided by the government logon service.
Identity Fraud	To use the identity of a person without their express consent, for a purpose that the person is not aware of, and/or does not approve of. Generally for an illegal activity.
Identity Verification Service	A service provided by the Department of Internal Affairs that will allow individuals to verify their identity authoritatively to government agencies online.
igovt	The working title of the integrated authentication service that includes the government logon service and the new identity verification service. Igovt provides a common customer interface which is a single, integrated front-end access, to the government logon service and the identity verification service.
Logon	The combination of a username (logon identifier component) with one or more authentication keys (the authentication component) that is authenticated by the government logon service when presented by the customer.
Online authentication	The online process of establishing that an individual is who they say they are to the required level of confidence.
Password	A secret sequence composed of keyboard characters that are used with the authentication key.
Username	A construction of alphanumeric characters that is used to identify a customer within the authentication system. The username is used to identify the customer, or their authentication key, to the verifier as part of the authentication process.
Verification of identity	Subsequent confirmation of the person’s identity and identity information by the identity verification service, to an agency.

Back to Top

• Return to main consultation page: www.dia.govt.nz/idconsult